WyoLogin Privacy Policy

WyoLogin Privacy Policy

Table of Contents

The WyoLogin Privacy Policy

Introduction

The University of Wyoming ("UW") recognizes and respects the privacy interests of its community members. This document describes the WyoLogin privacy policy with regard to data that is shared with online applications when utilizing WyoLogin.

WyoLogin allows UW users to use their credentials to single-signon (SSO) to a variety of UW and cloud-hosted applications supporting academic, research, and administrative activities.  Example applications include WyoCourses, Banner, Office 365, and WyoCloud.  

This policy only covers data that is released during the authentication process.  For many services data not listed in this policy is released outside of the authentication process to create an account or to provide data required for the service to function. 

 

Privacy Statement

WyoLogin ensures that all cloud-based and most UW hosted applications do not have access to your password.  WyoLogin will handle confirmation of a successful authentication on behalf of the application.  This is important for ensuring the security of your credentials.

For all cloud-based applications, as well as most of the UW hosted applications, a set of attributes is released during the authentication process that is used to identify the user.  These attributes will come from one of the three identity provider services – Active Directory Federation Services (ADFS), Central Authentication Service (CAS), or Shibboleth (Shib).

Permission to release information about you:
If upon review of this information you do not want to release the indicated attributes about you to an application, you may elect not use that application.  Note that this does not imply that there are alternatives.

Re-use or distribution of information about you
The attributes released to an application are deemed necessary to appropriately use that application and that is the only purpose for which the attributes are released.   If you detect such misuse of your information, see below for how to contact us.

 

Sharing of Data with Applications

The attributes that are released to an application are kept to a minimum, meaning attributes that are not required by the application for proper functioning are not released.

The current list of attributes being released to applications is available here:

 

Why is Data Shared with Online Applications

Online applications often need to authenticate you to know who you are.  Once a person is successfully authenticated the application requires a unique identifier in order to access any personal preferences or other information it needs to track in order to efficiently support you.  The application may also need to know if you are student, faculty or staff, etc in order to know what information or functions to present.  An application may also save your name if needed to identify you to others, say for an automated workflow.

 

How Data Is Protected

Employees of UW Information Technology (UWIT) are required to sign a confidentiality agreement.  In addition, UWIT follows federal and state guidelines on protecting the privacy of its users.  These guidelines include, but are not limited to, Family Education Rights and Privacy Act (FERPA); Gramm Leach Bliley Act of 1999 (GLB); and the Health Insurance Portability and Accountability Act of 1996 (HIPPA)

 

Notice for Updates and Changes to Policy

This policy will be updated on occasion and the most current version will always be posted here.  We encourage you to review it regularly. 

 

Who to Contact if You Have Questions

Questions can be directed to the UWIT  helpdesk at userhelp@uwyo.edu or by calling 307-766-4357.

Was this helpful?
0 reviews

Details

Article ID: 54353
Created
Tue 5/22/18 2:59 PM
Modified
Fri 6/1/18 11:11 AM

Related Articles (1)