Privacy

Op12.02-8 Privacy

Policy statement

The University takes reasonable precautions to protect accounts, personal information collected by the university, and personal communications from unauthorized access or disclosure. Except as required by law or authorized by policy, the University does not share personal information with any third-party. The University may process personal information internally and through external service providers in furtherance of its mission and normal operations; otherwise, the University will, when reasonably practicable, seek the consent of the subject of personal information before transmitting that information to a third-party for processing. The University does provide information on graduates for use by the Missouri State Alumni Association and Missouri State Foundation so that graduates can receive regular information about their alma mater.

Pursuant to the Family Educational Rights and Privacy Act (FERPA), the University may disclose “directory information” as defined in FERPA and set forth in the FERPA/Confidentiality of Student Education Records policy.

University websites that collect personal information will only collect information reasonably necessary for the intended purpose and will, where reasonable, provide the user with the intended purpose of personal information being collected. University websites that display personal information, such as the My Missouri State website, will only display an individual's personal information after the individual has been authenticated. These sites will also ensure information communication security by using server authentication, encryption and data/message integrity.

Website Cookies

The missouristate.edu website utilizes cookies—small text files placed on your device—for the purpose of enhancing the user browsing experience, analyzing website traffic patterns, and supporting essential and non-essential website functionalities. These cookies enable the university to collect and evaluate data regarding user interaction with the site, including but not limited to page visits, frequency of access, and the types of devices used to access the site. This data informs improvements to site content, structure, and overall usability. Certain cookies are strictly necessary for the operation of the website, while others are employed to optimize the site and enhance the user experience.

The cookies used on the website do not collect personally identifiable information. You can manage or delete cookies through your browser settings at any time. By accessing or using missouristate.edu, you acknowledge and consent to the university’s use of cookies.

University access to electronic information

The University does not routinely seek out, examine, disclose, use or modify the contents of individually assigned accounts, personal communications, records or university computers. The University does reserve the right to view, scan, or otherwise access any file, hardware, software or communication on University computers/systems or transmitted over University networks in the following conditions.

• When information custodians, University auditors, legal counsel or information technology employees access information as part of their employment, and then only to the extent as necessary to perform work activities.
• When the Board of Governors, President, General Counsel, Director of Internal Audit and Risk Management or applicable Vice President/Chancellor, or their designee has authorized a review because the University has reasonable cause to believe that an individual may be violating the law or University policy. Any request for a review must follow the appropriate procedures. University employees will not disclose information accessed during a review other than to University administrators and/or proper authorities investigating the matter.
• As permitted by applicable policy or law. For example, the University may be required to disclose public records, including electronic versions such as email, when requested under the Sunshine Law (chapter 610 of the Missouri Revised Statutes). The University may also be required to disclose closed records or personally identifiable educational records to comply with a court order or subpoena.

If the University has reason to believe a system security breach has occurred or could occur, the University retains the right to access any University system and, upon evaluation of the situation, shut down any system and/or require its modification to mitigate any perceived risk. The University will notify the authorized users and appropriate State authorities as outlined in the Information Security Incident Management policy.