UNIVERSITY OF PITTSBURGH POLICY 10-02-07

CATEGORY:              SUPPORT SERVICES

SECTION:                  Computing, Information, and Data

SUBJECT:                 Downloading Data

EFFECTIVE DATE:   February 16, 1990

PAGE(S):                   2

I.    SCOPE

      This policy establishes the responsibilities of Data Users regarding the downloading of

      University Data from the Multiple Virtual Storage (MVS) or Virtual Memory System

      (VMS) University mainframe computer operating systems to department computers,

      electronically via the University network (PittNet) or physically to a DOS formatted

      diskette.

II.   POLICY

      University data and applications which are processed most appropriately on the

      University MVS and VMS mainframe computers will be processed there.  Downloading

      of University data will be done only if:

      -     It is the most cost effective method for providing information the Data User

      -     The confidentiality, integrity, and accuracy of the mainframe data and the

            downloaded data can be ensured

      -     Copies of the User Department's Data Security and Access Management

            policies are on file with the Data Administrator. (See Procedure 10-02-07,

            Downloading Data.)

      The MVS and VMS mainframe computer systems contain, control, and secure the

      primary data sources for the University.  The systems are on-line and are typically

      updated daily.  Therefore, each individual mainframe data set is the only true,

      authentic, and operational institutional data set. Information extracted from these data

      sets represents a snapshot of University data and may become outdated immediately

      upon downloading.

      Data Requester Responsibilities

      Mainframe system data will be downloaded electronically via PittNet using a mainframe

      security package which ensures that only approved users may access the data, or

      physically to diskettes in password protected formats supported by the University.  It

      is the responsibility of the Data Requester to restrict access to those users

      authorized by the Data Administrator. (See Policy 10-02-04, Data Administration.)

      University data may be released to non-University agencies only if authorized by the

      Data Administrator.

      Any individual employed by, or acting as an agent of the University is responsible for

      adhering to all provisions of University Policy 10-02-05 Computer Access and Use,

      and any special restrictions pertaining to a specific downloading request.

      It is the responsibility of the Data Requestor to manage all downloaded information in

      accordance with University Policy 10-02-06, Administrative University Data Security

      and Privacy.

III.  REFERENCES

      Procedure 10-02-07, Downloading Data

      Policy 10-02-04, Data Administration

      Policy 10-02-05 Computer Access and Use

      Policy 10-02-06, Administrative University Data Security and Privacy