Card Access Security System Records Policy

Approved by the President
September 13, 2011
Revised
March 2019

Policy Contact
Facilities Planning Office
Extension 3224

Rationale:

The Card Access Security System is designed to provide greater safety, security, and convenience for all students, faculty and staff in order to protect access and sensitive institutional data. It is critical to govern access to the detailed records generated by the system to protect individual privacy.

Policy Statement:

The Card Access Security System provides access to building entrances and certain interior rooms as determined by Building Coordinators and facility managers. The records generated by the Card Access Security System (including which card was used at which door at what time) are considered sensitive information, and controls must in be in place to protect records’ confidentiality, integrity, and availability.

Policy Elaboration:

Records can be retrieved for purposes of general system maintenance, life-safety emergencies, investigations into criminal and student code-of-conduct violations, monitoring access to areas designated as data centers, investigations into violations of this policy or unauthorized access of the records, or other emergencies as defined by SUNY Oneonta policy. Retention of records is limited in duration as described in Procedures. Violators of the Card Access Security System Policy will be subject to disciplinary action.

The Card Access Security System is not a time-and-attendance system and will not be used to enforce time and attendance for employees or students.
Card access data may be released for the purposes of statistical analysis about the use of specific venues provided data are anonymized to protect the identities of individual card holders.

Records generated by the system are subject to all applicable Federal and State statutes and other SUNY Oneonta privacy policies and procedures. Access to these confidential records by outside entities will be denied unless subpoenaed or required for court proceedings. Any authorized information obtained may only be used for the purpose for which it was authorized.

Applicability of the Policy:

This policy applies to all SUNY Oneonta staff authorized to access the Card Access Security System.

Definitions:

Data Center – locations that store sensitive data and require monitoring of physical access to comply with standards or other regulatory requirements.

Anonymized Data – data which has had personally-identifiable information (Name, A-number, Encoded Card Numbers etc.) either removed or algorithmically altered to protect the card holders’ privacy.

Procedures:

Permission to retrieve records for the purpose of investigations into criminal and student code of conduct violations or investigations into violations of this policy or unauthorized access of the records must be granted by the SUNY Oneonta president or his/her designee.
Permission to retrieve records for the purpose of analysis of anonymized usage patterns must be granted by the requesting office’s divisional cabinet representative, or his/her designee.

Records of access to Data Centers will be regularly reviewed by center managers for unexpected activity. Exceptions to expected activity will be logged and reported to the IT Security Administrator. Logs may be audited at any time by the IT Security Administrator. The exported records and logs of Data Center access will be maintained for 1 year, at which time they will be deleted. Card access permission lists for Data Centers will be reviewed by area managers quarterly.

All other records will be maintained, stored and deleted by the Card Access Administrator. Records will be retained for no more than sixty days; the system is configured to daily delete records sixty-one days old.

The Card Access System Administrator will also maintain a log of requests for access to data and whether that access was granted. A copy of any data released as part of this process will be held for one year and the log will be made available to the President or his/her designee upon request.

Any proposed alterations of the above characteristics and conditions must involve prior consultation with appropriate administrative and governance groups.

Forms:

N/A