DMC Guideline: Data Access Appropriate to Roles and Responsibilities
Effective:April 7, 2016 (ref. 001.2016.02)
Drafted: February 1, 2016
Approved by DMC: April 7, 2016
Policy Owner: DMC Chair
I. Guideline: Data Access Appropriate to Roles and Responsibilities
Institutional leaders (executive, administrative, and operational) should have appropriate and timely access to detailed institutional data of sufficient breadth to make informed business and strategic decisions for their portfolios, colleges, schools, departments, or units. Furthermore, all UT employees should have timely access to institutional data for purposes relative to their formal job role(s) and responsibilities on behalf of the institution, be they technical, operational, or managerial. Conversely, institutional data should not, as a standard, be made available with breadth of scope or level of granularity that is not required for a legitimate institutional business need or completion of job duties as appropriate to institutional role(s).
Exceptions to this guideline require a request from, or sponsorship by, an executive officer and the consent of the applicable data steward.
To provide clarity on the use of institutional data relative to the quality work required of an employee and to ensure that needed information is readily available at the appropriate level of detail and scope for employee roles. This guideline mitigates risks associated with unintended use or interpretation of institutional data, inefficiencies associated with unnecessary reporting and processing of institutional data, and risks of inappropriate exposure of protected or sensitive data (ex: FERPA-protected).
Example: a Human Resources professional in a Dean’s Office should (most likely) have access to detailed position information for all employees across all departments in the college or school, but not for the entire institution. Further, they should not have access to student or course information (departmental or otherwise) that is not relevant to their HR role.
III. Scope & Audience
The guideline applies to all UT employees.
IV. Definitions (specific to these guidelines)
Executive Officer– Institutional administrators holding President, Provost, Sr. Vice President, Vice President, Sr. Vice Provost, or Vice Provost titles, specifically, who represent a campus-wide perspective on the importance and prioritization of initiatives and can, therefore, speak on behalf of the institution.
Data Steward– the operational managers for data captured and processed by system(s) of record (authoritative systems) for a given subject area domain (ex: accounting, budget, students, faculty, etc.). Example: the Registrar is the Data Steward for student enrollment data.
Granularity– relative to data, the level of detail represented by each consumable record, as opposed to the level of aggregation. Example: data representing individual payment transactions would be considered very granular, while subtotals of payment transactions per day would be less granular; totals of all payments for a year would represent highly-aggregated data and would not be considered granular at all.
Institutional Data– defined by the DMC (see Guideline 005.2016.03) as any information (in any form, location, or unit) that satisfies at least one of the following criteria:
· It is created, received, maintained, or transmitted in the management and operation of educational, clinical, research, or business activities.
· It is used for analysis to guide and inform the strategic priorities of the university.
· It is substantive, reliable, and relevant to the planning, managing, operating, controlling, documenting, staffing, or auditing of one or more major administrative functions of the university.
· It is used in the fulfillment of statutory, regulatory, accreditation, or other required reporting obligations of the university.
· It is used to derive any data element that meets the above criteria.
Institutional Data Store (IDS)– the collection of physical and virtual infrastructure, software, and data, managed by the Information Quest (IQ) department, that serve as the central data store to which data from “systems of record” are stored for broad-based retrieval by campus users for the purpose of informing decision-making. While the Institutional Data Store (IDS) is the primary repository for historical, trend, and cross-functional data, it represents only a subset of “all” data that may exist at the university. Data are loaded into the IDS on a priority basis, taking into consideration mission-critical, legal, and regulatory uses of information, major institutional initiatives requiring data, and breadth of use (and applicability) of the data across campus.
Scope– relative to data, the breadth of the institution to which the data pertains. Example: HR data for a single department would represent a relatively narrow scope, while HR data for all departments within a college or school would represent a broader scope, with institution-wide access to HR data being the broadest possible scope within UT.
V. Website (for policy)
VII. Related Information
The Data Management Committee is currently developing a “Data Access and Use Guide” that further describes the appropriate uses of institutional data.
This guideline neither precludes nor supersedes any existing legal, regulatory, or university rule or policy.
VIII. Policy References
DMC Guideline005.2016.03 Definition of Institutional Data
Last revision date: n/a