Request Access to Former Employee Data
Access to User Data Procedures
In accordance with the Information Security and Acceptable Use Policy, server and application administrators may be called upon to provide information to support authorized investigations. This procedure document outlines the types of investigations and the appropriate authority to sign off on each.
Procedure
- Navigate to the Continuity of Business service.
- Select Submit New Continuity of Business Request.
- The requester should be an Authorized Requestor, as seen in the table below, requiring access.
- The acct/department should be the department the user was a part of.
- Note the user you are requesting data from.
- Note what data you need from the user.
- Provide a justification for access to this data.
- Provide a date by which the data needs to be provided.
- Press Request.
The Information Security Office will evaluate the request and facilitate providing data to the department in question.
Note: COB requests for both staff and faculty should be initiated by a department in a timely matter, staff information will be deprovisioned within 30 days of termination of employment, faculty information will be deprovisioned within 90 days of termination of employment per OIT processes.
Responsibilities
If you need to submit a request, click here. Note that you must be the "Authorized Requestor" as is indicated in the table below.
Note: University Attorney should be consulted in cases that are unusual or not objectively reasonable.
|
Purpose
|
User(s) involved
|
Authorized requestor
|
Authorized approver
|
Additional requirements
|
|
Legal issues (Litigation hold, etc.)
|
Any
|
UTD Attorney or UT System OGC
|
None needed
|
Document chain of custody
|
|
Criminal investigation
|
Any
|
UTD Police
|
UTD Attorney
|
Document chain
of custody
|
|
HR investigation
|
Current or former faculty, staff, or student workers
|
HR
|
Associate VP, HR
|
None needed
|
|
Compliance investigation
|
Current or former faculty, staff, or student workers
|
Office of Institutional Compliance
|
Assistant VP, Office of Institutional Equity and
Compliance
|
None needed
|
|
Internal Audit
|
Any
|
Internal Audit
|
Executive Director, IA
|
None needed
|
|
Academic investigation
|
Current or former student
|
Office of Community Standards and Conduct
|
Dean of Students
|
None needed
|
|
Continuity of business
|
Former faculty or
staff
|
User's Dept.
Head
|
None / University
Attorney1
|
None needed
|
|
Continuity of business
|
Current faculty or staff
|
User's Dept. Head
|
Associate VP, HR
|
If account is active, user must be unavailable.
|
|
Open Records Request
|
Any
|
Office of
Administration
|
None needed
|
None needed
|
Exemptions
In the event that compliance with this procedure cannot be met, please contact infosecurity@utdallas.edu to submit an exemption request which will be approved or denied by the CISO. Denied exemption requests may be appealed to the UTD President for final decision.