The Office 365 service listed above is an approved service
by the University of Tennessee and can be used to host institution data,
including FERPA-protected information as well as Protected Health Information
(PHI) or other materials and information covered by the Health Insurance
Portability and Accountability Act of 1996 (HIPAA).
As Business Associates defined by HIPAA, Microsoft & UT
are required to comply with additional obligations under the Privacy Rule,
Breach Notification Rule, and Security Rule that relate to Use, access, and
Disclosure of PHI. Microsoft will use reasonable and appropriate safeguards to
prevent inappropriate Use and Disclosure of Protected Health Information. Additionally, Microsoft will use reasonable
and appropriate safeguards to protect Personally Identifiable Information
UT users must implement privacy and security safeguards for
data stored in Microsoft online services such as OneDrive. HIPAA, PHI and PII
can be stored in OneDrive if they're encrypted in transit and at rest. OIT recommends encryption of any sensitive
data. Please contact your security liaison or college/department IT
representative for more information.
In addition to adhering to UT’s Acceptable Use of
Information Technology Resources policy (http://oit.utk.edu/aup),
users are responsible for frequently reviewing the Office 365 Privacy Notice
and Acceptable Use Policy that can be accessed from the Help menu to ensure
ability and willingness to comply with all applicable terms. The University of
Tennessee is not responsible for user compliance with these terms.
Note that Office 365 is not a Covered Program per UT Safety
Policy SA0575 - Programs for Minors (http://policy.tennessee.edu/safety_policy/sa0575/).
Knoxville, Tennessee 37996 | 865-974-1000
The flagship campus of the University of Tennessee System