Privacy Policies
UMBC values privacy as essential for upholding academic integrity, intellectual freedom, and personal autonomy. Safeguarding your privacy is part of the university’s core mission. Our commitment is to prioritize your privacy and security by adhering to the highest standards of data protection and regulatory compliance. Our comprehensive data privacy and security policies outline how we handle, protect, and manage data across all aspects of our university’s operations. These policies are designed to ensure compliance with state and federal regulations while fostering a culture of transparency, integrity, and responsibility within the UMBC community.
Privacy Policy
The privacy policy emphasizes the responsible, ethical, and legal collection and use of Personally Identifiable Information (PII), respecting individuals’ rights while fulfilling academic, legal, and research responsibilities. Data management is seen as a strategic resource, and access to data is provided based on its sensitivity and user roles.
The purpose of the policy is to establish a Privacy Governance Program to ensure PII in UMBC’s Systems of Record is accurate, timely, and protected from unauthorized disclosure. All members of the UMBC community who handle PII must understand their responsibility to protect privacy.
UMBC’s compliance with privacy and public record obligations follows Maryland state laws, U.S. federal regulations, and international privacy laws where applicable. However, as a public institution, some information may be subject to disclosure under the Maryland Public Information Act.
This policy is part of a broader framework of related policies and IT security standards, ensuring the responsible handling of data across UMBC.
UMBC Policy on the Classification and Protection of Confidential Information
UMBC views data and information as valuable assets that must be protected from loss of confidentiality, integrity, or availability. Members of the UMBC community are responsible for safeguarding confidential information related to the university’s educational and research mission. This policy outlines data classification into four levels (0-3), with Level 3 being the most sensitive and requiring the highest security measures.
Confidential information includes personally identifiable information (PII), sensitive research data, proprietary UMBC information, and data protected by law (e.g., HIPAA). Data Stewards are responsible for classifying data and ensuring it is properly protected when shared with third parties. Any breach or exposure of confidential data must be reported immediately to the Chief Information Security Officer (CISO).
The policy also aligns with UMBC’s broader IT security policies and complies with state and federal regulations.
SMS Terms and Conditions – UMBC4U
UMBC offers a text messaging service (UMBC4U) for prospective students, providing updates on events, admissions, and financial aid. Subscribing is optional and not required for admission. Message frequency varies, and users must be over 13 to sign up.
Personal information shared remains confidential, used only by UMBC and relevant parties to support the admissions process. Message and data rates may apply, and UMBC is not responsible for these costs. To subscribe, text JOIN to UMBC4U (862248); to unsubscribe, text STOP. For assistance, text HELP.
UMBC will never request sensitive personal information via SMS. Participation in the SMS service does not create a contract or guarantee admission. Communications may be subject to disclosure under Maryland’s Public Information Act. For more details, visit UMBC’s privacy policy.
Web Site and UMBC App Privacy Statement
UMBC is committed to protecting the privacy of users of its official websites and mobile app. This policy explains how personal information submitted through these platforms is handled, outlining UMBC’s privacy practices. Although UMBC does not actively share personal information, as a public institution, some data may be subject to disclosure under the Maryland Public Information Act.
The policy aims to educate users about privacy issues and inform them of specific privacy protections. UMBC complies with FERPA to safeguard student education records and ensures that confidential data, such as PII, is protected from unauthorized access. Users are advised to be cautious when sharing personal information in public forums on UMBC platforms. Additionally, the policy covers the use of cookies, third-party content, and data security measures in e-commerce transactions.