Data Access & Security Policy

ColorBand2000-v1

For a complete description of the SKC Data Access and Security Policy please review section 241.00 of the SKC Policy Manual
Access to institutional data by faculty, staff, and other employees is essential to support college functions. In turn, faculty, staff, and others with access are obliged to appropriately use and effectively protect college data, including digital and paper records.

All individuals who require access to student data - other than public data as defined below – will complete training in data security and protection of confidential data.

Data is classified according to the following categories:
  • Public Data: Data which are of interest to the general public and for which there is no business need or legal reason to limit access.
  • Non-Public Data: All data held by the college for operational, educational, and/or other purposes which are not appropriate or available for general public use. Non-public data shall be made available to authorized college employees for inquiry/download only in support of the performance of their assigned roles/duties. Non-public data may be released to individuals or groups outside of the College community only with approval as required by law, approval through the Salish Kootenai College Institutional Review Board, or approval by the appropriate data steward(s).
  • Confidential Data: Data to which access is restricted for legal or other college business reasons including personal information. All confidential data connected with an individual's name shall be stored securely on physically secured storage devices or media and displayed in an encrypted or otherwise obscured manner.
DATA USAGE

Non-public and confidential college data shall be used only in the performance of assigned roles/duties within the college.

Willful misuse of college data or other breaches of the Data Access and Security Policy can result in termination of access privileges, disciplinary action which may include termination of employment, and/or civil and criminal penalties.

ACCOUNT AND PASSWORD RESPONSIBILITIES

Every individual at SKC has several accounts allowing access to various systems at SKC, many that allow access to private and confidential data. It is the individual’s responsibility to keep the user IDs and passwords of these accounts private and treat the information as confidential data.

Systems and accounts that are found to be in violation of this policy may be removed from the SKC network, disabled, etc. as appropriate until the systems or accounts can comply with this policy.