|
Any
KU department that accepts monetary funds is responsible for the safety and security
of these funds. Funds include cash payments, checks and credit card
information.
Anytime payments are accepted,
the department must keep these monies in a secure location. Limited access is
advised. Information is contained on the check and with the credit card
information that is considered confidential and should be treated as such.
Departments should make daily
deposits to the Bursar’s Office. Deposits should be prepared using two staff
members. Secure outside drop boxes are available for after-hour convenience.
Cash:
·
Cash (currency and coin) is the most
liquid form of payment; that is the most easily misappropriated. Cash must be
protected against loss upon receipt and at all points thereafter. Physical
security is the most important aspect of cash handling.
·
Receipts for cash payments must be
provided to the payee. See
https://documents.ku.edu/policies/comptroller/Comptroller-Bursar-DeptReceipts.htm
for more information.
Checks:
·
Upon receipt, checks should be
immediately endorsed.
·
Before depositing these funds with the
Bursar’s Office, these checks should be kept in a secure location.
Credit
card information:
·
Credit card information should never be
accepted/transmitted via fax or email.
·
Documents and forms that contain credit
card information that is mailed to an office should be considered
confidential and kept secure in a locked area. Limited access is advised.
Consideration should be given to shredding this information as soon as it has
been processed.
·
Phone orders taken that contain credit
card information should be considered confidential and kept secure in a
locked area. Limited access is advised. Consideration should be given to
shredding this information as soon as it has been processed.
·
Credit card information should not be
stored in any kind of database or spreadsheet.
To avoid
inadvertent release of confidential or sensitive information, comply with
regulatory mandates and minimize risks to users and the institution, each department
is required to engage all measures and effort to maintain confidentiality of
any and all internally received, processed and/or otherwise managed
information that hold or utilize data sets containing student
information/records, personally identifiable information such as social
security numbers, credit card numbers, banking information and other
categories of data that are protected by federal or state laws or
regulations. Such data must be secured regardless of the type of information
they utilize. This applies to customer receipt vouchers, transaction tapes,
paper checks, screen prints, emails, and reports to which unauthorized
individuals may gain access in your environment. Access to sensitive
information should be limited and regulated by procedure. Information should
be stored properly on a daily basis to ensure safety and internal control.
|
