This procedure is used for authorizing access to information in Geneseo's various databases and logs including Banner, Human Resources, phone logs, email logs, myCourses logs and others. It covers requests for any database or service managed by CIT. Example requests include: adding application accounts, providing query/update access to given application forms or screens, providing access to reports or data extracts, providing information to third parties, providing information as part of an investigation and others.
1. If access is being provided to information for someone directly affiliated with Geneseo, CIT will consult the office designated as the data custodian. Geneseo affiliations include the following examples: faculty, non-academic employees, Campus Auxiliary Services, Foundation, students, SUNY or New York State agencies, and others. It does not include third-party vendors. The offices and contacts for data custodians are listed in the following table:
|Data Subject Area||Office||Contacts|
|Alumni - Demographics (name, address, phone, email), Activities, Giving History||Advancement||Lynn Myers|
|Applicant and Recruit||Admissions||Kim Harvey|
|Employee||Human Resources||Julie Briggs|
|Financial Aid||Financial Aid||Chris Jadlos|
|NCAA Athletic Standing||Intercollegiate Athletics||Mike Mooney|
Student Activities and Organizations (e.g. athletics, greek organizations, clubs)
(this area is somewhat shared and depends on topic area)
|Student and Campus Life|
|Student Demographics including names, addresses, phones, emails||Registrar||Kimberley Willis|
|Student/Employee CAMP Email||CIT||Paul Jackson|
|Student Disability Information||Disability Services||Tabitha Buggie-Hunt|
|Student Financial Information including billing and payments||Student Accounts||Sandy Argentieri|
|Student Housing||Residence Life||Elliot Zenilman|
|Student Medial Record||Health and Counseling||Erin Halligan-Avery|
2. If the information is being provided to a third-party other than a New York State agency (e.g. SUNY), CIT will require approval from the campus FOIL officer, Brice Weigman (firstname.lastname@example.org). Approval will also be required from the appropriate data custodians as specified above.
3. If access is being requested for students PII (personally identifiable information) fields protected by federal or state law such as social security number (SSN) approval will be required from Dean of Students, Dr. Leonard Sancilio, email@example.com) and the Registrar (Kimberley Willis, firstname.lastname@example.org). This specific procedure was established in 2008 to limit access to SSN within the application and all reporting processes. Access is only provided if warranted based on the person's job role (i.e. need to know). Examples include: payroll functions, financial aid, records management responsibilities, required for NYS systems, sole means to identify student in third party system (e.g. NYS Teacher Certification database).
4. Access to data protected under FERPA also requires approval by the designated campus FERPA officer, Dr. Leonard Sancilio (email@example.com). Examples of data protected under FERPA include the following:
- test scores
- I.D. numbers or social security numbers
- financial records
- class schedules
- semester, cumulative, or major GPA
- housing information
- conduct records (or results of reviews)
- date and place of birth
- enrollment status
- class attendance information
5. Requests for information from CIT managed database information and logs as part of an investigation must be made directly to the CIO or CIO's designee. Requests will only be acted upon from University Police, the Dean of Students, the Director of Human Resources and the President or the President's designee.
Assistant Director Information Systems, Computing & Information Technology, firstname.lastname@example.org
CIO & Director, Computing & Information Technology, email@example.com