Policy Library
  • Home
  • Information Access Control Policy

Information Access Control Policy

Policy
Purpose: 

To ensure the security and integrity of university data and information assets as well as safeguard the information of its constituents. All Kansas University technology resources will adhere to a uniform access control standard and framework.

Applies to: 

University employees (faculty, staff, and student employees), students, and other covered individuals (e.g., affiliates, vendors, independent contractors, etc.) in their access to University resources and software applications during the course of conducting University business (administrative, financial, teaching, research, or service).

Campus: 
Lawrence
Policy Statement: 

All devices and software applications that are connecting to the University network shall provide user authentication and access control via the approved Kansas University Access Control Procedures only. Validation of identity management protocols resides with the KU Information Technology Security Office.

Exclusions or Special Circumstances: 

Exceptions to this Policy and associated Procedures shall only be allowed if previously approved by the KU Information Technology Security Office and this approval is documented and verified by the Chief Information Officer.

Consequences: 

Faculty, staff, and student employees who violate this University policy may be subject to disciplinary action for misconduct and/or performance based on the administrative process appropriate to their employment.

Students who violate this University policy may be subject to proceedings for non-academic misconduct based on their student status.

Faculty, staff, student employees, and students may also be subject to the discontinuance of specified information technology services based on the policy violation.

Contact: 

Office of the Chief Information Officer
1001 Sunnyside Avenue 
Lawrence, KS 66045
785-864-4999
kucio@ku.edu

Approved by: 
Provost and Executive Vice Chancellor
Approved on: 
Tuesday, April 14, 2009
Effective on: 
Wednesday, July 1, 2009
Review Cycle: 
Annual (As Needed)
Related statutes, regulations, and/or policies: 

Access Control Procedures (currently in development)

Data Classification and Handling Procedures Guide

Student Records Policy

Information Technology Security Policy

E-Commerce Policy

Password Policy

Acceptable Use of Electronic Information Resources

Procedures for Investigative Contact by Law Enforcement

Electronic Mail (Email) Policy

Gramm-Leach-Bliley Student Financial Information Security Program

Related Other: 

Laws:

Family Educational Rights and Privacy Act (FERPA), 20 USC §1232g (1974)

Health Insurance Portability and Accountability Act (HIPAA), P.L. 104-191(1996)

Gramm-Leach-Bliley Financial Services Modernization Act (GLB) P.L. 106-102, 113 Stat. 1338 (1999)

Kansas Open Records Act, K.S.A. §45-215 et. seq.

Keywords: 
access control, user authentication
Change History: 

10/11/2024: Updated broken links.
01/26/2022: Updated contact section.

Information Access & Technology Categories: 
Information Access
Privacy & Security

Can't Find What You're Looking For?

Let Us Help »

Policy Library Search
New Policies in the last 30 days
Policies Revised in the last 30 days
more revised policies
KU Today
Why KU
Apply »
One of 34 U.S. public institutions in the prestigious Association of American Universities
Nearly $290 million in financial aid annually
44 nationally ranked graduate programs.
—U.S. News & World Report
Top 50 nationwide for size of library collection.
—ALA
23rd nationwide for service to veterans —"Best for Vets," Military Times
Far Above

Give to KU »