Western Illinois University

• Your potential. Our purpose.
• Macomb
• Quad Cities
• Online
• APPLY NOW

WIU Home > Policies

University Web Use, Accessibility, and Privacy Policy

Approved By: President
Effective Date: June 26, 2023

POLICY STATEMENT

The purpose of this policy is to define the appropriate use of the technology used to create and manage Western Illinois University (WIU)’s official web domain hosted at wiu.edu.

SCOPE (WHO SHOULD READ THIS POLICY)

WIU University Web Use, Accessibility, and Privacy Policy applies to any individual who utilizes the university’s website hosted at wiu.edu.

DEFINITIONS

• Algorithm: A clearly specified mathematical process for computation; a set of rules that, if followed, will give a prescribed result.
  Computing resources: Any resource used to perform computing operations/processes, such as a tablet, computer, phone, flash drive, CD, camera, smart television, etc.    This would include 3rd party hosted applications which process or utilize WIU data.
• Encryption: The process of converting information or data into a code, especially to prevent unauthorized access.
  Hashed: Hashing is the process of transforming any given key or a string of characters into another value. This is usually represented by a shorter, fixed-length value or key that represents and makes it easier to find or employ the original string. The result is known as a hash.
• Multi-factor authentication: Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource. Factors are generally considered to be something you have (i.e. possession of a token, phone, etc.), something you know (i.e. password), or something you are (i.e. fingerprint, retina scan, etc.).
• RACF: Resource Access Control Facility (RACF) is an add-on software product that provides basic security for a mainframe system, protecting resources by granting access only to authorized users of the protected resources.
• Salted: Password salting is a technique to protect passwords stored in databases by adding a string of 32 or more characters and then hashing them.
• Sensitive data: Sensitive data, as defined by the university’s Administrative Handbook’s Sensitive Data Handling Procedures is: Information intended for limited use within the university that, if disclosed, could be expected to have a serious adverse effect on the operations, assets, or reputation of the university, or the university's obligations concerning information privacy.

POLICY

Western Illinois University utilizes technology, including the World Wide Web, to enhance the educational experience and to communicate University information; therefore, we are committed to providing current and accurate information and ensuring that information and resources provided via the official University web presence are accessible to all students, faculty, staff, and visitors. This policy applies only to the University’s official website hosted at wiu.edu.

To ensure compliance with these expectations, the University requires its authorized users of this information technology resource to follow guidelines outlined in the Western Illinois University’s Web Guidelines. Additionally, all authorized users of this information technology resource are required to follow the policies and regulations of Western Illinois University and applicable state and federal laws.

Western Illinois University (WIU) is committed to ensuring the privacy and accuracy of confidential information; therefore, WIU does not share personal information gathered from its websites. WIU also complies with the Family Educational Rights and Privacy Act (FERPA), which prohibits the release of education records without a student’s permission. Although FERPA regulations apply to students, the University is equally committed to protecting the privacy of all visitors to our websites.

Privacy and public records obligations of the University are governed by applicable Illinois statutes and U.S. federal laws. Because WIU is a public institution, some information collected, including the summary server log information, e-mails, and information collected from web-based forms, may be subject to the Freedom of Information Act (FOIA). While WIU does not actively share information, in some instances, the University may be required by law to release information gathered.

An accessible web presence provides information and/or services for a variety of users with minimal differences between delivered content. The university’s web presence includes web applications, web interfaces, and other resources delivered via the university’s official website (wiu.edu).

The University Technology Advisory Committee identifies work priority of work performed on the university’s web presence based upon use, those which provide core institutional functions, and those deemed as critical-need websites. Therefore, priority websites include:

1. University websites which are critical points of access to users of university resources such as admissions, financial aid, disability resource center, and
2. Other high traffic university websites.

In order to meet this accessibility commitment, university web pages, as well as associated web-based services developed by or for a college, department, program, course, or unit of the university must comply with this policy.

All priority websites, as well as new or redesigned websites, must meet or exceed current Illinois Web Accessibility Standards (IWAS).

Those who are responsible for the identified priority websites must develop implementation plans for ensuring accessibility of these websites, and if requested by a user, provide website information in an alternative format in a timely manner until the identified website meets accessibility guidelines.

All websites not identified as a priority by the University Technology Advisory Committee must include contact information for an individual who can provide requested information in an alternative format in a timely manner. Those responsible for such websites must create and attempt to adhere to a reasonable timeline to bring these websites into compliance.

Data Gathered

There are four primary types of information that may be collected during a visit to a WIU website: network traffic information, web server statistics logs, cookies, and information voluntarily provided. All data collected is stored using secure best practices. Network traffic, web server statistics and cookie related data is evaluated at an aggregate level to improve end user experience, improve website performance and usability.

State Agency Website Act (Public Act 093-117)

University websites will not use permanent (persistent cookies) or any other invasive tracking programs that monitor and track University website viewing habits unless users opt-in to such tracking.

Family Educational Rights and Privacy Act (FERPA)

Consistent with FERPA, the University does not release personal student information, other than public directory information, to other parties unless the University receives explicit written authorization. Directory information includes: student's name; school and home addresses; WIU e-mail address; telephone numbers; major field of study; dates of attendance; full- or part-time status; classification; degrees, honors and awards received (including Dean's List) and date granted; anticipated graduation date; most recent previous educational agency or institution attended; participation in recognized university activities and sports; and for members of athletic teams, weight and height.

Students can restrict the release of directory information by contacting the Office of the Registrar.

Children’s Online Privacy Protection Act (COPPA)

Western Illinois University complies fully with the Children’s Online Privacy Protection Act. Accordingly, if a user of the University web is under the age of 13, the user is not authorized to provide Western Illinois University with personally identifying information, and the University will not use any such information in its database or other data collection activities without obtaining explicit parental consent before collecting personal information from children.

Third-Party Content

While visiting a Western website, individuals may encounter links to web pages and sites which are not owned or controlled by WIU. Such websites do not contain a “wiu.edu” address. Be aware that these remote sites are not under the control of Western Illinois University and no warranty or claim concerning these services is implied or should be assumed. Remote sites may have different policies regarding privacy (or no policies at all); therefore, users should avoid entering personal information into such remote sites. If there are doubts about entering personal information, contact Western Illinois University using the information provided below.

Security and Accuracy of Confidential Information

While no computer system is 100 percent secure, WIU has security measures in place to protect against the loss, misuse, or alteration of the information under its control. These security measures and the systems are audited by the State of Illinois. Several sites within WIU allow individuals to pay for products or services online with a credit card. These transactions comply with all applicable laws and regulations. To report a security incident, e-mail abuse@wiu.edu.

Sharing of Information

WIU does, upon explicit request of users, share information with other parties and gather information from other private data providers. This is done only at the request of users (persons to whom the information applies). Unless specifically required under public information requests filed under FOIA, it is against University policy to release confidential information gathered through the web. However, when circumstances arise for the need to share information gathered from its University web servers, the University may share as:

1. authorized or required by law,
2. to assist law enforcement investigations, legal proceedings, or internal investigations of University rule and regulation violations.
3. permitted under University and campus policies,
4. required by an approved University contract,
5. consent is explicitly given (opt-in),
6. certain student and employee demographic information with Western Illinois University Alumni Association, the Western Illinois University Foundation, applicant students’ high schools and other educational institutions with questions about students who have been admitted or earned a degree from the University.

Review

The University Technology Advisory Committee will establish evaluation and reporting guidelines for determining compliance with this policy. The Office of Equal Opportunity and Access will stay abreast of changes in accessibility standards and, in conjunction with the University Technology Advisory Committee, will review and revise this policy as necessary.

RESPONSIBILITIES (Implementation and Enforcement)

University Technology is responsible for, implementing, enforcing, updating and maintaining this policy.

RESOURCES

• Western Illinois University’s Web Guidelines: https://www.wiu.edu/webguidelines
• Illinois Web Accessibility Standards (IWAS)
• Federal Educational Rights and Privacy Act (FERPA)
• State Agency Website Act (Public Act 093-117)
• Children’s Online Privacy Protection Act (COPPA)

Connect with us: