Data Security and Protection

Safeguarding Information and Empowering Digital Trust.

Western State University (WSU) processes, stores, and transfers an immense quantity of electronic information to conduct its academic and business daily. The University is committed to full compliance with all WSU State standards for the protection of information assets and information technology resources that support all WSU educational operations. WSU is also committed to the privacy and accuracy of personnel information. The University shall take all necessary and reasonable actions to protect data privacy.

Personal data collection and protection
WSU may collect information of its students during the registration process to Moodle or its recruitment system. The information may include, but not limited to, the following: name, age, date of birth, identity number or social security number, ethic group, address, email, phone number, employment data, user ID, user password, credit card information, IP address, course information.

WSU uses personal information to provide the highest quality academics, services and/or employment opportunity. The information is also used for reports for federal and state accreditation and regulatory agencies, as required by law. WSU also uses the information to contact people who have been identified by the student to provide documents or responses to candidates/ students/ employees. Personal data will only be processed in a manner compatible with these purposes.

WSU will not use personal information for commercial purposes. WSU will also limit the number of staff who have access to sensitive information and data such as identification or social security number, personal financial data, health information, etc.

Paper personal information will be housed in locked fire-proof file cabinet. Electronic personal information will be housed on the WSU drive with defined access protections. Information will not be stored longer than the required retention period as specified in the Record Management Policy. 

A student has the right to review only his/her own personal file and data.

Privacy of Electronic Communications
Each WSU faculty and staff member is responsible for the protection and security of administration of networks, email servers and systems. WSU respects to the privacy of electronic communications. The university does not examine or disclose electronic communications records without expressed permission/consent of the parties involved unless WSU is under a legal requirement to disclose such information.
Information Security Policy
WSU seeks to protect sensitive information of students, faculty and staff. In order to this the University has taken steps to ensure that: 
  • Information will be protected against unauthorized access or misuse.
  • Confidentiality of information will be secured.
  • Integrity of information will be maintained.
  • When information is no longer of use, it is disposed of
  • All information security incidents will be reported immediately to the IT Help Desk.
The institution requires all users to exercise a duty of care in relation to the operation and use of its information systems.  Students and Faculty will be issued a unique user identity. Any password associated with a user identity must not be disclosed to any other person.
Acceptable use of information systems
  1. All computing assets delivered by WSU remain entirely under the responsibility of the scholarship student.
  2. The computing asset has to be used for educational and research purposes only.
  3. The use of these assets like laptops are for personal use only, therefore, the loan of these assets to third parties is totally prohibited.
  4. In the event of theft or loss of the delivered assets, the student has the responsibility of notifying the immediately superior manager or Manager of this event, the notification should not be more than 24 hours after the event occurred.
  5. In the event that these assets suffer damage caused by falls, blows, liquid spills, among others, these actions must be notified to the immediate superior or Manager in charge and according to the damage caused, the corresponding measures will be taken.
  6. The use of these assets for malicious purposes like the installation and use of programs to carry out computer attacks such as denial of service, malware infection, exploitation of vulnerabilities, among others, is totally prohibited.
  7. You must activate the antivirus protection and the firewall which are installed by default in the operating system, it is totally prohibited to deactivate these two functions.

Social Networking Policy
The Internet provides a number of benefits for common use, However, when someone clearly identifies their association with WSU they are expected to behave appropriately when on the Internet, and in ways that are consistent with the code of conduct. Access to the internet changes the way that faculty and students engage, and the same principles and guidelines that apply to interactions between faculty and students, in general, apply to activities digitally.

  • Should not engage in digital activities that are unfavorable to WSU
  • Should not use any form of social network in any way to attack or abuse colleagues and/or students.
  • Should not post derogatory or offensive comments on the Internet.
  • Are strongly encouraged to make any and all personal digital profiles private