System Access Agreement Template

Designation of data sensitivity. The data [registration name] in [system name] is classified as UC P1-P4 (formerly UCB PL0-PL3) and data protection is established accordingly. I agree to preserve the quality and integrity of the information I access and to protect the privacy of the personal data of someone I access. (Example of a UC P2/P3 (formerly UCB PL1) System in which the user enters and edits records:)I recognize that UC Berkeley must have strict control over access to personal data that associates a person`s name or initials with: I will obtain permission from the holder before obtaining data from [the system name] to a person who has not accepted the terms of this agreement. Directive and regulations: — resource owners must put in place data access agreements that define the appropriate use and access to the data covered, as well as procedures for granting authorisation for exemptions to restrictions. Identify the data owner (by name and/or roll) and identify the data to be accessed. Capture or provide (depending on the connection) the user`s name and location and the responsibility that requires access to the registration. Incomplete and inconsistent formal agreements on terms and conditions can lead to the negligence of staff and contractors in the processing and dissemination of sensitive data. Planned and authorized use of data. I agree to use [system name] only for legitimate business purposes, which limits my use to my pre-professional duties. When my employment ends at university or my professional responsibility no longer requires access to the data or the extent of the required access changes, I have a shared responsibility with the Data Proprietor to ensure that my access to the system is properly revoked or changed. If my access is not changed in time, they will notify the data owner. A model of the data access agreement is provided below.

The presentation and text example are provided as a guide and must be adapted to the specifics of each set of systems/data. and will not enter this data or any other level of data protection 2 into the system [system name].