X.07

iRIS System Access

 

Previous Page

Objective

This procedure describes how access to the iRIS system is assigned. 

 

Policy/Procedure

I.     The iRIS system is secured through the LDAP directory with individually assigned userids.

A.     All UT employees, faculty, and students have access to the iRIS system upon assignment of their UT-H userid.

 

II.     Users of UT information resources are required to understand and comply with all user responsibilities:

A.     As outlined in the Information Resources Security manual (http://is.hsc.uth.tmc.edu/css/risk/riskmanu.html, Roles and Responsibilities and Security Violations) and Section 17 of the Handbook of Operating Procedures (http://www.uth.tmc.edu/ut_general/admin_fin/planning/pub/hoop/17/17_01.html, Section F - Users.

B.     All UT employees, faculty and students are required to read and sign the Information Resources Security Acknowledgement Form (http://is.hsc.uth.tmc.edu/css/risk/riskackn01.doc) upon initial employment or entry into an educational program.  These forms are maintained by the Office of Records Management.

 

III.         Termination of an individuals’ relationship with the University also terminates their access to information resources including iRIS. 

 

IV.        Non-UT faculty, staff or students requesting access to iRIS need to obtain a UT guest account (https://apps.uth.tmc.edu/GuestAdmin/).

A.     Guests require sponsorship by a UT faculty or administrative and professional (A&P) employee of the UTHSC-H.  Sponsor responsibilities are outlined in the “Requesting Access For Guest(s) to UTHSC-H Information Resources” (http://www.uth.tmc.edu/netcenter/security/sponsor-respon.htm).

B.     Guests are required to comply with the rules and regulations set forth by the Office of Academic Technology and the Information Technology group that are outlined in the Information Resources Security Acknowledgment Form.

C.     All guests are required to read and complete the Information Resources Security Acknowledgement Form (http://is.hsc.uth.tmc.edu/css/risk/riskackn01.doc) and agree to its terms.  The form must be signed in the presence of a Local Registration Administrative Authority (LRAA) at one of the University’s Identity Verification Centers (http://www.uth.tmc.edu/netcenter/middleware/digital-id/id-centers.html).  If a candidate is not in the Houston area, he or she must appear before a notary public (http://www.uth.tmc.edu/netcenter/security/notary-process.htm)  and execute the approved procedures.

D.     Guest accounts are valid for up to a one year period. 

1.            Guest accounts can be renewed by the sponsor.

2.            Sponsors of “guests” are required to inform the UTHSC-H Help Desk when the guest no longer requires access to the information resources.

 

V.           All iRIS users by default have access to enter protocols and to assign themselves in a user role as one of the following: principal investigator, co-investigators, study coordinator, nurse, study contact or administrative assistant.

 

VI.              Application security is managed and assigned by the iRIS system administrators.

 

A.      iRIS system administrators have full access to system resources and data. 

B.     Access to other special functions is distributed via the iRIS system administrators.  Specific roles within iRIS as defined in the iRIS System Administration Manual include:

1.      Full system administrator  with ability to Grant Committee for the Protection of Human Subjects Administrative rights

2.      Full system administrator

3.      Site assistant department administrator

4.      IRB Chairperson or Vice-chairperson

5.      IRB member (with or without voting rites)

6.      IRB member with the ability to expedite protocols

7.      Consultant/Ad hoc reviewer

8.      IRB coordinator

9.      Ex-officio member of the IRB

10.  Administrative assistant

 

 

Applicable Regulations and Guidelines  Handbook of Operating Procedures, Section 17.01 – Information Technology, Responsibility for the Use of Information Resources -  http://www.uth.tmc.edu/ut_general/admin_fin/planning/pub/hoop/17/17_01.html, Section F - Users Information Resources Security manual - http://is.hsc.uth.tmc.edu/css/risk/riskmanu.html, Roles and Responsibilities and Security Violations Information Resources Security Acknowledgement Form -http://is.hsc.uth.tmc.edu/css/risk/riskackn01.doc Requesting Access For Guest(s) to UTHSC-H Information Resources -Responsibilities Assumed by Guest Sponsor - http://www.uth.tmc.edu/netcenter/security/sponsor-respon.htm Guest Administration - https://apps.uth.tmc.edu/GuestAdmin/ Information Resources Security Acknowledgement Form  -http://is.hsc.uth.tmc.edu/css/risk/riskackn01.doc Identity Verification:  Candidates for Guest Accounts Who are Unable to Appear at a UTHSC-H Identity Verification Center -  http://www.uth.tmc.edu/netcenter/security/notary-process.htm Texas Information Security Standards – Information Security - http://www.all.net/books/Texas/tac-201.13-b/part8.html Identity Verification Centers - http://www.uth.tmc.edu/netcenter/middleware/digital-id/id-centers.html iMedRIS System Administration Manual (See iRIS system administrators for documentation)

Return to Policies and Procedures Home Page

Updated 5/2007, Report broken links