Access Appropriate to Roles and Responsibilities

001.2016.02 - Access Appropriate to Roles and Responsibilities

Effective: April 7, 2016  (ref. 001.2016.02)

Drafted: February 1, 2016

Approved by DMC: April 7, 2016

I. Guideline: Access Appropriate to Roles and Responsibilities

Institutional leaders (executive, administrative, and operational) should have appropriate and timely access to detailed institutional data of sufficient breadth to make informed business and strategic decisions for their portfolios, colleges, schools, departments, or units. Furthermore, all UT employees should have timely access to institutional data for purposes relative to their formal job role(s) and responsibilities on behalf of the institution, be they technical, operational, or managerial.  Conversely, institutional data should not, as a standard, be made available with breadth of scope or level of granularity that is not required for a legitimate institutional business need or completion of job duties as appropriate to institutional role(s). 

Exceptions to this guideline require a request from, or sponsorship by, an executive officer and the consent of the applicable data steward.

II. Purpose

To provide clarity on the use of institutional data relative to the quality work required of an employee and to ensure that needed information is readily available at the appropriate level of detail and scope for employee roles. This guideline mitigates risks associated with unintended use or interpretation of institutional data, inefficiencies associated with unnecessary reporting and processing of institutional data, and risks of inappropriate exposure of protected or sensitive data (ex: FERPA-protected). 

Example: a Human Resources professional in a Dean’s Office should (most likely) have access to detailed position information for all employees across all departments in the college or school, but not for the entire institution.  Further, they should not have access to student or course information (departmental or otherwise) that is not relevant to their HR role.

III. Scope & Audience 

The guideline applies to all UT employees. 

IV. Definitions (specific to these guidelines) 

V. Website (for policy) 

http://www.utexas.edu/cio/itgovernance/business-services/data-management-committee/guidelines/DMCG001201602-AccessApprop

VI. Contacts 

Contact

Email

WebSITE

DMC Chair

contact_dmc@utlists.utexas.edu

http://www.utexas.edu/cio/itgovernance/business-services/data-management-committee

VII. Related Information 

The Data Management Committee is currently developing a “Data Access and Use Guide” that further describes the appropriate uses of institutional data.

This guideline neither precludes nor supersedes any existing legal, regulatory, or university rule or policy.

 

VIII. Policy References

DMC Guideline005.2016.03 Definition of Institutional Data

IX. History

Last revision date: n/a