Public Access to University Information
- General Counsel
- Chief Data Practices Compliance Officer
- Laurie Beyer-Kropuenske
Individuals requesting public information will be provided access to all public information in accordance with Minnesota's Public Records Law, the Minnesota Government Data Practices Act (MGDPA), Chapter 13 of the Minnesota Statutes. The MGDPA applies to all government data that is "collected, created, received, disseminated or maintained by the University, regardless of physical form, storage media or conditions of use." This includes all University work-related information produced or held on University-owned devices or on employee owned devices such as tablets or smartphones. Unless directed to another specific unit in the Procedure for Requesting Information from the University of Minnesota, data requests must be submitted through the University’s online portal.
The Director of Data Access and Privacy (DAP) is the Responsible Authority and Data Practices Compliance Official under the MGDPA and is responsible for managing and fulfilling requests for information in accordance with the MGDPA. Whenever possible, the University will direct requesters to existing sources of public information.
Units that receive requests from either the public or subjects of data must send those requests to the DAP Office for review and response. In order to comply with the University’s legal responsibilities, members of the University community, upon request, must promptly provide data to the responsible authority and the DAP Office.
Individuals who are the subjects of data collected or maintained about them by the University have the right to:
- know what data is kept and how it is classified;
- notification when private or confidential data is collected from them;
- challenge the accuracy or completeness of data about them; and
- have private data secured.
Reason for Policy
The University adheres to the provisions of state and federal privacy and records laws, including the Minnesota Government Data Practices Act. In so doing, the University:
- Increases the value of University information resources through widespread and appropriate use.
- Prevents the inappropriate and unauthorized disclosure of information and thereby avoids adverse legal consequences.
Providing efficient and effective access allows the University to minimize expenses related to record keeping and document production and maximize the resources devoted to the primary mission of the University.
|Primary Contact/Responsible Authority||Laurie Beyer-Kropuenskeemail@example.com|
|Access to Public Data||Data Access and Privacyfirstname.lastname@example.org|
|Questions From Mediaemail@example.com|
- The ability to view information, and, when applicable, update or download it. Access is provided to individuals and groups of individuals based on state and federal law and University policy. Access to private or confidential data, and access which permits data updates or downloads requires specific permissions related to job responsibilities.
- Information collected, stored, transferred or reported for any purpose, whether stored electronically or in paper files.
- Data Custodian
- Representatives of the University who are assigned responsibility to serve as a steward of University data in a particular area. They are responsible for developing procedures for creating, maintaining, and using University data, based on University policy and applicable state and federal laws.
- Data Owner
- Individuals, who in the course of carrying out the University's official business, serve as stewards of data in alignment with their function at the institution. This role is responsible for the accuracy of institutional data that they manage.
- Family Educational Rights & Privacy Act
- Federal law (P.L. 93-568, 2) as amended in 1974 (with updates). Specifies rights and responsibilities of students and colleges regarding access to student data.
- Information/Data Classifications
- A determination that establishes the breadth of access to information See Appendix: Examples of Public, Private and Confidential Information.
- Minnesota Government Data Practices Act (MGDPA)
- Legislation governing access to information that is created, received, and maintained by the Minnesota government entities.
- Public Data
- All government data collected, created, received, maintained or disseminated by the University that is not classified as private, nonpublic or confidential by Minnesota Statute, temporary classification or federal law. For examples of public and private data, see appendix to this policy.
- University Information
- Information collected, manipulated, stored, reported or presented in any format, on any medium, by any unit of the University.
- General Counsel
- Provide legal advice to University staff and decision makers to ensure compliance with state and federal law, including the proper classification of University Data.
- Data Access and Privacy Office
- DAP director serves as the responsible authority and data practices compliance official under the MGDPA
- Fulfills requests for public information that cannot be met through existing reports and other materials.
- Assists General Counsel in advising University staff and other decision-makers regarding access to University information.
- Maintains Appendix: Examples of Public, Private and Confidential Information, specifically, the section on what U information is classified as Public or Not Public.
- University community member
- Promptly provide records that are responsive to a data request when requested by a member of the DAP Office.
- Board of Regents Policy: Student Education Records
- Administrative Policy:Acceptable Use of Information Technology Resources
- Administrative Policy: Managing University Records and Information
- Administrative Policy: Reporting and Notifying Individuals of Information Security Breaches
- Administrative Policy: Information Security
- University of Minnesota Duluth - Appropriate Use of Information Technology
- Office of the Registrar Policies on Access to Student Records
- Enterprise Access Requests
- Minnesota Government Data Practices Act - MS. 13.01 et. seq.
- Family Educational Rights and Privacy Act - US Statute
- Computer Fraud and Abuse Act, 1986
- Electronic Communications and Privacy Act
- October 2020 - Comprehensive Review, Minor Revision. 1. Specifies what are acceptable forms of ID to confirm identify. 2. Updates the public and private information list. 3. Makes consistent some labels throughout the documents.
- April 2014 - Comprehensive Review, Minor Revision. 1. A new procedure covered the rights of subjects of government data was added. 2. The reason for policy was clarified and the process for making data requests was enhanced. 3. Outdated definitions were removed.
- January 1999