Use of the Social Security Number at the University of Connecticut, Policy on

Title: Use of the Social Security Number, Policy on
Policy Owner: Information Technology Services / Chief Information Security Officer
Applies to: Faculty, Staff, Students
Campus Applicability: All campuses except UConn Health 
Effective Date: August 30, 2021
For More Information, Contact Director of IT Security, Policy and Quality Assurance
Contact Information: or 
Official Website:


To protect the confidentiality and privacy of students and employees of the University of Connecticut regarding the collection, use, and disclosure of Social Security numbers. Social Security numbers have been used to uniquely identify students and employees in various University systems. As systems are updated and replaced, the reliance on Social Security numbers should be used only as required. 


This policy applies to all University faculty, staff, students, student employees, volunteers, and contractors who have access to or have been assigned one of the roles defined in this policy. 


In order to protect the Social Security number of its students, staff, faculty and affiliates, the University of Connecticut will: 

  1. Discontinue the collection of Social Security numbers, except where necessary for employment records, financial aid records, and other business and governmental transactions as required by law or to satisfy a business requirement when permitted by law. 
  2. Develop a University of Connecticut identifier to be assigned to all students, faculty, staff and other individuals associated with the University, to uniquely and permanently identify the individual. This identifier will be considered public information and be assigned and distributed to the individual upon initial association with the University. It will be used in all electronic and paper data systems to identify, track and service the individual. 
  3. Ensure that no new systems or technology purchased or developed by the University of Connecticut  use the Social Security number as its primary key to the database, except where required by law. Any exemption to this policy must be approved by the Office of University Compliance. 
  4. Ensure that new systems or technologies purchased or developed by the University of Connecticut will use Social Security numbers as data elements only (not as keys to databases) when required by law or business necessity. Approval by the Council of Data Stewards is required for inclusion of the Social Security number in databases. 
  5. Ensure that all requests, either verbal or written, for which faculty, staff or students are required to provide their Social Security number contain or have appended to them a statement explaining the University’s request (i.e., the legal obligation on which the request is based, if there is one, and how the Social Security Number will be used).  
  6. Ensure that all requests, either verbal or written, for which faculty, staff or students are requested to voluntarily provide their Social Security number contain or have appended to them a statement explaining the University request and its purpose. The statement must indicate that no service or privilege will be withheld upon failure to provide the Social Security number and that the person may use the identifier provided by the University of Connecticut in place of the Social Security number. 
  7. Ensure that any request for any form or document that contains the Social Security number, where the Social Security number is not the primary reason for the request, be accompanied by a statement indicating that the Social Security number is not required and should be blanked out on the form or document prior to being provided. 
  8. Ensure that no new systems purchased or developed by the University of Connecticut display Social Security number visually, whether on computer monitors or on printed forms or other output, unless required by law. 
  9. Access to Social Security numbers in online systems must be restricted as appropriate and visible only for required or approved uses. 


Violations of this policy may result in appropriate disciplinary measures in accordance with University By-Laws, General Rules of Conduct for All University Employees, applicable collective bargaining agreements, and the Student Code.  

Questions about this policy or suspected violations may be reported to any of the following: 

Office of University Compliance: (860-486-2530) 

Information Technology Services Tech Support: (860-486-4357) 

Information Security Office 


Policy created: 08/2008   

Revisions: August 30, 2021  [Approved by President’s Senior Team]