Penn Computing

Penn Computing

Computing Menu Computing A-Z
Computing Home Information Systems & Computing Penn

  
  UPDATES
Current Load Status
Regular Availability
  
  INFORMATION
FAQs & Tips
Password Changer
Support services
Security
About the Data Warehouse
Data Administration
  
  DATA COLLECTIONS
Advancement
Assets
BRIM
Express Mail
Facilities
Faculty
GAR
General Ledger
Infrastructure
ISSS-iOffice
Learning Management
Position Inventory
Research-PennERA Proposals
Salary Management
Student
Travel Expense Management
Tuition Distribution
Cross-Collection

Academic Planning Worksheet Data Collection - Data Security

Academic Planning Worksheet Data Collection Access Prerequisites

In order to use Academic Planning Worksheet data in the Data Warehouse, you must provide an explanation of why you need to use these data, and what you plan to do with your query results.

In addition, anyone using any type of student data collection must have Student Records System (SRS) access before they can query the data collection in the Data Warehouse. Users must complete a Student Data Access Request form and obtain supervisor and school access administrator (the same person who approves SRS accounts) signatures before sending the form to Data Administration. Users of student data must also take the online course.

For people who will be using InfoView only (refreshing the canned reports on the Business Objects repository), and not creating or editing their own queries, the above training is not mandatory though it is still recommended. In addition, the online course on Building Worksheets is recommended. See training for additional information.

Releasing Data Outside the University
The only two offices that may disclose Student Data outside the University are the Office of the University Registrar and Institutional Research. If you do not work for those offices and you receive a request for data to be sent outside the University, refer the requester to the Office of the University Registrar.

Keep a Log
You might want to keep a log of the reports you create, even if you are giving it to someone within the University. The log might include:

  • Who requested the data.
  • When they made the request.
  • What data they requested.
  • Why they requested the data/how they planned to use it.
  • What query and/or report you used.

Releasing Data Within the University
Within the University, Student Data may be disclosed only if it is needed to do the business of the University, and only to those who need to know the information in order to do their jobs. If you are not sure whether to fulfill a request for Student Data, contact the Office of the University Registrar..

Questions you shoud ask to help decide whether to fulfill a request for Student data:

  • Who wants the information?
  • Why do they want the information?
  • For what purpose will the information be used?
  • If they pass the information on to someone else, for what purpose will that person use it? Note: Usually, the data should be for the requestor's use only. No data should be posted in a public place including a web page.
  • How will they secure the information once they have it?
  • How will they dispose of the information when they are done with it? For example, hard copy reports should be shredded.

Desktop Security
Query Results. Business Objects writes reports to the desktop client under the subdirectory specified when the reports are saved. The default directory is C:\Program Files\Business Objects\Business Objects 5.0\UserDocs. You must see to it that any sensitive data stored on your peronal computer is safeguarded through physical security, access control software, or encryption.

  • Examples of physical security are locked offices and locked keyboards.
  • Examples of access control software are a screen saver with password protection (which your computer has been set up to initiate at startup) or specialized desktop security software.
  • If you encrypt your query results, you will need to decrypt them before accessing them with Business Objects.

Warehouse Access
When a computer is left signed to an account, it is easy for someone to gain unauthorized access. Either sign off from your account before you leave your computer or restrict access by some other means (physical security or access control software).

For more information on security and privacy, contact the Office of Information Security.

  Collection Information:
top

Information Systems and Computing
University of Pennsylvania
Comments & Questions


Penn Computing University of Pennsylvania
Information Systems and Computing, University of Pennsylvania