Section 53B-28-503 - Institution student data protection governance(1)(a) An institution shall adopt policies to protect student data in accordance with this part and board rule, including the standards the board establishes under Subsection 53B-28-502(5).(b) The policies described in Subsection (1)(a) shall take into account the specific needs and priorities of the institution.(2) The board shall designate a higher education privacy officer.(3) The higher education privacy officer shall: (a) verify compliance with student privacy laws, rules, and policies throughout the Utah System of Higher Education;(b) support institutions in developing data governance plans and student data privacy training; and(c) act as the primary point of contact for the state privacy officer.(4) An institution shall: (a) designate an individual to act as the primary contact for the higher education privacy officer;(b) create and maintain an institution: (i) data governance plan that complies with the standards the board establishes under Subsection 53B-28-502(5); and(ii) record of student data privacy training; and(c) annually publish the institution's data governance plan on the institution's website.Added by Chapter 461, 2022 General Session ,§ 5, eff. 7/1/2022.