001.2016.02 - Access Appropriate to Roles and Responsibilities
Effective: April 7, 2016 (ref. 001.2016.02)
Drafted: February 1, 2016
Approved by DMC: April 7, 2016
I. Guideline: Access Appropriate to Roles and Responsibilities
Institutional leaders (executive, administrative, and operational) should have appropriate and timely access to detailed institutional data of sufficient breadth to make informed business and strategic decisions for their portfolios, colleges, schools, departments, or units. Furthermore, all UT employees should have timely access to institutional data for purposes relative to their formal job role(s) and responsibilities on behalf of the institution, be they technical, operational, or managerial. Conversely, institutional data should not, as a standard, be made available with breadth of scope or level of granularity that is not required for a legitimate institutional business need or completion of job duties as appropriate to institutional role(s).
Exceptions to this guideline require a request from, or sponsorship by, an executive officer and the consent of the applicable data steward.
To provide clarity on the use of institutional data relative to the quality work required of an employee and to ensure that needed information is readily available at the appropriate level of detail and scope for employee roles. This guideline mitigates risks associated with unintended use or interpretation of institutional data, inefficiencies associated with unnecessary reporting and processing of institutional data, and risks of inappropriate exposure of protected or sensitive data (ex: FERPA-protected).
Example: a Human Resources professional in a Dean’s Office should (most likely) have access to detailed position information for all employees across all departments in the college or school, but not for the entire institution. Further, they should not have access to student or course information (departmental or otherwise) that is not relevant to their HR role.
III. Scope & Audience
The guideline applies to all UT employees.
IV. Definitions (specific to these guidelines)
V. Website (for policy)
VII. Related Information
The Data Management Committee is currently developing a “Data Access and Use Guide” that further describes the appropriate uses of institutional data.
This guideline neither precludes nor supersedes any existing legal, regulatory, or university rule or policy.
VIII. Policy References
Last revision date: n/a