Graduate Admissions Data Security
Data Warehouse Access Prerequisites
The Graduate Admissions data collection is part of the University of Pennsylvania's Data
Warehouse. Access to the Data Warehouse requires three things. You
- permission - see the eForms page for requesting permission to the collection
- a query tool
Click here for more
Student Data Collection and Provost Reports Access
Individuals wish to also query information about applicants who matriculated to Penn can request acces to Student data separately. In addition, there is a separate request process for access to the reports in the Provost folder in InfoView. Student and Provost reporting each have their own eForms. For information about Student collection
access prerequisites, click here.
Regulations and Policies on Student Data
Federal regulations regarding access to student data are spelled out in
the Family Educational Right to Privacy Act (Buckley Amendment), commonly
known as FERPA. For more information, see http://www.upenn.edu/computing/da/dw/student/ferpa.html.
The University's policy on the Confidentiality of Student Records is
available at http://www.upenn.edu/privacy/policies_publications.htm
Releasing Data Outside the University
Only the Office of Institutional Research should release Graduate Admissions data to external requests.
Keep a Log
You might want to keep a log of the reports you create, even if you are
giving it to someone within the University. The log might include:
- Who requested the data.
- When they made the request.
- What data they requested.
- Why they requested the data/how they planned to use it.
- What query and/or report you used.
Query Results. If you save your query results as Excel, pdf, or other type of local file, you must
see to it that any sensitive data stored on your peronal computer is safeguarded
through physical security, access control software, or encryption.
- Examples of physical security are locked offices and locked keyboards.
- Examples of access control software are a screen saver with password
protection (which your computer has been set up to initiate at startup)
or specialized desktop security software.
- If you encrypt your query results, you will need to decrypt them before
accessing them with Business Objects.
- When a computer is left signed to an account, it is easy for someone to
gain unauthorized access. Either sign off from your account before you
leave your computer or restrict access by some other means (physical security
or access control software).