1930.020a Data Stewardship
University employees, students and authorized users of the University’s IT resources (e.g. consultants, vendors, visitors, and contractors) shall access and use Highly Sensitive Data only as may be strictly necessary in the performance of their job or role at the institution and in accordance with all applicable state and federal laws. All individuals accessing Highly Sensitive Data created or maintained by Florida International University are required to comply with federal and state laws and university policies and procedures regarding data security. Any University employee, student or non-University individual with access to Highly Sensitive Data created or maintained by the University who engages in the unauthorized use, disclosure, alteration, or destruction of same is in violation of state and federal laws.
Access to University data is provided to University employees for the conduct of University business. Highly Sensitive University data, as defined in this procedure, will be made available to employees who have a genuine need to access such data. This may include data collected from students, faculty, staff, donors, contractors, members of the community, or those who have no affiliation with the University. It is the responsibility of each individual to which this procedure applies accessing such data to observe the following:
All Highly Sensitive Data should be handled as follows:
Hard Copy - these documents should never be stored temporarily or permanently where unauthorized individuals can have access to read, copy or photograph. It is necessary to store these documents in file cabinets that have locks and that are located in an area that is locked except during normal business hours.
Electronic Copy – 1. All Highly Sensitive Data must be accessed by way of a unique name or number for identifying and tracking user identity. 2. Highly Sensitive Data stored in electronic format must be encrypted using a minimum of 128 bit encryption. This applies to all local and shared drives. 3. Departments/Divisions that maintain Highly Sensitive Data must coordinate with University Technology Services to ensure that they have procedures in place that will allow them to access Highly Sensitive Data in the event of an emergency.
Published on 2013-11-13
Administrative Oversight & Contact Information
IT Security Office
Interim Chief Info Sec Offic
- Phone: 305-348-3591