Escolar Documentos
Profissional Documentos
Cultura Documentos
Subject UGA Data Access Policy Office of UGA Office of Information Security Primary Responsibility Address University of Georgia Computer Services Annex Athens, Georgia 30602-1911 Distribution University-wide On-Line https://infosec.uga.edu/policies/ Publication
Review On Authorized By
Brian Rivers
1 Overview The University of Georgia (UGA) shall approve access to Sensitive Institutional Data in order to ensure that access to sensitive data is authorized, that sensitive data with a need for protection are used appropriately and that authorized access complies with the UGA Privacy
2 Scope This policy governs access to Sensitive Institutional Data. Requests for records by the public are outside of the scope of this policy and shall be handled by the Open Records Manager in the UGA Office of Public Affairs. This policy does not supersede circumstances in which the University is legally compelled to provide access to information.
3 Policy
3.4 Data Stewards are Responsible for Procedures for Requesting and Approving Access
Data Stewards must ensure that procedures for requesting and approving access to Sensitive Institutional Data exist and are followed. The procedures for requesting and approving access will necessarily vary from Data Steward to Data Steward and among groups of Data Users. However, all procedures shall include sufficient tracking for requests, approvals, and expiration of approvals such that authorized access to Sensitive Institutional Data is auditable.
5 Review and Measurement The Office of the Chief Information Officer, in cooperation with the University Security Committee, will review this policy on an annual basis. This policy may also be used for auditing purposes by the UGA Office of Internal Audit (IT Audit) team.
6 References