Dear [First Name],

You have been identified as an existing Dynamic Forms user. This message serves as a best practice notice for the proper use of the Dynamic Forms tool and a guide for information about the University's data protection policies.

As referenced in the Data Classification policy, there are many forms of data that are protected by University policy, including:

• PII (Personally Identifiable Information) and/or Personal Data: Any information that can be used to distinguish or trace an individual's identity, such as name, social security number, date of birth, etc.
• PHI (Protected Health Information): Any health-related or identifiable information pertaining to patients or research participants of the University of Miami.
• NPI (Non-public Personal Information): Any information an individual provides to the University in the context of providing a financial product or service to that individual (e.g., student financial aid, etc.).

IMPORTANT GUIDELINES

1. Your department's use of the Dynamic Forms tool must conform with the following guidelines:
   
   • Information requested must not exceed the minimum amount of information needed to accomplish the task(s) at hand.
   • Information must not be shared outside the collecting organizational department/unit.
   • Information must not be downloaded onto a non-University issued device.
   • Consider whether the information you are collecting may be done so anonymously.
     
     
2. Dynamic Forms is NOT approved by the University of Miami for capturing PHI (Protected Health Information) and/or for use by any clinical department/unit associated with UHealth.
   
   
3. If your department/unit requires the use of any NEW or MODIFIED templates using Dynamic Forms, you must email University Compliance Services at: ucs@miami.edu. The University's Data Protection Officer will then review the contents of the new or modified form template. Upon submission of your form, please include the following:
   • The name of the department using form.
   • The categories of the individuals submitting information.
   • A draft of the form including all data elements being requested.

Please be advised that University of Miami Information Technology is currently doing an inventory around data for all existing form templates, and departments that own those templates who require template changes will be required to participate.

If you have any questions regarding the Data Protection policy and/or this message, please contact the Information Security Office at infosec@miami.edu.