User Access Agreement Template

Notification to users of MSSEI security requirements for individual devices: identification of data sensitivity. The data [record name] in [system name] is classified as UC P1-P4 (ex-UCB PL0-PL3) and data protection has been defined accordingly. I agree to preserve the quality and integrity of the information I access and to protect the privacy of the personal data of any person I access. (example of a P2/P3 CPU system (ex-UCB PL1) in which users enter/edit records:) I recognize that UC Berkeley must have strict control over access to personal information containing an individual`s name or initials, combined: resource holders must enter into data access agreements that define appropriate use and access to the data covered; as well as the procedures for obtaining authorisation for derogations from restrictions. When my employment at the university ends or my professional responsibilities no longer require access to the data or the extent of the necessary access changes, I have a common responsibility with the data holder to ensure that my access to the system is revoked or modified appropriately. If my access is not changed in time, I will notify the licensee. Clearly identify the data holder (by name and/or role) and identify the data you want to access. Collect or indicate the user`s name and location and responsibility (based on login) that requires access to the record. Below is a template for a standalone access agreement. The presentation and sample text are provided as a guide and should be tailored to the specifics of each system/dataset. The purpose of the data access agreement is to define the conditions of access by users to the specified data and to obtain the explicit consent of a user to these conditions before giving him access to the data. Incomplete and inconsistent formal agreements on the general terms and conditions of sale may result in negligence on the part of staff and contractors in the processing and dissemination of sensitive data.

and does not enter such or other Level 2 data into the system [system name]. Secondary memories/systems may not be created from the [system name] data without the prior authorisation of the data holder and the recording and authorisation of the secondary memory/system with the IOC office. I agree with the terms of this data access agreement. Links to other relevant documents, for example.B. Minimum Security Standard for Electronic Information (MSSEI) Minimum Security Standard for Connected Devices (MSSND) Berkeley Data Classification Standard Protection Profiles Intended and Authorized Data Protection Profiles. I agree that [system name] should only be used for legitimate business purposes and that my use should be limited to my defined professional responsibilities. . . .

This entry was posted in Uncategorized. Bookmark the permalink.