CSU, Chico Employee Access and Compliance Agreement

I understand that I am being granted access to university information and data based on my agreement to comply with the following terms and conditions:

  • I will comply with state and federal laws and University policies that govern access to and use of information accessible through a University information system. While a current summary of state and federal laws is described below, these laws may be revised which may necessitate additional training and requirements.

The California State University (CSU) has responsibility to protect sensitive personal data and maintain confidentiality of that data under the Information Practices Act (IPA) and Title 5. 

The Information Practices Act, California Civil Code §1798, et seq., requires the Chancellor’s Office and campuses to collect, use, maintain, and disseminate information relating to individuals in accordance with its provisions. The CSU is obligated under IPA to disclose any breach of system security to California residents whose unencrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person. General Counsel’s Records Access Manual located at 
https://csyou.calstate.edu/Divisions-Orgs/OGC/Documents/records-access-manual-oct2011.pdf addresses the IPA disclosure requirements.

Additionally, §42396 through §42396.5 of Title 5 of the California Code of Regulations address privacy and the principles of personnel information management.

Additional documents on protecting confidential data are available at Human Resources’ Policy Web site at http://www.calstate.edu/HRAdm/policies.shtml(under Confidentiality/Protection of Personal Data).

  • My right to access information and/or data is strictly limited to the specific information and data that is relevant and necessary for me to perform my job-related duties.
  • I will maintain the privacy and confidentiality of the information and data that I obtain, including storing and disposing of the information so it remains confidential.
  • I will secure access to confidential/sensitive data by taking appropriate actions, which may include, but are not limited to, locking the data in cabinets, locking my office, signing off the system when not actively using it, not leaving the data open on the computer screen or my desk, etc.
  • Before sharing information or data with others, electronically or otherwise, I will make reasonable efforts to ensure that the recipient is authorized to receive that information or data. I will sign off the Human Resource Information System prior to leaving the terminal/PC.
  • I will keep my password(s) to myself, and will not disclose them to others unless my immediate supervisor authorizes such disclosure in writing.

I understand that if I intentionally misuse personal information or data that I obtain through my employment, I may be subject to corrective action (counseling and reprimands) or disciplinary action (i.e., suspension, discharge or downgrade) pursuant to the applicable California Education Code provisions and collective bargaining agreements.