Appendix A to the Administrative Data Access Policy: Definitions and Examples of Administrative Data Categories
[INTERIM CATEGORIZATION SUBJECT TO REVIEW DURING BANNER IMPLEMENTATION]
General Administrative Data
Legally Restricted Data
Limited-Access Data
General administrative data -- definitions and examples
General administrative data are all data that are not either legally restricted or judged by data stewards to be limited-access data. Any data that are published and broadly available are, of course, general administrative data. University policy holds that the volume of data classified as general administrative data should be as large as possible because widespread availability of such information will enable employees to make creative contributions in pursuit of the University's mission. Examples of digitally published data (a subset of general administrative data) include digital editions of such publications as the institution's Statistical Profile and the President's Annual Report of Gifts.
Legally restricted data -- definition and examples
Legally restricted data are those data that require restrictions on access under the law or that the University decides to restrict in accord with the provisions of the Virginia Freedom of Information Act or other applicable law. Public requests for legally restricted data are reviewed by legal counsel prior to responding. The University regards access to the following records and data as legally restricted (examples only -- not a complete list):
Personally identifiable education records of students
Directory Information on a student may be released, unless the student has chosen not to allow release of the information.
- Education records may be provided to the subject student, except the financial records of a parent or guardian, or records that are in the sole possession of the maker of the record and are not accessible to anyone except a substitute for the maker of the record.
- The Office of the Registrar should be contacted on requests for student education records.
Criminal investigation information and confidential reports provided to the University police department
- All requests should be directed to the office of the Chief of Police.
Personnel information on employees, including but not limited to social security number, benefits options, race, sex, age, leave time and evaluation information
- Personnel information is available to the subject of the information.
- Employee position, job classification, salary, rate of pay and allowances and reimbursement of expenses to employees are publicly available.
University Presidential Working Papers, including memoranda and correspondence held or requested by the University President
Confidential letters and statements of recommendation contained in admissions files employment application, and concerning the receipt of an honor or honorary recognition
- These materials are generally not available to the subject of the file.
Library circulation records of individual patrons
Tests used for purposes of evaluating students or employees, or to determine qualifications for a license or certificate issued by a public body
Proprietary data or records concerning research or study that have not been released publicly
Computer software developed by or for a state agency or institution of higher education
Appraisals and cost estimates of real property prior to the completion of a purchase, sale or lease
Internal audit reports and investigative records, and records of an investigation initiated through the state Employee Fraud, Waste and Abuse Hotline
Proprietary, business-related information on the University of Virginia Medical Center
Documents relating to gifts and bequests and fundraising activitiesPurchasing-related data
- Vendor-supplied proprietary information.
- Cost estimates relating to a proposed procurement transaction.
Legal advice and other attorney-client communications
Facilities Management documentation or other information which describes the design, function, operation or access control features of any security system, whether manual or automated, which is used to control access to or use of any automated data processing or telecommunications system
Specific questions about legally restricted data should be directed to the University's legal counsel
Limited-access data -- definition and examples
Some data that are not legally restricted may be designated by University data stewards as data to which access by University employees is limited. Although its release or disclosure may be authorized under law or required in response to a Freedom of Information Act request, these data are not routinely made available to broad audiences. To access these data, University employees must follow the procedures developed by the data steward responsible for the data. Criteria for assignment of data to this category are developed by the relevant data steward and reviewed annually.
Factors data stewards sometimes consider in deciding whether or not to limit viewing, copying and downloading of data (examples only):
- Is data administratively sensitive?
- Is data easily misinterpreted?
- Is this data for which the University is owner or steward?
- Does the data have implications for personal safety of employees?
Examples include:
Employee data - salaries paid
Facilities Management - engineering drawings of facilities
Review Frequency: Yearly by the Office of the
VP/CIO