Data Privacy and Security Reminders for Employees
Avoid Online Scams
Remain vigilant in responding to emails from outside of SVA and be on the lookout for phishing attempts. As a reminder, even when you are working from home, we will never ask you to provide user names or passwords over email.
We are also aware of a rise in cyber scams and phishing campaigns with hackers posing as government officials, such as from the CDC or IRS, seeking personal information that can be used for identity theft purposes. Scams related to small business loans, personal loans, gift cards, and other financial services related to COVID-19 are also on a rise. Never provide a bank account, credit card or social security number via email, even if the sender appears to be legitimate. Never click on a link or open an attachment in an email unless you know the sender.
There is also a great risk of cyber criminals impersonating a company’s staff members, such as leadership or IT personnel.
If you receive a suspicious email, please forward it to privacy@sva.edu and delete it. If you click on a link that you believe to be suspicious or have shared such information, please contact privacy@sva.edu and helpdesk@sva.edu immediately.
Maintain Appropriate Remote Working Security Controls
Employees accessing SVA systems, including email, should make sure they are doing so with connectivity that is approved by SVA IT in place. If you have access to Virtru encryption technology, you should be using it to send any sensitive documents to other SVA employees or contractors and only share information electronically if it is necessary to do so. Do not save any sensitive data locally on your computer or on any non-SVA device. Please ensure your personal devices used to connect to SVA networks are up-to-date with operating system patches and anti-virus/anti-malware software prior to being used for remote work.
FERPA Still Applies to Student Records
All employees who access or create student records should remember that the Family Educational Rights and Privacy Act (“FERPA”) continues to apply.
Faculty are required to conduct any remote learning activities through SVA-approved solutions, such as Canvas and Zoom. Recorded sessions should be protected and not shared via publicly accessible links.
Students (or their parents) also continue to have a right to view their educational records. Any request received under these FERPA rights should be directed to registrar@sva.edu.
Health and Safety Information
If you receive a report that an employee for whom you are a supervisor or a student has a confirmed or suspected case of COVID-19, you must ensure that you share any health information in the approved manner. Notifications should be sent as an encrypted message to health@sva.edu and should only share information appropriate to protecting the health and safety of our community. Appropriate SVA personnel shall be responsible for all internal and external communications to our employees, students, or others in the community. You should not disclose the identity of an individual to any other person. Please contact the Office of Student Health and Counseling Services at health@sva.edu.
Questions?
If you have any questions about these policies, please contact SVA Privacy Officers at privacy@sva.edu.
Additional Links
SVA COVID-19 page
https://sva.edu/features/message-from-sva-about-covid-19-novel-coronavirus
Federal Trade Commission COVID-19 page (subscribe for alerts)
https://www.consumer.ftc.gov/features/coronavirus-scams-what-ftc-doing
Department of Justice COVID-19 page
https://www.justice.gov/coronavirus
Department of Education COVID-19 page
https://www.ed.gov/coronavirus
FBI COVID-19 page
https://www.fbi.gov/coronavirus