UCPPD provides processes and structures for best practices regarding the security and protection of personal data in possession of the University, including:

  • Oversight of activities needed to implement the Red Flags Rule
  • Review current campus collection and uses of social security numbers and other personal identifying information as defined by the North Carolina Identity Theft Protection Act
  • Approving or disapproving such collection and use of personally identifiable information
  • Reviewing security measures associated with hard copy forms and electronic templates that contain personally identifiable information
  • Documenting the University’s processes for the collection and use of personally identifiable information (including Social Security numbers)
  • Recommending institutional changes needed for continuing compliance or best practices


Name Office Position
Micki Jernigan, Chair Information Technology Services Chief Privacy Officer
Kevin Lanning Information Technology Services Chief Information Security Officer
Chris Garriss Internal Audit Information Systems Auditor
Dwayne Pinkney Office of the Executive Vice Chancellor and Provost Senior Associate Vice Chancellor and Chief Financial Officer
Rich Arnold Office of Human Resources Senior Director, HR Information Management
Jenny Boucher Office of University Counsel Litigation and e-Discovery Paralegal
Roberta Norwood Office of University Registrar Associate University Registrar Registration and Scheduling

Additional Resources

UNC GA Memo re Red Flag Rules (pdf)

UNC GA Model ID Theft Program (pdf)

NC State Controller Red Flag Rules Advisory Memo

Red Flags Rule (16 C.F.R. Section 681.1)

Appendix A to Part 681—Interagency Guidelines on Identity Theft Detection, Prevention, and Mitigation (Published as an appendix to the Red Flags Rule, provides an outline for developing a program.)

Supplement A to Appendix A (Provides examples of Red Flags – scroll about halfway down page)