The Code of Conduct provides guidance for professional conduct. The success and reputation of the university in fulfilling its mission depends on the ethical behavior, honesty, integrity and good judgment of each member of the community.

The Code of Conduct outlines principles, policies and some of the laws that govern the activities of the University and to which our employees who represent the University must adhere. Those acting on behalf of Pacific University Healthcare Clinic Operations have a general duty to conduct themselves in a manner that will maintain and strengthen the public’s trust and confidence in the integrity of the University and take no actions incompatible with their obligations to the University.

Those acting on behalf of the University in a capacity related to Health Care Clinics must practice and annually attest to and sign the Code of Conduct, Confidentiality of Records Agreement and Acknowledgement of Pacific University Healthcare Clinic Policies and Procedures.

PUNet ID Required to review
The form & policy were updated June 2024.

Healthcare Code of Conduct Form for Signature (6/2024)

The purpose of this policy is to establish a standard for training for all new and existing members of the Pacific University Healthcare Clinic workforce. This policy will cover initial, as well as periodic re-training standards. All workforce members of Pacific University receive training on current Federal, State and other applicable healthcare regulations. 

The scope of this policy is all workforce members of Pacific University’s Healthcare Clinics. Pacific University is a hybrid entity. Only the health care component (i.e., the covered functions) of Pacific University must comply with this policy. All references in this policy to “Pacific University Healthcare Clinics” shall be construed to refer only to the health care component of Pacific University.

PUNet ID Required to review
Updated June 2021

The purpose of this policy is to provide an environment conducive to and supportive of health and well being for all Pacific University Faculty, Staff, Students, and guests.  The strong relationship between diet and health and the increasing rates of weight problems make supporting healthy food choices at Pacific part of our commitment to health. Pacific University is committed to providing an environment that encourages healthy lifestyles among its employees, students, and partners.  As meetings are a central aspect of the workplace, the University asks individuals who organize meetings and events to include healthy food and beverage options when refreshments are served, and dedicated opportunities for physical activity. 

This document informs students that the illegal distribution of copyrighted materials may subject them to criminal and civil penalties and describes the steps that Pacific will take to detect and punish illegal distribution of copyrighted materials. Distribution of this information to students is required by the Higher Education Opportunity Act (HEOA).

Pacific University Compliance with the Higher Education Opportunity Act Peer-to-Peer File Sharing Requirements

The purpose of this policy is to set forth Pacific University’s process for addressing potential breaches of unsecured protected health information from incident discovery to investigation / risk assessment and potential notification. Pacific University has established a comprehensive HIPAA privacy and security program to prevent unauthorized access to protected health information (PHI). This policy sets forth Pacific's approach to investigating and responding to incidents that may involve unauthorized use or disclosure of PHI. 

It is the policy of Pacific University to be prepared for, to prevent and to respond to information security incidents. Once a security incident is suspected and reported to the privacy officer, he/she will analyze the available information in order to determine if the security incident constitutes a data breach as defined by the HIPAA Omnibus Rule. If it is determined that a breach has occurred, procedures to mitigate the harmful effects of the incidents including containing and eradicating the incident, will be put into place. Security incidents and their outcomes will be documented and stored electronically in a secure location.

PUNet ID Required to review
Updated March 2023

The purpose of this Policy is to set forth Pacific University’s process for applying sanctions for violations of Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security policies. Pacific University has established a comprehensive HIPAA privacy and security program to prevent unauthorized access to protected health information (PHI). This policy sets forth Pacific's approach to applying consistent sanctions upon completion of investigations. 

This policy applies to the workforce members of Pacific University’s Healthcare Clinics. Pacific University is a hybrid entity. Only the health care component (i.e., the covered functions) of Pacific University must comply with this policy. All references in this policy to “Pacific University” shall be construed to refer only to the health care components of Pacific University.

PUNet ID required to review.
Updated March 2023

Pacific University Sanctions MATRIX

Identification (ID) cards (Boxer Cards) are issued to Pacific University employees. An ID card may be required for admission to or participation in University programs.

The University ID card also serves as a library card. ID cards are issued by Campus Public Safety.

Pacific University developed this Identity Theft Prevention Policy pursuant to the Federal Trade Commission’s Red Flags Rule, which implements Section 114 of the Fair and Accurate Credit Transaction (FACT) Act of 2003. The purpose is to establish an Identity Theft Prevention Policy designed to detect, prevent and mitigate identity theft in connection with the opening of a covered account or an existing covered account and to provide for continued administration of the policy.

This protection policy applies to students, employees, board members, contractors, consultants, temporary workers, and other workers at the University, service providers, including all personnel affiliated with third parties.

Pacific University shall include policies and procedures to:

1. Identify relevant red flags to ensure the detection of possible risk of identity theft to customers and incorporate those red flags into the policy;
2. Detect red flags that have been incorporated into the policy;
3. Respond appropriately to any red flags that are detected to prevent and mitigate identity theft; and
4. Ensure the policy is updated periodically to reflect changes in risks to customers and to the safety and soundness of the creditor from identity theft

Administration of the policy is with the Vice President of Finance and Administration in development, implementation and oversight. This includes ongoing staff training and oversight of service provider arrangements to ensure compliance.

PUNID required to see full policy document. 

All employees hired by the University must present documentation establishing their identity and employment authorization in accordance with the immigration laws of the United States prior to hire and upon request of the University at any time after hire.

The Pacific University Libraries seek to advance critical inquiry, collaborative learning, and knowledge creation through dynamic services, spaces, and collections. The Libraries’ enactment of this mission is guided by our core values, which prioritize providing opportunities to engage with diverse ideas, providing services that contribute to equitable access to information, and the use of inclusive approaches to delivering services.

Aligned with this mission and these values, the Libraries provide information technology resources — desktop and laptop computers configured to allow unfiltered access to subscribed and open Internet information resources — that are available both to Pacific University students, staff, and faculty and to external community patrons for use in Libraries facilities. The primary intended purpose of these resources is to support the teaching, learning, research, service, and administrative activities of the Pacific community; a secondary purpose is to support the personal information technology/resource needs of the Pacific community and the academic and personal needs of external community members.

Access to these information technology resources and to subscribed and open Internet resources is provided in compliance with the American Library Association’s (ALA) Library Bill of Rights and the ALA Access to Digital Resources and Services: An Interpretation of the Library Bill of Rights statement.

This Computer/Internet Use Policy is intended to elaborate on and extend the Pacific University Appropriate Use Policy for Information Technology policy; library computer users should refer to that policy as the primary source of parameters, rights, and restrictions on the use of information technology in Libraries facilities.

The Inactivation of Courses Policy allows for the inactivation of courses that have not been offered in four years. Each year in early spring as part of the catalog update process, the Registrar’s Office will forward to each academic unit courses from that unit that have not been offered in 4 years, for review for inactivation.  Certain courses that may be offered infrequently, such as New/Special Topics courses, Internships and Independent Studies, will be excluded from the list.  If the program does not request that a certain course be kept active, the course will be inactivated when the catalog information is updated. If it is desired at a later date to reactivate the course, the unit will inform its curriculum approval entity, and then notify the Registrar’s Office to reactivate.

PUNet ID required to review policy document.

Grounded in the core theme of educating for student success, Individual Development Plans intend to guide graduate and postdoctoral students in their professional development and career planning.

Graduate students and post-doctoral researchers supported by funding from the National Institutes of Health (NIH) are required to develop Individual Development Plans (IDP). Required progress reports submitted to the NIH must include a copy of the University’s IDP policy, a description of whether the university uses IDPs, and how IDPs are used to assist in the career development of graduate students and postdoctoral researchers supported by NIH.  

Pacific University encourages graduate students and postdoctoral researchers to create and use IDPs to formulate academic and career goals and facilitate conversations with faculty advisors and mentors. All graduate students and postdoctoral researchers supported by NIH funding are required to have an IDP. The Office of Scholarship and Sponsored Projects offers graduate students, postdoctoral researchers, faculty advisors and mentors information on IDP resources, including templates and online resources.

PUNet ID required to review policy.

Information security related incidents impact Pacific University's (Pacific) security goals and may also harm its ability to conduct business. These incidents may be malicious in nature or accidental. Pacific has selected and implemented a set of safeguards, which are based on the result of risk assessments and information security standards. In the event of a security related incident, this policy addresses the methods for identifying, responding to and, when possible, preventing security incidents. The Incident Response Team includes the Information Security Officer, the Privacy Officer, the Director of Legal Affairs and may include other department directors as needed.

PUNID required to review this policy.

This policy sets forth Pacific's approach to applying sanctions upon completion of investigations regarding misuse of Protected Data. Attempting to obtain or use, actually obtaining or using, or assisting others to obtain or use Protected Data, when unauthorized or improper, will result in counseling and/or disciplinary action up to and including termination.

Pacific University has adopted this Information Security Sanctions Policy to ensure the confidentiality, integrity, and availability of all Protected Data we create, receive, maintain, or transmit as required by federal or state regulatory requirements, and other regional or local applicable laws and requirements.

Supplemental Document: FRM-UIS4508-1 Pacific University Sanctions Matrix

PUNID required to review this policy.

Appropriate management of access to protected health information is an important aspect of Pacific University's information security strategy.  Pacific University has adopted this Access Control Policy in order to recognize the requirement to comply with the Health Insurance Portability and Accountability Act (“HIPAA”).

The purpose of this policy is to establish a standard for HIPAA access control activities related to the Pacific University HIPAA Program.  Pacific is committed to take reasonable and appropriate steps to ensure that workforce members have the appropriate authorization to access ePHI.  This policy will cover initial, as well as periodic access control activities. 

PUNID required to review policy.

Appropriate management of access to Protected Data is an important aspect of Pacific University's information security strategy. The policy outlines requirements and process for granting members of the workforce appropriate levels of access to electronic Protected Date based on study or work-related duties and responsibilities. Policy also outlines the documented process for granting authorization and access to Protected Data.

PUNID required to review policy.

Most information systems, including electronic health records that contain ePHI have the ability to create log files, which describe the activity occurring to, or within the system. A timely review of system activity can give insight into potential issues that may negatively impact the security of protected health information.

The purpose of this policy is to establish Pacific University's compliance with federal HIPAA regulations including standard practices for reviewing system activity within information systems. These types of reviews may include the activity and access logs of Pacific University medical record systems which store ePHI.

PUNID required to review policy.

Information Systems Activity Review and Audit Policy

The goal of Information Systems Activity Review is to prevent, detect, contain, and correct security violations and threats to Protected Data such as unauthorized access to the information systems, suspicious data use, or tampering.

Designated workforce members in each college, school or department will review any unauthorized access to the information systems, suspicious data use or tampering. They will take appropriate action regarding potential system vulnerabilities, improve safeguards as needed, and work with the Pacific University Privacy Officer and/or the Information Security Officer on appropriate action items.

PUNID required to review policy.

Implementation Guidance Worksheet:
AA Legal Policies FRM-UIS4509-1 Healthcare System Activity Review and Audit Template 04-19