Each year, MIT will review this Program to ensure that it is operating in a manner reasonably calculated to prevent unauthorized access to or use of PIRN. Information safeguards will be updated as necessary to limit risks.

Compliance with this Program will be reviewed as part of regularly scheduled operational and IT audits conducted by MIT's Audit Division.

MIT employees whose behavior is inconsistent with this Program will be subject to MIT disciplinary action, up to and including termination. See MIT HR Policy 6.0 Termination for Employment. Enforcement actions relative to MIT faculty, students, temporary employees or others who compromise the protection of PIRN will be addressed on a case-by-case basis.