State privacy officer: means the state privacy officer described in Section 67-3-13. See Utah Code 53B-28-501
Student: means an individual enrolled in an institution. See Utah Code 53B-28-501
Student data: means information about a student at the individual student level. See Utah Code 53B-28-501
(a)
An institution shall adopt policies to protect student data in accordance with this part and board rule, including the standards the board establishes under Subsection 53B-28-502(5).
(b)
The policies described in Subsection (1)(a) shall take into account the specific needs and priorities of the institution.
(2)
The board shall designate a higher education privacy officer.
(3)
The higher education privacy officer shall:
(a)
verify compliance with student privacy laws, rules, and policies throughout the Utah System of Higher Education;
(b)
support institutions in developing data governance plans and student data privacy training; and
(c)
act as the primary point of contact for the state privacy officer.
(4)
An institution shall:
(a)
designate an individual to act as the primary contact for the higher education privacy officer;
(b)
create and maintain an institution:
(i)
data governance plan that complies with the standards the board establishes under Subsection 53B-28-502(5); and
(ii)
record of student data privacy training; and
(c)
annually publish the institution’s data governance plan on the institution’s website.