Andrews University Response to EU's GDPR

Andrews University provides a variety of educational options and has other interactions with residents of the European Union (EU). These interactions involve the storage and processing of information regarding these EU residents on Andrews University servers, which will likely be impacted by the new EU General Data Protection Regulation (GDPR). The responsibility for complying with the GDPR, as well as the consequence of any non-compliance, falls on the University as an institution—not its individual students, staff or faculty.

A University taskforce was established and has been working on the steps needed to meet the requirements of the GDPR. Generally, this focuses on providing appropriate disclosures and gaining consent regarding the data we collect and how it is used. Andrews University takes the privacy of all of its constituents seriously and will continue to do so as we work to meet the specific requirements of this new regulation.

All individuals residing in the EU should be assured that they may legally continue to interact with Andrews University systems as they apply, enroll and complete their courses and other requirements. The GDPR is intended to protect the rights of EU residents and does not limit or prevent individuals in the EU from participating in educational experiences at an institution outside of the EU, such as Andrews University. 

Lorena Bidwell
Chief Information Officer