Home Information for U-M Faculty and Staff
Faculty and Staff
Sensitive data refers to data whose unauthorized disclosure may have serious adverse effect on the university's reputation, resources, services, or individuals. Faculty, staff, and U-M workforce members are responsible for protecting sensitive university data to which they have authorized access. As custodians of such data, they are also responsible to comply with all U-M information security and institutional data management policies and procedures as well as applicable laws, statutes, and regulations.
As a U-M faculty or staff member, you are responsible for protecting university data, and for knowing the appropriate places to store the data, how to securely dispose of the data, and how to report a breach or compromise of sensitive university data. The following Safe Computing sections address faculty and staff responsibilities related to the handling and storage of university data:
Faculty and staff who work with sensitive university data are required to follow unit-specific guidelines, which may or may not allow access to sensitive data from personally owned devices. For more information, see University Data and Personally Owned Devices.
ITS provides enterprise administrative and data systems that support U-M's core missions of teaching, research, clinical care, and administration. Before requesting access to systems that maintain sensitive institutional data, members of the university community are asked to complete an online course, Access and Compliance 101: Handling Sensitive Institutional Data at U-M (approximately 35 minutes) and then agree to and submit online the Institutional Data Access and Compliance Agreement. They can then request access. See How to Request Access.
Each school, college, institute, or central administrative unit has a designated Security Unit Liaison (SUL) who coordinates the unit's IT security activities and serves as a liaison with ITS Information and Infrastructure Assurance (IIA), the campus IT security office. The SUL, supported by additional members of the security community, is the initial point of contact for guidance on IT security-related issues, including questions about appropriately securing unit, research, and institutional information assets.
See IT Security Program (requires MToken for access) to learn more about IIA and the roles and responsibilities associated with managing and protecting the university's information resources. The IT Security Community has specific responsibility to help protect IT security information, including following the guidance for accessing and storing this kind of data provided in the Sensitive Data Guide.
The Faculty and Researcher Guide identifies Information and Technology Services' resources for general computing, teaching, and research.
Last modified: October 01 2014.