Search the business manual

• Introduction
• 1.0: Accounting Principles and Definitions
• 2.0: Chart of Accounts
• 3.0: Purchasing and Contracts
• 4.0: Travel
• 5.0: Payroll
• 6.0: Accounts Payable
• 7.0: Capitalization
• 8.0: Budget Process
• 9.0: Banking and Investments
• 10.0: Accounts Receivable
• 11.0: Inventory
• 12.0: Protection and Security of Records
  • Section 12 Introduction
  • 12.1 Purpose
    • 12.1.1 Scope and Restrictions
    • 12.1.2 Institutional Data Definition
    • 12.1.3 System Data Definition
  • 12.2 Data Governance and Management Structure
    • 12.2.1 Chief Data Officer
    • 12.2.2 Data Owner
    • 12.2.3 Data Trustees
    • 12.2.4 Data Stewards
  • 12.3 Data Classification
    • 12.3.1 Unrestricted Data
    • 12.3.2 Sensitive Data
    • 12.3.3 Confidential Data
  • 12.4 Data Access
    • 12.4.1 Data Access
    • 12.4.2 Data Documentation
  • 12.5 Privacy and Security
    • 12.5.1 Family Education Rights and Privacy Act (FERPA)
    • 12.5.2 Health Insurance Portability and Accountability Act of 1996 (HIPPA)
    • 12.5.3 Electronic Communications Privacy Act (ECPA)
    • 12.5.4 USA Patriot Act
    • 12.5.5 TEACH Act
    • 12.5.6 Gramm – Leach – Bliley Act (GLBA)
    • 12.5.7 Computer Fraud and Abuse Act (CFAA)
• 13.0: Financial Management and Information Systems
• 14.0: Agency Funds
• 15.0: Auxiliary Enterprise Funds
• 16.0: Audits
• 17.0: Affiliated Organizations
• 18.0: Major Repair and Rehabilitation Funds and GSFIC Projects Managed By Institutions
• 19.0: Miscellaneous
• 20.0: Required Reports
• 21.0: Study Abroad Programs
• 22.0: Federal Stimulus Funds
• 23.0: Unrelated Business Income (UBI)
• 24.0: Student Fees
• Updates and Revisions

12.4 Data Access

Data stewards will work together to define a single set of procedures for requesting access to sensitive elements of institutional data, and to document these data access request procedures.

12.4.1 Data Access

Data stewards at the institution are responsible for developing and obtaining approval of data access procedures and approving all requests for data access via these procedures. It is recommended that such a process be developed that includes the following steps:

1. Requests for access must be made in writing to the appropriate functional data steward. Such requests must include approval by the requestor’s supervisor or management, and should be specific as to the data needed and the purpose for accessing the data. All requests are maintained for use in case of a need to audit access permissions.

2. Upon approval by the functional data steward, the request is forwarded to the data administration unit of the institution’s Information Technology (IT) department for technical implementation via provisioning of accounts, login ids, or view access.

3. The requestor will be notified of their access, and will be provided a copy of the institution’s Data Stewardship & Access Policy, the relevant functional guidelines for use, and any restrictions on the data, such as the Family Educational Rights and Privacy Act regulations.

4. All data access will be reviewed and renewed on an annual basis by each functional data steward to ensure that the access remains appropriate.

Note: Permission to access data does not necessarily imply permission to change data. Data stewards will ensure that the proper access rights, such as read, write, modify, or delete, are given to users who request data access.

return to top

---

12.4.2 Data Documentation

Data stewards are responsible for documenting the data maintained within their functional area. This documentation should include, at a minimum:

• Data name;
• Data description;
• Data sensitivity;
• Data location;
• Data retention; and,
• Data backup plan.

Data stewards also have responsibility for documenting the meta-data about their data so that users are aware of the definitions, restrictions, or interpretations, and other issues that ensure the correct use of the data.

return to top

---

Contact Us

270 Washington Street, S.W.,
Atlanta, GA 30334
U.S.A.

Website Information

• Privacy Policy
• Accessibility
• Compliance & Ethics Reporting

Academics

• Academic Planning
• Academic Programs
• Educational Access and Success
• Faculty Affairs
• Health Workforce Planning & Analysis
• Information Technology Services
• Research & Policy Analysis
• Student Achievement
• Student Affairs

Administration

• Facilities
• Fiscal Affairs
• Georgia Public Library Service
• Human Resources
• Legal Affairs
• Strategic Planning

External Affairs

• Business Development
• Customer Focus
• Economic Development
• Government Relations
• Media & Publications

Board of Regents

Chancellor

Internal Audit & Compliance

USG Institutions

Newsroom

Policies & Reports