P3605 Electronic Data Security

All access to computer data shall be controlled by Information Services and Technology. 

Administrative Implemental Procedures

1. The appropriate division or department shall be assigned the responsibility for determining access to computer data (reports or online) at the time computer applications are developed. 
2. Persons desiring to access computer data (reports or online) shall have the approval of the appropriate division or department responsible for the application area. Each supervisor shall be responsible for notifying Information Services and Technology whenever there is a change of job status of an individual having a password for online access to data. 
3. Individual passwords shall not be shared with or recorded in any location that is accessible to any other person. 
4. Access to student education records shall be restricted to those employees with legitimate educational interests, as outlined by the Family Educational Rights and Privacy Act (FERPA), 20 U.S.C. § 1232g, as amended, and its interpretive regulations, 34 C.F.R. § 99.1, et seq. Employee access shall be further limited only to the records of those students for whom the employee has a legitimate educational interest. Access will be monitored to ensure compliance with FERPA. 

Administrative Responsibility: Information Services and Technology 

Latest Revision Date: May 2011 

Previous Revision Date: March 2000 P3605 

Updated administratively for alignment purposes: February 2014

Download P3605