Confidentiality of Inst Info & Research Data

Policy Number ITS-007
Effective Date November 01, 2019
Responsible Office/Person Administration & Finance
Related Policies

I.    Introduction

Ethical, legal, and professional responsibility rules require appropriate management of institutional information and research data by all stewards and custodians (confidentiality). This policy establishes the foundational roles and rules of information management.

II.    Policy Statement

All information and data stewards and custodians will abide by ethical, legal, and professional responsibility rules in the maintenance and appropriate use of institutional information and research data.

Ill. To Whom This Policy Applies and Responsibilities

  1. This policy applies to every person (employee, volunteer, etc.) who has access, manages, or manipulates institutional information and research data.
  2. Institutional Information and Data Stewards
    1. Scope: Stewards have the highest level of responsibility for administering the privacy, security, and regulatory compliance of data sets under their purview (e.g., education records, human resources, financial data).
    2.  Authority/Responsibility: Information and data stewards authorize access and deactivation of individual custodians with a business need to access, manage, or manipulate institutional information and research data.
    3. Stewards must provide training in the proper handling and management of institutional information and research data for custodians under their authority.
  3. Institutional Information and Data Custodians
    1. Scope: Custodians are any individuals (employees, volunteers, etc.) who access, manage, or manipulate institutional information or research data.
    2. Authority/Responsibility: Custodians must follow campus policy and stewardship rules for handling of institutional information and research data.

IV. Standards

This policy requires adherence to ethical, legal, and professional standards, including, but not limited to:

  1. Institutional need-only access, management, and manipulation of institutional information and research data (i.e., no "administrative voyeurism").
  2. Disclosure of institutional information and research data in compliance with law, campus policy, and stewardship rules.
  3. The obligation not to facilitate the violation of administrative policies or the circumvention of technical or physical safeguards by others.

V. Approval

David Gingerella, VCAF

Dr. Mohammad Karim, Provost/COO

Dr. Robert E. Johnson, Chancellor

Download File