Data Privacy


FAMU’s data privacy program serves as a ​safeguard, ensuring the secure collection, processing, and storage of sensitive information ​on our campus. With an emphasis on compliance ​with privacy regulations and ethical data ​handling, this initiative aims to protect the ​confidentiality and integrity of personal data.

We establish protocols for risk management, user ​consent, and incident response, fostering a ​culture of responsible data stewardship. By ​prioritizing privacy, FAMU not only meets legal ​requirements but also builds trust with its ​community, fostering a secure online environment ​for students, faculty, and staff.

Florida A&M University Privacy Statement

Privacy Week Kick-Off with Chief Privacy Officer, La'Tonya Baker



Regularly update your phones operating system and apps to patch security vulnerabilities. Avoid clicking on suspicious links or downloading apps from unknown sources. They could be harmful and compromise your device. Install reputable security apps that can detect and remove malware, as well as provide additional layers of protection.



Nowadays, when you download a new app, open a new online ​account, or join a new social media platform, you will often be asked for ​access to your personal information before you can even use it! This ​data might include your geographic location, contacts, and photos. For these businesses, this personal information about you is ​tremendously value – and you should think about if the service you get ​in return is worth the data you must hand over, even if the service is free. Make informed decisions about sharing your data with businesses or ​services:

  • Is the service, app, or game worth the amount or type of personal ​data they want in return?
  • Can you control your data privacy and still use the service?
  • Is the data requested even relevant for the app or service (that is, ​"why does a Solitaire game need to know all my contacts")?
  • If you haven't used an app, service, or account in several months, is it ​worth keeping around knowing that it might be collecting and sharing ​your data?





Data privacy and data security go hand-in-hand. Along with managing ​your data privacy settings, follow some simple cybersecurity tips to ​keep it safe:

  1. Create long (at least 16 characters) unique passwords for each ​account and device. Use a password manager to store each password – ​maintaining dozens of passwords securely is now easier than ever.
  2. Turn on multifactor authentication (MFA) wherever it is permitted – ​this keeps your data safe even if your password is compromised.
  3. Turn on automatic device, software, and browser updates, or make ​sure you install updates as soon as they are available.
  4. Learn how to identify phishing messages, which can be sent as ​emails, texts, or direct messages.


Privacy Laws

The amendments are effective May 13, 2024. 

Family Educational Rights and Privacy Act (FERPA): FERPA is a federal law that protects the privacy of student education records. It applies to all educational institutions that receive federal funds, including universities. It grants certain rights to students and their parents regarding the access and disclosure of educational records.

The Gramm-Leach-Bliley Act (GLBA), also known as the Financial Services Modernization Act of 1999, is a federal law in the United States that addresses the privacy and security of consumers' nonpublic personal information held by financial institutions. The GLBA aims to protect the privacy of individuals by imposing restrictions on the disclosure of their nonpublic personal information to non-affiliated third parties.


The Federal Trade Commission (“FTC” or “Commission”) is issuing a final rule (“Final Rule”) to amend the Standards for Safeguarding Customer Information (“Safeguards Rule” or “Rule”) to require financial institutions to report to the Commission any notification event where unencrypted customer information involving 500 or more consumers is acquired without authorization. 

The Final Rule requires financial institutions to report notification events, defined as the unauthorized acquisition of unencrypted customer information, involving at least 500 customers to the Commission.  

The notice to the Commission must include:  

  1. the name and contact information of the reporting financial institution;  


  2. a description of the types of information that were involved in the notification event; 

  3. if the information is possible to determine, the date or date range of the notification event; 

  4. the number of consumers affected; 

  5. a general description of the notification event; and, if applicable, whether any law enforcement official has provided the financial institution with a written determination that notifying the public of the breach would impede a criminal investigation or cause damage to national security, and a means for the Federal Trade Commission to contact the law enforcement official.  


Get in touch!

Office of C​ompliance & Ethics
105 Foote-Hilyer Administration Center ​
Tal​lahassee, FL 32305
La'Tonya Baker