Database Access Policy

Reviewed By: Administrative Council on December 17, 1990
Approved By:

Source / Authority

For interpretation of this policy, please contact the responsible department: Office of Vice President for Student Affairs, 909/537-5185

Policy

Recognizing that computer access to various data bases is vital to the operation of administrative and academic offices and personnel, the following campus policy has been established concerning access to the eight primary data bases.

The overriding factor in determining access permission is demonstrating that access is necessary to perform the job assigned to the requester.  Two types of access are possible:

  1. Display
  2. Updata capability

Most requests will be for display only and a set of standard screens will be made available.  A few offices will need the capability of updating selected fields on specified screens.

In all cases, those having access to student data must keep in mind their responsibility to adhere to the guidelines established by the Family Educational Rights and Privacy Act of 1974 (FERPA) (Buckley Amendment).   [Applicable sections of FERPA are accessible by clicking on this link.] Training sessions will be offered concerning confidentiality and the appropriate use of records residing in various data bases.  Training sessions will also be provided to determine which screens are needed and how to access the data on the screens.  Attendance at these training sessions is a prerequisite to obtaining an account number and password.  User manuals to some data bases will be provided.

Requests for access will be directed to the office which is the custodian of the data base in which the requested data resides.   That office will either grant or deny access according to the policy established herein.  In the case of denial, an appeal may be made to the Data Base Access Committee for review and final decision.

The custodian of each data base may implement additional conditions to ensure compliance with established policy.

System security is designed to limit the possibility of unauthorized users accessing data.

In summary, this policy is designed to encourage the growth of computer access, not restrict it; it is subject to review and change as experience dictates.