|
|
Definitions
Access is the ability of a User or Computer Application to read, write, modify, delete or communicate information or otherwise make use of Confidential or Sensitive Information.
An Access Coordinator is an individual within a department who is responsible for defining departmental access profiles and notifying the Data Manager who takes care of access and authentication data bases and files when personnel changes necessitate access changes.
An Affiliate is anyone who has been extended privileges and rights at Tufts.
An Application is an automated system used by offices or departments for processing Confidential and/or Sensitive Information for University business.
A Centrally Managed Computer System is a Computer System which is operated and managed centrally by University Information Technology (UIT) division.
A Computer Application is an automated system or process that performs a definable function.
A Computer System is one or more computers, associated peripherals and software which operate together to perform a definable University function.
Confidential Information shall include health, financial, personnel and student information that is exempt from disclosure under provisions of any state or federal law. Confidential Information shall also include health, financial, student and any other proprietary information that is exempt from disclosure as a consequence of published University policy.
A Data Manager is a manager and any members of his/her staff who have been given operational level responsibility for the capture, maintenance and dissemination of specific data by the appropriate Data Steward. Moreover, if any Tufts University employee chooses to maintain a data base containing individually identifiable Confidential or Sensitive information in the course of performing professional responsibilities, (s)he will be the Data Manager for that data base and must comply with all applicable policies and rules.
The Data Network is Tufts' portion of the Internet which includes network equipment such as routers, switches, hubs, wireless access points, network services including but not limited to DNS, DHCP and NTP servers and all copper and fiber optic wiring.
A Data Steward is an executive officer of Tufts University having policy-level responsibility for managing a segment of the University's Information resources.
A Departmental Computer System is any Computer System which operates independently of UIT and which processes or contains Confidential and/or Sensitive Information.
An Electronic Identifier (ID) is a unique identification assigned to each user of a Computer System. The Electronic Identifier is used to gain access to the Computer System and provide accountability for all actions taken by the user.
An Individual is a person to whom is attributable individually identifiable personal information.
The Information Security Officer is the person who has overall operational institutional responsibility for computer information and resource security.
An Information Technology Resource is any information, including but not limited to information stored in electronic format, and/or the tools used to access and make use of that information (including but not limited to computer programs and applications, databases, computer systems and networks).
A Network is a series of points, including computers and other devices, interconnected by communication paths. Networks include interconnections with other networks and sub-networks and may carry voice, data or other types of signals.
A Network Manager is a manager and any members of his/her staff who have been given responsibility for the operation and maintenance of a Network that is required for the performance of some identifiable business function or that supports the transmission of Confidential or Sensitive data.
A Non-University Computer is a computer which is not managed or owned by Tufts but which operates within the university network. Examples include student computers and computers which are owned and operated by business partners.
Removable Media are data storage media including but not limited to magnetic tape, floppy disks, zip disks, removable disk storage and CD-ROMs that can be removed from a Computer System and easily carried from place to place.
A Security Breach is a type of activity which includes, but is not limited to, an unwanted disruption or denial of service, the unauthorized use of a system for the processing or storage of data, and changes to hardware, firmware or software which are made without appropriate approvals.
Sensitive Information is information maintained by the university which requires special precautions to ensure its accuracy and integrity. It is information that requires a high level of assurance of accuracy and completeness (e.g., a GPA).
A System Manager is a manager and any members of his/her staff who have been given responsibility for the operation and maintenance of a Computer System.
Tufts University, as an organization, is a guardian of data rights, a caretaker of individually identifiable information and owner of the medium of storage.
A User or Authorized User is a person who has been authorized to gain access to the Tufts network, computer systems and computer information.
The Voice Network consists of those network components such as T1 cards and fiber optic interfaces located within each campus' PBX (including but not limited to terminal devices such as phones, facsimile machines and alarm systems) and vendor-supplied components such as T1 lines and copper trunks. These components permit the delivery of voice network services in the form of telephony between Tufts locations and the outside world. Additionally, the voice network consists of measured business service, ISDN services and other private lines which bypass the PBX to provide connectivity to locations with special applications that cannot be serviced from the PBX.
