Policy on Confidential and/or Privileged Information at the Geisel School of Medicine at Dartmouth

At the Geisel School of Medicine, it is the obligation of all individuals who have professional responsibilities with the Medical School, whether they are employees of Dartmouth College or not, to adhere to Dartmouth College’s policy which states:

“College employees, during the course of their employment, may have access to documents, data, or other information that is confidential and/or privileged from disclosure whether or not it is labeled or identified as "confidential" or “privileged.” Examples include, but are not limited to, the College’s financial information; material sent for promotions/appointments; research results; medical information regarding students, employees, or research subjects; and student educational records. Unless they have their department head’s prior approval, employees may never, either during their College employment or thereafter, disclose such information to persons outside the College or to persons inside the College who do not have a business need for such information. This does not include disclosures made in confidence to federal, state or local government officials for the sole purpose of reporting a suspected violation of law or in connection with a lawsuit filed by an employee claiming retaliation by the employer for making such a report. In addition, employees are expected to protect the integrity of business information as it might be transmitted verbally, through written or electronic means, both inside the office and outside the office. All documents received by College employees for business use shall remain the property of the College. Employees must return such documents to the College upon their separation from employment.”

In addition, Dartmouth’s Information Security Policy outlines information security policies, standards, and controls, for the processing, sharing, and storage of information in electronic, paper, and other media.

Please note that for Geisel:

• Such confidential/privileged information includes, but is not limited to: Social Security numbers (SSN) and dates of birth (DOBs) as transmitted, for example, in voluntary faculty request forms, and in other compiled files that are shared with College (e.g., data for Office of Institutional Research) or non-College (e.g., contracted consulting firms) officials. Per Dartmouth information security policy, such confidential information may only be shared over email when using encrypted systems (including, but not limited to, emails sent and received by or across Dartmouth.edu or Hitchcock.org accounts);
• No material in physical files or the online systems, including, but not limited, to SharePoint (Dean’s Academic Board forms), Faculty Dashboard, or Interfolio, or any financial information, is to be accessed, used, removed or copied, except as part of the authorized scope of work in conjunction with your responsibilities outlined by the Office of the Dean;
• When not in use, individuals are expected to log out and close all browser windows related to a particular system, including those enumerated above. Computer screens must be locked when the individual steps away from her/his work station. Confidential documents should be kept under lock and key (when not in use) and hard copies should be shredded rather than recycled on disposal.

Individuals who become aware of a breach of confidentiality or a potential breach, such as the loss of confidential documents or device(s) containing confidential information or the disclosure of information that could provide access to secured electronic information, such as passwords, have an obligation to immediately notify the Geisel School of Medicine. If the individual becomes aware of the breach or potential breach during working hours, the employee should contact the Dean’s Office at 603.650.1200. If the individual becomes aware of the breach or potential breach after normal working hours, the individual should contact the Department of Safety and Security at 603.646.4000.

Please acknowledge by your signature below that you have read, understand, and agree to abide by this policy.