4 Considerations When Managing User Access and Restrictions

You’ve spent some time creating and updating user accounts. And you’ve updated the administrative information about your faculty. Now it’s time to think about which access and restrictions to apply to ensure that the right faculty see the right information. Which records should faculty be able to edit? Which should faculty only be able to view? Have the peace of mind knowing that your faculty activity information is accessible yet secure. Here are four things to think about when determining access and restrictions.

Note that the location where this information lives will depend on the faculty activity reporting solution you are using at your university.

1. What Exactly Does “Access” and “Restrictions” Mean?

While the terminology may vary, every faculty activity reporting solution has tiers of data access and restrictions for faculty and administrators. Here is a general definition of what these tiers mean:

  • Access: Settings that apply at the screen, field or data level and determine whether all users, certain users or no users have access to edit records for the screen, data for the field or specific data elements. All units using a specific screen or field share these settings (“read only,” “hidden” or “locked”).
  • Restrictions: Settings that apply to a screen, field or report to determine which units have access to store or report data. These settings are useful for collecting and reporting college-specific data that users associated with other colleges do not need to provide. Examples include AACSB professional accreditation fields often restricted to colleges of business,, such fields for NCATE/CAEP restricted to colleges of education, or college-specific promotion and tenure fields.

2. Should Information Be “Read-Only”?

If you would prefer that faculty members be able to view and run reports on specific data, but not be able to modify it then “read-only” access makes sense. By marking data as “read-only” you are still allowing faculty to review screens with users’ teaching, research and service activities—but you are also ensuring data security by restricting the ability to edit this data. A good faculty activity reporting solution will note to your users which fields they do not have access to edit.

Types of data you may consider making read only include date of hire, date of tenure, scheduled teaching data and course evaluation data.

3. When Should I Hide Data?

For data that is sensitive or confidential, it may make sense for it to be set as “hidden.” Consider this on a case-by-case basis, of course, depending on your definitions. Take note that depending on your faculty activity reporting solution, users with certain role permissions may still be able to view, edit, and/or run reports that show hidden data.

Examples of data to hide may include narrative reviews of faculty by department heads or chairs and sources for imported data.

4. Why Would I Lock Down Specific Fields?

If you integrate your faculty activity reporting solution with another database on campus via web services, you may want to consider locking down these fields. While users will still be able to view this data and run reports on it, they will not be able to edit or delete it. This will help to ensure data security and integrity. By locking fields, you enforce the practice that faculty make any data updates to the original source of the data.

Examples of data to lock may be: data populated from another source (e.g. a human resources database).

Are you a client of Digital Measures? Find instructions on how to set up specific access and restrictions in the Resource Center from within Activity Insight.  Simply enter “Access and Restrictions” in the search box  for help center articles, videos and more.

Leave a Reply

Your email address will not be published. Required fields are marked *