Photo Privacy Practice Directive

Authority

UW Whitewater - Executive Tier Committee

Objective

The scope of this policy covers usage of identification photos outside of the purpose of HawkCard photo ID.

Statement

HawkCard Photo ID

It is the policy of the University of Wisconsin-Whitewater that all faculty, staff, students, and other persons acting on behalf of the University or gaining access to resources or services obtain and maintain a single, current Universal Identification Card (HawkCard) which is issued by the HawkCard office, the authorized ID issuing service. The card will contain a photo.  The photo will be digitally stored.  Stored photos will be used for security, identification and internal business purposes.  For additional details on the HawkCard IDs, see the HawkCard webpage.

General Policy on Identification Photo Use

The identification photo itself is considered an institutional data element and should be managed accordingly.  When a photograph is taken for the issuance of a HawkCard, the digitized photo will be stored electronically for identification and security purposes.  In addition, the photo may be used for approved, internal University business purposes.  Photographs used for these purposes will not be shared with anyone outside of the University without explicit permission from the cardholder except as required by law.

Cardholders are automatically excluded from having their photos used for University community purposes (e.g., internal websites, social media, department rosters) unless the departments, schools, or units obtain written or electronic permission from the cardholder for the intended use.  In this situation, the HawkCard digitized photograph will not be released from the ID Card database without the cardholder’s electronic authorization.

The individual or organization taking the photo may release the photograph for other purposes only in the following cases:

• In compliance with authorization from the individual;
• To comply with valid legal requests or orders to produce the photograph as approved by the Office of the General Counsel; and
• To otherwise comply with applicable federal, state or local laws or regulations as approved by the Office of the General Counsel.

The University will provide a process for cardholders to set and/or change Privacy levels.  Individuals wishing to change their original Privacy level have the option to do it at any time.

Privacy Levels

Through the Identity Management dashboard, the University provides a process for individuals to select their preferred level, and/or withdraw their authorization or change their privacy level selection.  Default privacy levels have been established based on input from campus governance groups.

Faculty & Staff Photo Privacy Levels

• Level 1 - Private: The individual’s photo will be seen only in authenticated applications by faculty or staff with special access, such as Security or Human Resources, and by the individuals themselves in their Identity Management dashboard.
• Level 2 - Internal: The individual’s photo will be seen only in authenticated applications by other members of the faculty and staff.  Students and the general public will not see the photo.  This is the default privacy level for faculty and staff. 
• Level 3 - Campuswide: The individual’s photo will be seen only in authenticated applications by all members of the campus community, including students.  Others outside of the campus community cannot see the photo.
• Level 4 - Public: The individual’s photo will be used with applications that do not require authentication (e.g., campus web pages, campus online directory) as well as with applications that do require authentication.

Student Photo Privacy Levels

• Level 1 - Private: The individual’s photo can be seen only by faculty or staff with special access, such as Security or Human Resources, and by the individuals themselves in their Identity Management dashboard.  This level will be assigned automatically for students who have enacted FERPA restrictions. 
• Level 2 - Internal: The individual’s photo will be seen only with authenticated applications.  Only UW-Whitewater faculty and staff will be able to see the student photos.  Other students and the general public will not see the photo.  This is the default setting for students.
• Level 3 - Campuswide: The individual’s photo will be seen only in authenticated applications by all members of the campus community, including other students.  Others outside of the campus community cannot see the photo.  This level must be selected by an individual, based on personal choice.
• Level 4 - Public: Photo will be used with applications that do not require authentication (e.g., campus web pages, campus online directory) as well as with applications that do require authentication.  This level will also be based on personal choice.

Searchable Words

Photograph, photo, picture, pic, privacy.