ROWAN UNIVERSITY POLICY
Title: University Data Policy
Subject: Information Resources and Technology
Policy No: IRT:2011:01
Issuing Authority: Senior Vice President for Information Resources and Technology and Chief Information Officer
Last Revision: 0/01/2011
As part of its responsibility to maintain the integrity of Rowan University data, the division of Information Resources and Technology has established this policy to:
- Define "data."
- Establish data ownership and official data repository.
- Protect the data, rights, and privacy of records in the University systems.
- Ensure the continued availability, confidentiality, and integrity of the contents of the University's networks and systems, and official data repository.
Under the direction of the President, the Chief Information Officer, and the University's Chief Information Security Officer shall implement and ensure compliance with this policy. The Executive Vice President for Administration and Strategic Advancement, Provost, Vice Presidents, Deans, and other members of management will implement this policy.
The following policy has been implemented to establish Banner ERP system as the official Rowan University data repository. Creation of shadow database is considered compromised and dangerous, and is strongly discouraged.
- "DATA" - As it pertains to this policy, data includes but is not limited to: information pertaining to current and prospective students, employees, financial and operational data, alumni and donor data, and data pertaining to past, ongoing, and future research.
- Rowan University is the sole owner of any and all data produced using and/or stored within the University's hardware and/or software systems.
- The only officially recognized data repository for Rowan University is the BANNER ERP system. Creation of shadow database is considered compromised and dangerous, and is strongly discouraged.
- The University has a responsibility to ensure the validity, continued availability, confidentiality, and integrity of the contents of its mission-critical networks and systems, and official data repository (BANNER ERP). Therefore, all third party (i.e., something other than BANNER) software/applications utilized by offices, departments, or other units within Rowan must conform to the University's established data standards. Adhering to these standards requires that any third party software/application that generates data, as outlined above, must feed such data electronically to the official repository on a regular ongoing basis. This standard operating procedure ensures the validity of the repository's contents and limits the unnecessary duplication of data—essential to the integrity of official University reporting activities.
- Any third party software, application, or system that requires access to the types of data stored in Rowan's official repository must be granted approval by the division of Information Resources & Technology. Approval of access to the repository shall be contingent upon the Chief Information Officer's determination that such access will not compromise the validity and security of the data contained in Rowan's official data repository.
By Direction of the CIO:
SVP and Chief Information Officer