220.127.116.11 Standards for the Use of Electronic Media
1. The Employee Handbook of the Diocese of Lansing binds certain employees in regard to email and other electronic communication. (The most current version is available at the diocese website.)
2. Standards for Use of Electronic Media binds all full or part-time central service employees, including diocesan cemetery personnel, students, faculty, library patrons, interns, contracted services personnel, and temporary or volunteer personnel of the Diocese of Lansing.
3. All who are engaged in the catechesis and education of students in the diocese are obliged to follow the Diocesan Guidelines for Student Safeguards, available at the website of the Department of Education and Catechesis.
4. The privacy of those who communicate with the diocese, its parishes, its schools, other entities and programs by electronic means is to be safeguarded according to the following provisions:
a. No personally identifiable, sensitive or confidential information is to be collected or stored without the knowledge and consent of those who provide it.
b. Since no electronic communication is totally secure, it is not possible to promise or guarantee absolute security. However, administrators are to take reasonable precautions to protect against any loss, misuse, or improper disclosure of such information.
c. Hypertext Transfer Protocol Secure (HTTPS) or another means of compliance with PCI Security Council standards must be used when credit card, bank account, social security, Medicare or insurance numbers, or similar information is collected.
d. Social security numbers are not to be collected unless required for employment purposes, and then only according to the provisions in the Diocese of Lansing Employee Handbook. These numbers are never to be listed in a public forum.
e. Personally identifiable information is not be transferred to any third parties or further disclosed without the approval of the user at the time of collection unless: the diocese believes that civil or Church law requires it, or it is necessary to prevent or remedy harm or injury, even if unintentionally inflicted, or a violation of civil or Church law.
f. Personally identifiable information and email addresses are never to be sold in any circumstance.