I manage systems that contain Sensitive data or access Sensitive data sources such as Banner and PeopleSoft. Do I have to get approval from the Data Steward?
First, if you are the individual WORKING with the Sensitive data, the answer is yes, you need authorization from the appropriate data steward. Second, if you MANAGE servers with Sensitive data on them, it would be best to contact the Data Steward and receive blanket permission from them for your team to manage the systems that contain the data. For example, OIT and the Data Stewards understand that OIT employees manage servers with Sensitive data on a day-to-day basis and have the approval to do so: “Certain OIT employees are granted a unique level of trust in order to provide information technology systems and services to the campus. With this trust comes unique responsibility. The nature of OIT job responsibilities gives these OIT employees access to institutional data and private files and correspondence. This data may be classified as Sensitive or Highly Sensitive, in accordance with the GIT Data Access Policy. Access to this information must only occur due to the nature of day-to-
Related Questions
- MOSS uses Kerberos to manage security and access to data in external database sources. How does DataParts application manage data access and security?
- Can a participant give consent for data archiving when the data contain sensitive information about other individuals?
- What is the difference between the data warehouse and transactional systems like IDMS and PeopleSoft?
