Penn Computing

Penn Computing

Computing Menu Computing A-Z
Computing Home Information Systems & Computing Penn

 
  UPDATES
Current Load Status
Regular Availability
 
  INFORMATION
FAQs & Tips
Password Changer
Support services
Security
About the Data Warehouse
Data Administration
 
  DATA COLLECTIONS
Advancement
Assets
BBR
BRIM
Express Mail
Facilities
Faculty
GAR
General Ledger
Infrastructure
ISSS-iOffice
Learning Management
Position Inventory
Research-PennERA Proposals
Research Inventory
Salary Management
Student
Travel Expense Management
Tuition Distribution
World Travel
Cross-Collection

Pennant Accounts Data Security

Access Prerequisites
See Data Training for the training prerequisites.

To request access, submit the eform for Pennant Accounts, located in the Data Warehouse section of the Penn eForms page. Access will be granted only after all prerequisite training is completed.

Access to the Pennant Accounts data in the warehouse will be given to users on a global basis, and will not be restricted by school or department. If a user has access to the tables they can see all transactions for all students in all schools. Users of Pennant Accounts data also have access to the student data that comes from the Student Records System (SRS).

Regulations and Policies on Student Data
Federal regulations regarding access to student data are spelled out in the Family Educational Right to Privacy Act (Buckley Amendment), commonly known as FERPA. For more information, see http://www.upenn.edu/computing/da/dw/student/ferpa.html.

The University's policy on the Confidentiality of Student Records is available at http://www.upenn.edu/privacy/policies_publications.htm.

Releasing Data Outside the University
The only office that may release Pennant Accounts data externally is Student Financial Services (SFS). Requests should be directed to SFS.

Releasing Data Within the University
Within the University, Pennant Accounts and Student data may be disclosed only if it is needed to do the business of the University, and only to those who need to know the information in order to do their jobs. If you are not sure whether to fulfill a request for student billing data, contact Student Financial Services.

Questions you shoud ask to help decide whether to fulfill a request for student billing data:

  • Who wants the information?
  • Why do they want the information?
  • For what purpose will the information be used?
  • If they pass the information on to someone else, for what purpose will that person use it? Note: Usually, the data should be for the requestor's use only. No data should be posted online or in a public area.
  • How will they secure the information once they have it?
  • How will they dispose of the information when they are done with it? For example, hard copy reports should be shredded.

Desktop Security
Query Results. If you save your query results as Excel, pdf, or other type of local file, you must see to it that any sensitive data stored on your peronal computer is safeguarded through physical security, access control software, or encryption.

  • Examples of physical security are locked offices and locked keyboards.
  • Examples of access control software are a screen saver with password protection (which your computer has been set up to initiate at startup) or specialized desktop security software.
  • If you encrypt your query results, you will need to decrypt them before accessing them with Business Objects.

Warehouse Access
When a computer is left signed to an account, it is easy for someone to gain unauthorized access. Either sign off from your account before you leave your computer or restrict access by some other means (physical security or access control software).

For more information on security and privacy, contact the Office of Information Security.

  Collection Information:
top

Information Systems and Computing
University of Pennsylvania
Comments & Questions


Penn Computing University of Pennsylvania
Information Systems and Computing, University of Pennsylvania