ks6+Pf&Ô,YnRi$M^~HH  JoE-ǹy&qbw/o~?޼ C1A1uw 92b$C i456ǂ:'rjyO$JZ&aًKlnD#ƹvfvIو',v=%$TNcdgEV5iWtg\8&О1r@Җ y>e3F\  C#B(jW/#8yDG802ê[[fTF o^ӆ[XO0)D䔜J=%$+9õ@h;loj[{f:Z4*gN:®!$Cʴ>6RhM X_Oyާί9ϩ4wGD3щfљEԀTW)e4e\֠Ә}*ӓX[1%v"*DD7k.Ml MLKݷIrǮ,JpP^1bxmGˁF9%n{?Z?86;3zeS֪M<3jB Mp`L%dNw^3 ddZP^<%E`ָ N# Zf\gnM3[KJ_'Ut=QpF gh+cjT:s!7ԞԚUY u+>nU{Z `|`27 uqI"ru"Mqv=C9cX;hc-Pffq P]=8" YS\1*)k>՝_}0t$^YZ1lq#l07N"n5+a8i^& "hUM zVCA+>qOZx,VsW4E IFrD`,POSJ#Xz+6h4om̅Ři8 5(A`jh7?9hDzCCPVA81@Fqk$麮5Gff^t:^BЊº(ƃs^"X`37MZ 3<2!nc *6GLkW,sC{Y2`: R10S"ӸSmXm!u5u=7 1@1}RS :޺CL惇?܄U?hnŀ\`E,Vwǵ>h?>3º_]B|NWyiZsw@EUPQM~]8.\:K̍pXl` ~ 47,HJ- .qe3- #4[Is0FW9jY2#̺PlQG A0@;9l7 KBBN@n?+,56f?+"w^ټoPK$w!8CoL'1^f$оn67ءUasb !eܘ쥫3}sZn`ChЪ6:*YR)uߔy2:&f&9+*uJHjƓ}XNjL8_ȘRu@cޑ7/^*~q 8l,=*֞߻ß~"pw>(A?ݣaFLK*?Ow 1$mj $jl׏V~`"WqlUfa_y5O]κ.ƾqg1F3r{ iٞ0OaU fZOsKU٧ 5QK4cb ffTtirrk%6Lss}wߕ)vHlN1f3<6"bSyr͜p"e:MFLL3yC15Z9,vo[q)mԨS ,xd4YR,ݫmF>;S]&apV+2KHq&y6]y @eQ9J?:;b}3ĭY!g\OTeCO*%qA2d#dp 5w|˷ĞUbI(L]{.Rɏ7'G7O>׼FjSvON`R$H'/z[H9 ,oFcSc>f,ɬ{ah/rnh?n4O==l>i*=$c'rR~HաjU0 єz \ܩ &@@q!?O5/G3(\۝UiZ|Wm^ި5P[< +yc"=C'\:E.|`*Mz1´h&b ̛\ 09/25/07, One Step Ahead - Almanac, Vol. 54, No. 5
Issue Contents
Print This Issue

One Step Ahead
September 25, 2007, Volume 54, No. 5
one step ahead

Another tip in a series provided by the Offices of Information Systems & Computing and Audit, Compliance & Privacy.


Website Privacy Statements

Website visitors—including members of the Penn community—who access information and services online are increasingly paying attention to online privacy and security issues. Their concerns are well-founded, since identity theft and other misuses of personal data are not uncommon in today’s wired world. Recognizing these rising concerns, it is important to consider the expectations of website users and post a privacy statement when appropriate.

New guidance on when and where to post website privacy statements, and what to include in them, is available on the Privacy Office website (www.upenn.edu/privacy; click under “What’s New.”). The guidance describes the value of posting privacy statements, as well as the need for caution about what is included in them.  

In addition, the new guidance includes a link to a template document that provides a starting point in drafting, or improving, a website privacy statement. The template suggests potential topics to cover in the statement, such as:

•            what data is collected and why,
•            whether cookies are used, and
•            what security measures are in place.

The template also provides language that may be appropriate to use for these topics and others, depending upon your particular circumstances.

It is crucial to review your draft website privacy statement before posting, to confirm that everything in it is accurate.  Leave out any statements in which you do not have complete confidence. Failure to comply with a posted statement erodes the trust of website visitors and can potentially create liability for the University.

If you have questions about website privacy statements, or would like to have your draft statement reviewed, write to privacy@pobox.upenn.edu.


For additional tips, see the One Step Ahead link on the Information Security website: www.upenn.edu/computing/security/.

Almanac - September 25, 2007, Volume 54, No. 5