(1) (a) An institution shall adopt policies to protect student data in accordance with this part and board rule, including the standards the board establishes under Subsection 53H-14-502(5). (b) The policies described in Subsection (1)(a) shall take into account the specific needs and priorities of the institution. (2) The board shall designate a higher education privacy officer. (3) The higher education privacy officer shall: (a) verify compliance with student privacy laws, rules, and policies throughout the Utah System of Higher Education; (b) support institutions in developing data governance plans and student data privacy training; and (c) act as the primary point of contact for the state privacy auditor. (4) An institution shall: (a) designate an individual to act as the primary contact for the higher education privacy officer; (b) create and maintain an institution: (i) data governance plan that complies with the standards the board establishes under Subsection 53H-14-502(5); and (ii) record of student data privacy training; and (c) annually publish the institution's data governance plan on the institution's website. Renumbered and Amended by Chapter 8, 2025 Special Session 1
‹ Prev All Utah sections Next ›
Lexace provides legal information, not legal advice, and no attorney–client relationship is created. Statute text is provided for general information and may not reflect the most recent amendments; verify against the official state code.