DG 1.02pr - Data Security/Access :
Employees are granted access to relevant data in order to perform assigned duties or in fulfillment of assigned roles or functions at the college. This access is granted solely to conduct college business.
The Data Security/Access Team, under the Charter of Edmonds' Data Governance Committee (DGC), will approve level of access privileges to college data systems, as authorized by data authorities or their designees. The team will implement and administer controls over the data that employees need to conduct college business; prevent unauthorized access to systems, data, facilities, and networks; and prevent any misuse of, or damage to, computer assets or data. This procedure covers institutional data stored in any college owned or maintained database, or on paper or scanned files.
The functional requirements which are listed in a college job description determine the type of data and the level of system access employees need to perform their job. These requirements are used to develop and assign a specific User Profile and Security Role for each employee. The defined User Profile and the Security Roles provide the basis for requesting employee access, while maintaining the security and integrity of college data. Levels of access are defined in a section below.
The Data Security/Access Team, under the Charter of the Data Governance Committee, is responsible for maintaining a list of security access assigned to each role mapped to individual employees, in order to ensure the security and integrity of college data and systems.
Supervisors will request employee access via Data Stewards representing each functional area of the college who are then responsible for requesting access to data for employees within their functional areas. The college's appointed Data Stewards and the DGC are responsible for implementing this procedure. Data Stewards will monitor college data and system usage within their areas to ensure a secure office environment with regard to the data and systems. Data Stewards shall validate the access requirements of staff in their functional areas, according to job functions, before submitting requests for access. The access requests are reviewed and acted upon by the Data Governance Committee.
Levels of Access
RELATED POLICIES AND PROCEDURES
DG 1.0 Data Governance
DG 1.01pr Data Governance Committee Charter
DG 1.03pr Data Flow/Availability
DG 1.04pr Data Use/Reporting
DG 1.05pr Data Integrity/Quality
CONTENT OWNER. The primary responsibility for this policy belongs to:
Office of the President
PRIMARY CONTENT CONTRIBUTOR (Director/Dean)
Senior Executive Director of Institutional Effectiveness and Grants
2018-Dec 10 Approved by President's Cabinet