Specific Research Foundation (RF) personnel records are maintained in an employee's personnel file, which is a permanent and confidential file. By maintaining this confidential file, each person's privacy as an employee is protected. For more information on personnel files, refer to Personnel Files.
Information about employees that is maintained in electronic databases must also be held in strict confidence, unless there is a legitimate business need or legal reason to provide it to another organization.
As a private, nonprofit corporation, the Research Foundation is not obligated under the New York State Freedom of Information Law to release information regarding its employees. However, as appropriate, certain types of information regarding an employee can be released upon request by vendors, governmental agencies, subpoenas, nongovernmental agencies, and employees.
With respect to applicants or employees, the Research Foundation will collect and retain only such personnel information as is required to effectively conduct Research Foundation business and as is necessary to administer personnel programs.
The Research Foundation regards an employee's personnel records as confidential and respects the need for protecting each person's privacy.
The Research Foundation will respond directly to requests for information regarding RF employees as appropriate. The RF reserves the right to withhold from inspection certain sensitive information, including third-party references, confidential management documents or plans, and information on security or criminal investigations, except when such restrictions are prohibited by law.
Protected Health Information (PHI) is defined as any personally identifiable information about an employee's past, present, or future health or condition, the provision of health care, or the payment of health care. The Research Foundation will not use or disclose the PHI of an employee or the employee's covered dependents without the employee's or dependent's written consent, unless it is being used to the minimum extent necessary for treatment, payment, or health care operations. This may occur as part of the administration of a health, dental, or vision care plan.
For more information, see the Notice of Privacy Practices (NPP).
Written requests for information regarding Foundation employees generally originate from the following sources: vendors, governmental agency requests, subpoenas, nongovernmental agency requests, and employees.
There may be legitimate business reasons for providing employee names and addresses to vendors, e.g., when a Research Foundation benefit plan needs to mail out program materials. The Employee Mailing List Vendor Letter of Agreement should be completed and signed before an employee name and address file is given to a vendor. If arrangements are made by an operating location, approval should first be obtained from the central office for Benefits Development.
Written requests from governmental agencies for specific information regarding an employee's salary or dates of employment should be honored. If operating location personnel question the need to comply with an unusual request, the central office of Employee Services should be consulted.
In addition to consulting with that office, the central office of General Counsel and Secretary will provide legal counsel in this situation as appropriate.
A copy of the written request and the response should be retained in the employee's personnel file.
Information subpoenas from governmental agencies may be honored on a routine basis. For other types of subpoenas requesting employee information, the central office of General Counsel and Secretary should be contacted before responding to the subpoena.
In order to protect the privacy of employees, nongovernmental requests for information should not be routinely honored. These requests should be honored only when in writing and accompanied by a written authorization from the employee to release the information. A copy of the written request and employee's written authorization and response should be retained in the employee's personnel file.
Upon request, current and former Foundation employees will be permitted access to the information in their personnel file. Employees will be given access to their personnel file only in the presence of a staff member in the office responsible for personnel matters and at a mutually convenient time and place.
The Foundation reserves the right to withhold from inspection certain sensitive information except when such restrictions are prohibited by law. This sensitive information includes third-party references, confidential management documents or plans, and information on security or criminal investigations.
For information on access to Protected Health Information under HIPAA, refer to the form Request for Special Handling of Protected Health Information (PHI).
Was this document clear and easy to follow? Please send your feedback to firstname.lastname@example.org.
Copyright © 2012 The Research Foundation for The State University of New York