Confidential information is governed by the same sharing rules as Restricted information. It requires a high level of care, as outlined below, and should only be shared on an as-needed basis.
Rules for Sharing Confidential Information
When to Share |
Only to meet a legitimate business need or as required by law |
---|---|
With Whom | Specific parties within Princeton, as needed; Others only as necessary, with the recipient's agreement to safeguard confidentiality and not re-disclose the information except when legally required |
How to Share | Use one of Princeton's secure file sharing services. |
Network Options | Wired or Eduroam on campus or via GlobalProtect virtual private network (VPN) off campus |
Security | Solutions to properly secure information include: encryption, access controls, multi-factor authentication, and network isolation. |
Your Responsibilities
Sharing of Confidential information may be permissible if necessary to meet the University’s legitimate business needs. Unless disclosure is required by law (or for purposes of sharing between law enforcement entities), when disclosing Confidential information to parties outside the University, the proposed recipient must agree:
- To take appropriate measures to safeguard the confidentiality of the information.
- Not to disclose the information to any other party for any purpose absent the University’s prior written consent or a valid court order or subpoena.
- To notify the University in advance of any disclosure pursuant to a court order or subpoena unless the order or subpoena explicitly prohibits such notification.
In addition, the proposed recipient must abide by the requirements of Princeton's Information Security Policy. Any sharing of Confidential information within the University must comply with the University’s Privacy Policy. We encourage you to review the complete Information Security Policy and learn more about your responsibilities.
Have questions? Contact the Help Desk for assistance.