Skip to main content

Web Content Guidelines

These guidelines have been created to inform content managers of the requirements for publishing web content in the College of Life Sciences and BYU.

General Requirements

Because public-facing websites represent the College of Life Sciences and BYU, websites should maintain a neat and professional appearance. The tone and content of any text, images, documents, and other media made available on the site should be in keeping with the mission of the College and BYU. All web content must abide by the following standards:

Logos and Marks

The list of approved BYU logos and marks as well as the rules governing their use are found at and Creation or display of unapproved logos for BYU organizations is prohibited.

Look & Feel

The Life Sciences Web Team has adopted the BYU Websites Platform provided by University Communications and the Office of IT in order to provide a secure, ADA accessible, and professional web environment to host the College’s websites. This system is closely monitored by BYU's branding and accessibility teams to ensure the standards are observed in compliance with BYU's branding and accessibility policies. The LS Web Team reserves the right to make changes to bring pages into compliance with these standards.


Due to the amount of control given to Content Managers, there exists the potential for exposing confidential data and creating security vulnerabilities. As an academic institution, BYU is subject to the Family Educational Rights and Privacy Act (FERPA). This law limits what student information can be displayed. BYU’s strategy for complying with FERPA can be found at The section titled “Directory Information” lists the data that can be publicly displayed. Any other student information is considered confidential and may only be displayed to approved personnel.

In addition, members of the BYU Life Science Web Team are required to complete HIPAA training in the event that their work requires them to interact with protected Personal Health Information (PHI). Some features of the Content Management System (CMS) allow the gathering of information from website visitors. Whenever unauthenticated visitors have the ability to enter data that is displayed on the website, the potential exists for a website attack called cross-site scripting. (For more information on cross-site scripting, please refer to To eliminate the potential for this type of attack, any information gathered from website visitors must be reviewed before being publicly displayed. In addition, any opportunities for visitor input must be protected by a captcha ( or require that the visitor be logged-in.