Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Version History

« Previous Version 3 Next »

 General Information

1.1 Purpose and Scope

The purpose of these guidelines is to ensure database integrity and provide easy, professional and cost-effective communications for Bethel University.

Some of the primary goals for creating these guidelines are to:

  • Document a single institutional data entry standard that facilitates searches and provides accurate and consistent reports.
  • Avoid creation of duplicate records for any single entity.
  • Provide complete and accurate name/address information that meets Postal Services’ recommended mailing address procedures.
  • Maintain the highest quality of Bethel University data.

These guidelines establish measures for the protection, access, and use of data in Banner, Bethel University’s administrative software.  All references to information systems or electronic data refer to the Banner product and the databases that store information entered through and retrieved by these systems. This document also defines the responsibilities of those that access the data. Offices may have individual guidelines that supplement, but do not contradict, this statement.

Banner is a collection of forms with imbedded instructions used to enter, modify, delete, and query data. Banner simply provides the forms and programs necessary to manipulate data. The data itself is stored in tables residing in an Oracle database. It is a relational database, meaning that tables are linked together by means of some internal identification number and, therefore, data redundancy is limited. For example, one table might have a student’s ID number and the course numbers in which he/she is enrolled. A separate table has the course numbers and the course descriptions. The course numbers would link the two tables together providing a course description for the courses in which a student is enrolled. There are over 3,800 tables in the Banner system.

Banner is modular, meaning that there are modules for different functional areas. There is a Financial Aid module, a Finance module, a Human Resources module, an Alumni/Development/Advancement module and a Student module.  There also is a General Person module that ties all of the other modules together by tracking common information such as a person’s ID number, name, address, email, gender, and date of birth.  The General Person module is shared by all Banner users.

This manual prescribes guidelines for creating and maintaining General Person information in the Oracle database using Banner. This manual is constructed to ensure that General Person information is maintained as accurately and completely as is possible, and that no duplications of data occur within the database.  Individual offices are responsible for specific training within their respective modules, in cooperation with ITS.  


1.2 Administrative Responsibility

All levels of management shall ensure that, for their areas of accountability, each information system user knows his/her responsibilities. Each system user shall read and understand this manual before accessing the system.

Electronic data is owned by Bethel and is a vital University asset. All institutional data, whether maintained in the central database or copied into other data systems including microcomputers, remains the property of Bethel University. Individual offices, departments, programs, or schools may have responsibilities for portions of data, but the institution is the owner of the data.  Access to data is not approved for use outside an individual's official University responsibility.  Electronic institutional data shall be used only for the legitimate business of Bethel University as required in the performance of job functions.  See the Bethel University Responsible User of Information Technology Resources Policy.

As a general principle of access, Bethel University data (regardless of who collects or maintains it) shall be shared among those employees who need such information to do their work effectively.  Although Bethel must protect the security and confidentiality of data, the procedures to allow access to data must not unduly interfere with the business processes.

Supervising administrators shall ensure a secure office environment with regard to all institutional information systems. Administrators need to carefully analyze Banner requirements of their staff according to job functions before submitting requests for the access.

Data should never be left on any system to which access is not controlled. All Banner users must lock their workstation whenever they leave their workstation unattended and log out at the end of the day.  Sensitive data should never be included in an email or stored on publicly accessible Bethel drives.

1.3 General Person Data

Access to general person data is awarded only after appropriate training is received.  Because Banner is a shared database, entry of general person data affects all modules and Banner users.  Therefore efforts to maintain the integrity and quality of the data in the database must be a priority for all Banner users.  Failure to abide by the guidelines outlined in this manual for creating and maintaining general person records may result in removal of access.

General person data may be entered on a variety of forms, but primarily will be maintained via the APAIDEN form.  ‘Maintenance’ access provides update capabilities, with update capability usually limited to users directly responsible for the collection and maintenance of data.  Individuals with only query access will use the similar SPAIDEN form to view, analyze, but not change, university information.

It is critical that the creation of new records does not result in multiple id records in the system.  The term multiple id records or “multiple id’s” means that one single entity (whether an individual or organization) has more than one basic Banner name record.  The existence of multiple id records for one entity defeats the whole purpose of a relational database and raises questions as to the integrity of the data stored in Banner.  Some results of multiple id records are 1) invalid reports, 2) inaccurate information, or 3) a perception of confusion or indifference at Bethel because of the inaccuracies.

 

1.4 Security Access to Official University Records

The following outlines the requirements and limitations for all Bethel University departments/divisions to follow in obtaining permission for inquiry and update access to Banner data. Data security is everyone's responsibility and must be impressed upon all employees by appropriate training.

Requests for Information Access

All requests for information access will be coordinated through department supervisors. Requests for new access should be submitted using the web form available under BLINK/Technology tab/Banner Resources/Account Request. 

Requests may include: 1) requests for access to Banner forms, reports and processes and/or 2) requests for Argos (reporting tool access).  Account and password information will be transmitted by ITS either directly to the user or to his/her supervisor.

Department supervisors must ensure that requests for new accounts are accompanied by any required general system training as well as departmental specific training. Departments should take steps to ensure that they have an alternate person assigned as backup for each office function, and that this individual has the appropriate Banner access required to perform these back up functions.

Permissions to update data are generally limited to the offices directly responsible for the collection and management of that data. Update access is available only to those individuals within that office who have an authorized need to change institutional data as part of their job responsibilities.  Each user will be assigned appropriate combinations of inquiry-only and update access to specific data according to job responsibilities need to know, and need to act basis.

Username Structure

Banner account names are the same as Bethel Community Account (BCA) names. 

Passwords

Passwords help protect the security of Bethel’s data and user computer files.

  • Avoid using ANY dictionary word, proper name, or computer account name even if there are numbers before or after. These are easily cracked.
  • The very best passwords are not words at all, but initials representing a phrase. They are easy to remember but look like nonsense.
    • Wdgwab!  “We do good work at Bethel”.
    • 4Gsltw       “For God so loved the world.”
  • Mi$$pelled or $krambled words are good passwords. For example:
    • HoT&CoLd
    • To0sday
  • Nonsense syllables are also very good passwords, such as:
    • syl2ren
  • DO NOT USE words with numbers, as in Bible verse references like John316. Avoid any name preceded or followed by numbers like Diane1 or 123Dan. 
  • Do not use any of the passwords you see here. Being printed as suggestions already compromises them.

 

Forgotten Passwords

Call the ITS Help Desk (6500) for INB passwords.  Bethel Community account passwords may be managed using the ‘My Account’ website at https://iam.bethel.edu.


Breached Passwords

If you think another person has knowledge of your username or password or another user’s username and password, contact the ITS help desk immediately.  They will assist with assigning a new password.


Sharing Usernames and Passwords

All employees who require access to Banner must use the username and password assigned to them resulting from a fulfilled request.  This will allow updates to be tracked to a specific username and therefore a specific person. Users should never disclose their username or password to anyone else.

Users are strongly discouraged from storing their passwords anywhere except in memory or a locked location. No one at Bethel (especially in ITS) will ever ask them to supply their password.

 

Termination of Employment

It is the responsibility of the department supervisor to ensure that system access is canceled for employees and students who no longer work in his/her area.  See Bethel University Termination Policy and Procedures.

Human Resources will notify ITS of all terminations so that removal of access by any username associated with an employee can be accomplished. This does not eliminate the department supervisor’s responsibility to communicate terminations in a timely manner, but provides a back-up system to ensure that this closure occurs.

1.5 Disclosure of Data

By law, certain electronic institutional data is confidential and may not be released without proper authorization. Each employee is responsible to adhere to all applicable federal and state laws and University policies concerning storage, retention, use, release, and destruction of data including the following:

  • Users must be aware of federal regulations (FERPA, etc.) and University policies applicable to data under the jurisdiction of their offices.
  • Disclosure of information is restricted to department managers, data managers, or their designees within the department responsible for that data. (For example, the Registrar or a representative of the Registrar must be contacted regarding disclosure of any student information.) 
  • All data associated with individuals (students, employees, alumni, etc.) is private and shall be used only for the legitimate business of Bethel University.
  • Under no circumstances shall anyone use institutional electronic data (in detail or summary) in any publication, seminar, or professional presentation, or otherwise release data, in any form, outside of Bethel without prior written approval from the appropriate department manager, data manager, or appropriate executive officer.

If data is downloaded to a personal computer or other device, that data must not be altered. Downloaded data must be used and represented responsibly and accurately and should be permanently deleted from the device when no longer needed. 


1.6 Responsibilities

Department Supervisors or Managers


A department supervisor or manager, usually an administrator of a University office or department, is responsible for making data available to others within his or her purview for use and support of the department's functions.

The department manager shall be satisfied that a secure office environment is in place and that a "need to know" is clearly demonstrated before approving access to data. By approving end-user access to institutional data, the supervisor consents to the use of this data within the normal business functions of that administrative office. The supervisor should also ensure that usernames and passwords are not shared among staff.


Data Managers

Data Managers are those employees responsible for working collaboratively with other members of the Bethel Banner community to maintain Banner’s shared data tables.

Data managers are responsible for:

  • Maintaining institutional data within their area of responsibility in accordance with university policies and procedures as well as federal and state laws and regulations (examples: FERPA and HIPPA.)
  • Maintaining the accuracy, timeliness and completeness of data;
  • Helping to evaluate data permission requests on a 'need to know' basis;
  • Ensuring appropriate training in accessing, using and interpreting information;
  • Initiating the process for staff access data requests when all requirements are complete;
  • Helping to maintain Banner validation and rules tables;


Information Users

Query or view access is more broadly available across the university.  Employees using information are responsible for understanding all data elements that are used, consulting the appropriate department supervisor or data manager when there are questions.  Each person is responsible for the security, privacy, and control of his/her own data especially to protect data files from unauthorized disclosure, alteration, or destruction. Each user is responsible for all transactions using his/her username and password.

  • No labels