4.04.01 Access and Termination Guidelines

I. Purpose

This procedure documents guidelines data custodians are to follow in granting and terminating access to systems and data for which they are responsible.

Policy Supported

4.04 Define Data Custodian

II. Description

Data custodians with access to confidential University data and/or protected information are required to notify a designated Computing Services system administrator via email when:

  1. An employee is terminated and their data access is to be terminated.
  2. When a newly hired employee needs to be granted access to data.
  3. When an employee transfers to another department and access is to be terminated to data in the former department.
  4. When an employee transfers into one department from another and access is to be granted to data in the new department.

III. Scope

This procedure applies to all data custodians as defined in Policy 4.03.

Date Approved      
5/3/2016      
Dates Revised      
       
Dates Reviewed