Skip to: search, navigation, or content.

Indiana University

Permission to Access Institutional Data

Definition of Institutional Data

A data element is considered "institutional" data if it meets one or more of the following criteria:

  • The data is relevant to planning, managing, operating, or auditing a major administrative function of the university.
  • The data is referenced or required for use by more than one organizational unit.
  • The data is included in an official university administrative report.
  • The data is used to derive a data element that meets these criteria.

Policy on Access to Data

Approved by the University Operations Cabinet in October, 1991.
Distributed by the Office of the President in December, 1991.

Philosophy of Data Access

The value of data as an institutional resource is increased through its widespread and appropriate use; its value is diminished through misuse, misinterpretation, or unnecessary restrictions to its access.

Guiding Principle of Data Access

Access to institutional data--the permission to view or query institutional data--should be granted to all eligible employees of Indiana University for all legitimate university purposes.

Expectations about Data Users

Data users will be expected to access institutional data only in their conduct of university business, to respect the confidentiality and privacy of individuals whose records they may access, to observe any ethical restrictions that apply to the data to which they have access, and to abide by applicable laws or policies with respect to access, use, or disclosure of information.

General Rules

  • Every IU employee should have access to the data they need to do his or her job.
  • Institutional data should be used only in the conduct of university business.

Things One Shouldn't Do

  • Disclose data to others, except as required by one's job responsibilities.
  • Use data for one's own personal gain, or for the gain or profit of others.
  • Access data to satisfy one's personal curiosity.

Who Makes Decisions?

  • The Data Steward establishes standard rules, guidelines, and "profiles" for data access; also makes the recommendation/decision about any individual request to access data.
  • Responsibility for such recommendations may be delegated to a Data Manager.
  • The Committee on Institutional Data is available to users who wish to appeal a recommendation not to permit access.
  • University Computing Services implements the recommendations and decisions of the Data Stewards and the Committee on Institutional Data; UCS does not make any access decisions independent of these groups. (UCS can also help users identify the appropriate Data Steward or Data Manager for a specific data access request.)

Classification of Data

As a foundation for making decisions about data access, institutional data are (will be) organized into three general categories or classifications.

  • University-internal data: This is data which may be accessed by all eligible employees of the university, without restriction, in the conduct of university business. This should be the "default" classification for all data; access restrictions should be applied only as required below.
  • Limited-access data: This is data which, because of legal, ethical, or other constraints may not be accessed without specific authorization or to which only selective access may be granted.
  • Public data: This is data which has no restrictions at all, and to which the general public may be granted access.