General Ledger Collection Data Security
General Ledger Collection Access Prerequisites
In general, individuals must have BEN Financials General Ledger inquiry/reporting
functions before they can be granted access to the General Ledger collection
in the Data Warehouse. Users must supply their BEN Financials ID in the
space provided on the General Ledger Data Access eForm, and obtain supervisor
and school access administrator (or senior business officer) approval. BEN Financials users will
then be granted access to view data in the Warehouse for the same organization(s)
for they can perform account inquiry or reporting functions in BEN Financials.
Those individuals who do not already have access to the source system
(BEN Financials), but who need ad hoc access to the General Ledger collection
in the Data Warehouse, must complete BEN Financials Chart of Accounts
training along with the General Ledger Data Access eForm. They should indicate
on the form the level of access they need by supplying the appropriate ORG or Parent ORG code(s). Chart of
Accounts training schedules and registration
information are available at http://www.finance.upenn.edu/ftd/).
Releasing Data Outside the University
The only two offices that may disclose General Ledger data outside the
University are the Office of the Comptroller and Institutional Research.
If you do not work for those offices and you receive a request for data
to be sent outside the University, refer the requester to the Office of
the Comptroller.
Keep a Log
You might want to keep a log of the reports you create, even if you are
giving it to someone within the University. The log might include:
- Who requested the data.
- When they made the request.
- What data they requested.
- Why they requested the data/how they planned to use it.
- What query and/or report you used.
Releasing Data Within the University
Within the University, General Ledger data may be disclosed only if it
is needed to do the business of the University, and only to those who
need to know the information in order to do their jobs. If you are not
sure whether to fulfill a request for General Ledger Data, call the Office
of the Comptroller.
Questions you shoud ask to help decide whether to fulfill a request for
General Ledger data:
- Who wants the information?
- Why do they want the information?
- For what purpose will the information be used?
- If they pass the information on to someone else, for what purpose
will that person use it? Note: Usually, the data should be for
the requestor's use only. No data should be posted in a public place
including the World Wide Web.
- How will they secure the information once they have it?
- How will they dispose of the information when they are done with it?
For example, hard copy reports should be shredded.
Desktop Security
Query Results. If you save your query results in Excel, pdf, or any other local file type, you
must see to it that any sensitive data stored on your
peronal computer is safeguarded through physical security, access control
software, or encryption.
- Examples of physical security are locked offices and locked keyboards.
- Examples of access control software are a screen saver with password
protection (which your computer has been set up to initiate at startup)
or specialized desktop security software.
- If you encrypt your query results, you will need to decrypt them before
accessing them with Business Objects.
Warehouse Access
When a computer is left signed to an account, it is easy for someone to
gain unauthorized access. Either sign off from your account before you
leave your computer or restrict access by some other means (physical security
or access control software).
For more information on security and privacy, contact the Office of Information Security. |
