UPPS 07.08.05 - Student Information System Access Privileges
Student Information System Access Privileges
UPPS No. 07.08.05
Issue No. 2
Effective Date: 6/01/2023
Next Review Date: 5/01/2026 (E3Y)
Sr. Reviewer: University Registrar
POLICY STATEMENT
Texas State University is committed to protecting the confidentiality and integrity of student records by educating users of their responsibilities and proper usage guidelines.
SCOPE
- The purpose of this policy is to delineate the procedures used to control access privileges to the university’s student information system.
DEFINITIONS
Access Privileges – the right to perform specific student information system transactions. Access privileges may be assigned in two ways:
Display – Data can be viewed but cannot be changed.
Modify – Data can be viewed and changed. This may include adding, creating, deleting, deactivating, and approving.
Department Head – the individual assigned the management responsibility for an organizational unit of the university.
Guests – accounts assigned to individuals not otherwise affiliated with the university if the accounts are required to support functions directly associated with the university mission. Guest affiliates are explicitly defined in UPPS No. 04.01.02, Information Resources Identity and Access Management.
ACCESS PRIVILEGES TO STUDENT INFORMATION SYSTEMS
University employees who are granted any form of access privileges to the student information system are required to use discretion and must accept custodial responsibility in processing, approving, and reviewing any records accessed.
By accessing the student information system, department heads and employees accept the legal responsibilities outlined in UPPS No. 01.04.31, Access to Student Records Pursuant to the Family Educational Rights and Privacy Act of 1974 and UPPS No. 04.01.07, Appropriate Use of Information Resources.
The university typically only authorizes employees with access privileges to the student information system. Any such access privileges must be associated with a named individual. The university will grant access privileges commensurate with the responsibilities of the individual’s position.
The university will revoke access privileges for employees who terminate their employment with the university, employees who have changed positions or job duties, as well as employees who have not accessed the student information system in a period of time specified below.
Faculty and staff users who do not login to the student information system account for a period of 366 consecutive days will have their access privileges revoked.
Student workers will have their access privileges revoked after 120 days of inactivity.
Guests will have their access privileges revoked after 30 days of inactivity.
Users will need to contact the Information Technology Assistance Center (ITAC) to request authorization to reinstate their access privileges.
The department head, or designee, must submit requests for access privileges.
The department head, or designee, is responsible for immediately notifying ITAC of all separating employees or employees transferring to another position by contacting itac@txstate.edu.
Failure to comply with this policy may result in administrative action, including revocation of student information system access privileges, as well as disciplinary action.
PROCEDURE TO GRANT OR REVOKE ACCESS
- Access privileges to the student information system may be granted, modified, or revoked by accessing the SIS/Banner Security Access request form.
REVIEWERS OF THIS UPPS
Reviewers of this UPPS include the following:
Position Date University Registrar May 1 E3Y Associate Vice President for Enrollment Management May 1 E3Y
CERTIFICATION STATEMENT
This UPPS has been approved by the following individuals in their official capacities and represents Texas State policy and procedure from the date of this document until superseded.
University Registrar; senior reviewer of this UPPS
Associate Vice President for Enrollment Management
Vice President for TXST Global
President