TR-1 Privacy Notice

Description

Effective notice, by virtue of its clarity, readability, and comprehensiveness, enables individuals to understand how an organization uses PII generally and, where appropriate, to make an informed decision prior to providing PII to an organization. Effective notice also demonstrates the privacy considerations that the organization has addressed in implementing its information practices.

The organization may provide general public notice through a variety of means, as required by law or policy, including

  1. System of Records Notices (SORNs),
  2. Privacy Impact Assessments (PIAs), or
  3. in a website privacy policy.

As required by the Privacy Act, the organization also provides direct notice to individuals via Privacy Act Statements on the paper and electronic forms it uses to collect PII, or on separate forms that can be retained by the individuals.

The organization Senior Agency Official for Privacy (SAOP)/Chief Privacy Officer (CPO) is responsible for the content of the organization’s public notices, in consultation with legal counsel and relevant program managers.

The public notice requirement in this Control is satisfied by an organization’s compliance with the public notice provisions of the Privacy Act, the E-Government Act’s PIA requirement, with OMB guidance related to federal agency privacy notices, and, where applicable, with policy pertaining to participation in the Information Sharing Environment (ISE).

Changing PII practice or policy without prior notice is disfavored and should only be undertaken in consultation with the SAOP/CPO and counsel.

Applicability

These standards apply to all users of TAMU-CC information and information technology resources regardless of affiliation, and irrespective of whether these resources are accessed from on-campus or off-campus locations, in both centralized and decentralized (distributed) IT environments, owned or managed by the University.

This standard applies to all University data, and are to be followed by Users, Owner, or Custodians, who capture data and manage administrative information systems using university assets

Implementation

TAMU-CC shall publish a privacy notice on websites owned by the University which contains, at a minimum, the content contained on The Texas A&M University System’s website.

Revision History

Last Updated: February 21, 2025

Previous Versions:

  • June 29, 2023
  • May 31, 2022
  • March 25, 2021
  • September 16, 2019

Chief Information Security and Privacy Officer

Submit a Ticket

News

See All News

Events

See All Events