Policy on Security of Personal Information
At Waseda University (hereafter to be referred to as “this university”), the protection of personal information is recognized as a fundamental right that has its origins in the integrity of the human personality. The Personal Information Security Rules were established in May 1995, and these provided for the strict handling of personal information. Since April 1, 2005, the Law Regarding the Protection of Private Information (Private Information Protection Law) has been fully enforced. This university has continuously complied with this law and works to properly manage and protect personal information.
1. Collection and Use of Personal Information
Personal information refers to information that identifies specific individuals, such as students, guarantors, faculty and staff, or that has the possibility of doing so. At this university, it’s collection is restricted to only that recognized as necessary for educational research, student support, and university management, as defined below. In addition, when it is necessary, the university contacts students and guarantors based on the personal information collected.
- Reasons for Collecting Personal Information
- 1) Management of school registration, changes in school registration, health management, scholarship management;
- 2) Course registration, grade management and course management;
- 3) Information management related to postgraduate activities, advancing within a school and changing schools at the undergraduate and graduate school levels within the university;
- 4) Issuing student identification cards and various other certificates;
- 5) Managing scholarship information and account information;
- 6) Supporting for extracurricular activities and student life;
- 7) Managing and creating employment information;
- 8) Managing the use of equipment and facilities within the university, managing visual information acquired through the security cameras;
- 9) Managing the use of the library;
- 10) Sending grade reports and academic records to the guarantors;
- 11) Consulting with guarantors about course registration and academic records;
- 12) Producing public relations magazines for the university and the school, guides for events and fundraising activities;
- 13) Sending out various guides and information following graduation;
- 14) Providing information to universities based on a Science and Technology Exchange Agreement;
- 15) Providing necessary information to the Waseda University Student Health Insurance Union (chief administrator: office manager of student division);
- 16) Providing necessary information to the Waseda University Alumni Association (chief administrator: president of this university);
- 17) Providing necessary information to academic organizations (chief administrator: dean of each school) which are comprised of students and instructors in graduate and undergraduate courses at this university;
- 18) Providing necessary information to the teachers’ union in order to promote public funding for schools;
- 19) Management of employment and payment of wages or salaries in relation to part-time jobs or other types of jobs that may be offered within this university;
20) Improvement of educational research and entrance examinations and recruiting of students; and
21) Use of photos and their data for the purpose of verification of identify for internal procedures and various web-based services within this university.
2. Secure Management of Personal Information
Along with strict management of personal information so that it is not used improperly, lost, damaged, falsified or leaked, this university engages in the training of employees (faculty and staff) who handle personal information and those are in charge of this university’s other affairs.
3. Providing Information to Third Parties
This university does not provide personal information to third parties without the consent of the principal party in question. However, information may be provided without the consent of the principal party under the exception established by law (Private Information Protection Law, Article 27, Clause 1)
4. Outsourcing
This university may outsource the whole or a part of its businesses related to certain affairs such as sending out of various letters and objects from this university or data input work. When doing so, this university contractually or otherwise obligate the outsourcing contractors to take necessary and appropriate measures in managing the personal information so that it will not be leaked, disclosed or improperly used.
5. Corrections, Disclosure, Deletion, Suspension of Use (including Erasure and Suspension of Provision to Third Parties) of Personal Information
Students and guarantors can request the disclosure of their own personal information and records of its provision to third parties as well as correction, deletion and suspension of use (including erasure and suspension of provision to third parties) of such information through the individual institution managing that information, such as the school or institute with which s/he is affiliated.
The Approach to Information Security at Waseda University
In May 1995, Waseda University declared that “the protection of personal information is a fundamental right that has its origins in the integrity of the human personality”. The Private Information Protection Law was established, which has as its aim the appropriate collection, management, use and protection of the personal information of students, faculty and staff. The university works to administer this law properly under the supervision of the Personal Information Protection Committee, an independent organization.
Against this background, Waseda University’s Information Security Policy was created in September 2002. This policy defines the information that must be protected within the computers and network administered by the university. Following that, additional attention was drawn to these issues with the creation of the “Guidelines for Creating Contents Used on the World Wide Web by WIND” (Waseda’s Internet Domain) in November 2003, and “Handling Written Materials in a Web Context for Educational or Research Purposes” in March 2004.
Under these conditions, the Private Information Protection Law has been fully implemented since April 1, 2005. This university also utilized this opportunity to distribute the leaflet “You and Information Security-Personal Information and Copyright”, which was directed at students, faculty and staff. This leaflet was based on the thinking that it is not only necessary to protect ones own personal information, but it is also essential that the privacy of others with regards to information must not be violated. Here, by clarifying personal responsibility with regards to various types of information and recognizing anew the significance of information security, efforts to provide information security as administered by Waseda University will continue to be promoted in the future.
Law Regarding the Protection of Private Information
Waseda University’s Information Security Policy
Waseda University’s “You and Information Security”
(To all students and pupils; To all faculty members; To all the staff)
“Handling Written Materials in the Context of the World Wide Web by WIND” (Waseda’s Internet Domain)
Please direct any questions regarding the protection of personal information at Waseda University to the following organization:
Office of the Personal Information Protection Committee (Department of Educational Affairs, Educational Affairs Section)
1-104 Totsuka-cho, Shinjuku-ku, Tokyo 169-8050
Telephone: 03-3204-2253
E-mail: [email protected]