Brown University is engaged in a process to strengthen policies and practices for the ways in which personal data is managed and shared by academic and administrative units, and how it is used by all members of the University community. Brown adheres to applicable laws and regulations that govern data privacy and protection.

A Data Protection Working Group has been charged with aligning Brown’s policies and procedures with applicable changes in laws governing data privacy, including recent changes to data sharing and privacy regulations issued by the European Union. The working group is engaging stakeholders across campus in first assessing their current practices for data collection, storage and use, and subsequently implementing new practices in their areas as necessary to align with any resulting changes in University policy.

Offices that collect personal data should contact the Working Group to ensure they are included in this important assessment.

Considerations for Data Protection at Brown

Data protection policies have implications for a range of operations, including but not limited to:

  • any Brown systems that collect personal information online (this might include any user accounts)
  • any Brown systems or offices using data received secondhand
  • any systems that use personal data to deliver targeted, audience-specific information or services
  • data shared after it has been collected, which could mean rethinking approaches to analytics, logins and digital advertising.
  • transparency and portability (making available to an individual upon request certain data the organization has collected on that individual)