As part of efforts to strengthen Brown’s policies and practices for the protection of personal data, Brown’s Data Protection Working Group is engaging offices across campus that collect, use, share or store personal data before updating Brown’s policies. This initiative consists of the following:

1. Survey. The Working Group is developing a survey to confirm existing technology systems, platforms or software being used to collect or share individuals’ data. The survey will be distributed early in the fall 2018 semester, followed by conversations with data collectors.
2. Audit. The survey will be one element of a comprehensive audit of existing systems and operations within units and across the University that collect and share personal data.
3. Investigation of best practices. Brown will review emerging best practices within higher education and industry regarding the collection, management and use of personal data.
4. Policy development. The working group will recommend actions to strengthen Brown’s policies, informed by existing operations, best practices and required compliance with applicable laws and regulations.
5. Communication and policy implementation. The University will develop a plan for communicating with Brown stakeholders and constituencies about new and updated policies and practices, and a path for implementation.
6. Feedback. Computing and Information Services will develop a mechanism for ongoing information gathering that may inform evolutions in policy and practices as technologies continue to evolve.

Offices that collect personal data should contact the Working Group to ensure they are included in this important assessment.