RidgeStar
About
Locations
Manual
Preface
Introduction
Versions
Concepts
Construction
Usage
Operations
Assignment
Bulk Load
Data Prep...
Direct Deposit
Finances
Mail
Options
Messaging
Notification
Privacy
Reset Password
Schedule
UID Allocation
UID and SRC
User-Agent
USSF_API
Welcome
Questions
Features
Settings
Internals
Appendices
Reference
Service
Logon
RidgeStar

Manual: Operations-Privacy
Logontranslate
Get Started |Calendar |Locations

A RidgeStar Interactive Site's very nature is to collect and store certain "private" User information, including mailing addresses, phone numbers, email addresses, and birth dates. While much of this information is available from other sources (phone books, chapter mailings, etc.), RidgeStar Interactive Sites do NOT and should NOT make it publicly accessible.

Additionally, some Sites choose to store information like Social Security Numbers and bank account and credit card numbers. This information is NEVER made available to the public. Furthermore, only specifically authorized users (e.g. payroll administrators) may ever access this information.

RidgeStar Recommendations

In order to accomplish these privacy goals, RidgeStar recommends that your SiteSite follow these principles and procedures:

  1. Access to an Interactive SiteInteractive Site by any UserUser should require acknowledgement and acceptance of a usage Agreement
  2. All Private information about a User should ONLY be available to a viewing User AFTER that User has successfully identified himself/herself to the Site AND the disclosing User has approved of the disclosure through his or her ProfileProfile (this is why only certain User's have information available in the Directory).
  3. Collection of "at risk" information (such as SSN, Bank Account or Credit Card numbers) should be protected via SSL (Secure Socket Layer) support, which encrypts transmissions between the Server and the User's Browser.
  4. ALL Download and/or Extraction functions that include "at risk" information should be restricted to Administrators
  5. Only those Users with specific reason AND requirement for AdministratorAdministrator privileges should be given Administrator authority (DO NOT arbitrarily provide Administrator access - it is your biggest point of exposure for Privacy violations).

It is the responsibility of the Client organization to adopt proper Privacy Principles. RidgeStar will provide support for those functions that each Client requests. We believe this should include a commitment to protect all private information provided to the related Site by the User.


Copyright © 2024 by RidgeStar/webmaster@ridgestar.com
 RidgeStar