Effective聽August 19th 2013
Security and Confidentiality
Q: What data elements are confidential?
All of a student鈥檚 record is confidential. This includes personal information such as name, student identification number, permanent code, address data, citizenship information, social insurance number, birth date, immigration information, as well as academic data such as degree obtained, course registration, grades, grade point average, etc. Documents that are stored in the imaging systems normally contain personal, hence confidential, information.
Q: Can I look up student data for a friend or if I鈥檓 curious about how a student is doing?
Student data are confidential and should only be accessed in support of legitimate business processes or with the explicit permission of the student. For example: you are not allowed to look up the advising transcript of a student in your class because you are curious to see how well she or he is doing in other classes.
Q: If I am taking a course, can I query or update my own record?
Users who may have administrative rights to student records should never use those rights to access their own records. Changing your own record is a clear offence.
Q: Can I post the grades for student?
Student data, including grades, marked examinations, etc. should never be posted or shared in any public forum (via the Web, on office doors, in classrooms, or otherwise).
Q: Can I include confidential information in an e-mail?
E-mail containing confidential data should be used only with the greatest care, as it can be easily misdirected or forwarded to unintended recipients. In general, e-mail that is sent between 不良研究所 users on the 不良研究所 Exchange server is secure as the e-mail never leaves the server. In general, e-mails sent to or from other mail servers are considered vulnerable.
Q: Can I store downloaded data locally on my hard drive, flash drive, CD, etc.?
Confidential data should never be stored on local hard drives of personal computers. This includes Minerva reports, ad-hoc requests, data from the Web query form, lists generated from the data warehouse, lists from Banner or Minerva forms, documents stored on the imaging system, etc. If it is necessary to store or download data, secure central servers (such as those housed at Network Communication Systems - NCS) should always be used. Only designated University offices are permitted to transmit student data to bodies or agencies outside of the University. For example: unless you are one of the authorized offices, you may not confirm that a student is registered at 不良研究所 without the student鈥檚 explicit permission. You may not provide any lists or reports containing any student data to outside agencies.
Q: Can I share my passwords or Username & Banner ID?
Users should never share their Username/Banner ID聽or passwords for any system (Banner, Minerva, data warehouse, etc.). If you no longer need access to certain student data, you should ask for the relevant permissions to be withdrawn. If you become aware of particular unsafe practices or system vulnerabilities, you should notify your department or faculty security delegate.
Access, Usernames and Passwords
Q: I need access to the Student Information system (Banner, Minerva, Imaging, etc.). Who do I contact
All requests must be signed off and approved by your Manager and Security Designate for your area. A list of Security Designates can be found at /es/sisforms/designates.聽 You will need to fill out the Web request form and indicate the appropriate Security Designate who will approve the access.
Q: Do I need a Banner聽ID for access?
Yes, if you are accessing functions on any of our central systems such as INB (Banner), Minerva, Imaging, etc
Q: How do I get a Banner ID?
You will need to take the GEN 300 Banner Intro Training course. After you have taken the course, a Banner ID will be created for you. Further information on Training is available at /inb/.
Q: What if I have not received my user I.D. and password?
Information on your user I.D. should have already been provided to you. If you have not received these instructions, you will need to call the at (514) 398-3398.
Q: I am asked to enter a new password when I first log into Banner. Is this normal?
Yes, your initial password expires the first time you log into Banner. You must enter a new password in order to use Banner.
Q: I need to access Banner and Minerva for the first time, does it matter which system I access first?
Yes. If you are a first-time user, you need to log into Banner with user I.D. and password structure that was provided to you. You will then need to renew your password. Only then can you access Minerva (with your new password).
Q: What do I do if I forget my Banner or Minerva password?
If you forget your password, you will need to have it reset by calling at (514) 398-3398.
Q: Do I need to enter anything in the 芦 Database 禄 field on the Banner login page?
While you could leave the database field empty, it is recommended to enter 鈥渂anner.mcgill.ca鈥 without the double quotes.
Q: Can I change my Banner password?
Yes. You can modify your password directly in Banner or Minerva under the personal menu.
Q: What is a security role?
A security role is a collection of predefined access rights grouped by a job role/theme under one security role
Q: Which security role聽should I select?
We have done our best to group/theme access. We have also described activities in each role that we believe should help you and your manager determine which security role is best fit for you (link to table)
Training and Requesting Access
Q: How do I request access to Minerva and/or Banner?
If you need access to Student Information System in Minerva and/or Banner, you must complete this online SIS Authorization form聽/es/sis-authorization-form. The SIS Authorization PDF form is no longer in circulation and will no longer be processed.
Q: What information do I need to know in order to fill in a Student Information System access request?
In order to successfully complete the online request form, you must have on hand
- Your 不良研究所 ID, and your 不良研究所 email address
- Your manager鈥檚 name and email address
- The type of access you need. For more details go to /es/sisforms/access-roles
Q: Will my existing access (prior to the change) be altered when requesting additional access?
No, your previous access will remain unchanged unless you had changed job/department.
Q: I am new聽in my department and the聽role I聽need is not listed, how do I make a request?
You will still have to complete the Online SIS Authorization form except, in this case you must select 鈥淥ther鈥 from 鈥淚 work in鈥 found in 2苍诲听page.
Q: What do I do if I need access to more than one role at faculty and department level?
In most cases, you would need access to a single role. However, there are occasions where one needs access to more than one security role. If this is the case, you must complete fill in the online form for each security role level.
Q: Which training must I take to be able to fulfill my Student Information System (SIS) related duties?
Student Information System training is designed provide you with what you need to know to be able to perform your duties. For a complete list of training required for your security role, go to /es/sisforms/access-roles
General Queries
Q: Who do I contact if I have聽questions regarding SIS Security?
If you have a general questions regarding access to Student Information System, you can contact us via this form /es/sis-security-general-questions. For other questions you may wish to consult with you SIS Security Designate /es/sisforms/designates.