The purpose of the data access agreement is to establish the conditions under which users have access to the data provided and to obtain a user`s express consent to these conditions before granting them access to the data. Resource owners must establish data access agreements that define the appropriate use of and access to the data covered, as well as procedures for obtaining permission to deviate from restrictions. If my employment at the university ends or if my professional responsibilities no longer require access to the data or the scope of the required access changes, I have the joint responsibility with the data holder to ensure that my access to the system is revoked or modified appropriately. If my access is not changed in time, I will inform the data controller. Storage/secondary systems cannot be created from the [System Names] data without the prior permission of the data owner and the registration and approval of the secondary storage/system with the CIO office. Intended and Permitted Use of Data. I agree to use [SystemName] only for legitimate business purposes and to limit my use to my established business responsibilities. and does not enter such or other Level 2 data into the system [system name]. I will obtain the consent of the Data Controller before transferring data from [System Name] to a person who has not accepted the terms of this Data Access Agreement. Data protection in this system is subject to the following laws, directives and regulations:— Incomplete and inconsistent formal agreements on the Terms and Conditions may result in negligence on the part of employees and subcontractors in the processing and distribution of sensitive data. Designation of data sensitivity.
The data [record name] in [system name] is classified as UC P1-P4 (formerly UCB PL0-PL3) and data protection has been defined accordingly. I agree to maintain the quality and integrity of the information I access and to protect the confidentiality of the personal information of each person I access. (Example of a UC P2/P3 system (formerly UCB PL1) where users enter/edit records :)I recognize that UC Berkeley must have strict access control over personal information containing a person`s name or initials, combined with: Uniquely identify the owner of the data (by name and/or role) and identify the data, to access. Also capture or specify (depending on the connection) the user`s name and position and responsibility that require access to the recording. Here`s a template for a standalone data access agreement. The template and sample text are provided for illustrative purposes only and should be tailored to the specificities of each system/dataset. I agree to the terms of this Data Access Agreement. Notification to users of MSSEI security requirements for individual devices: Links to other relevant documents, e.B.
Minimum Electronic Information Security Standard (MSSEI)Minimum Security Standard for Networked Devices (MSSND)Berkeley Data Classification Standard Privacy Profiles. . . .