This document describes support of affiliation groups in the UW Groups service, including naming, data integration, data quality, life cycle, and access control. Affiliation groups are intended to support effective and efficient day-to-day operations of current UW programs by providing timely, accurate groups representing various affiliations which individuals have with the UW. Affiliation groups are based on data integration between the UW Identity Registry and the groups service. Many groups are updated near-real time and some are updated nightly.
The following table illustrates several affiliation groups:
Group ID | Display Name | Effective Membership |
|---|---|---|
uw_affiliation_undergraduate | UW Undergraduate Students | UW students who are identified as undergraduates. |
uw_affiliation_graduate | UW Graduate Students | UW students who are identified as graduate or professional students. |
uw_affiliation_uw-medicine-workforce | UW Medicine Workforce Members | Members of the UW Medicine Workforce that use clinical applications as identified by UW Medicine IT Services User Access Administration(uaa@u.washington.edu). |
uw_affiliation_affiliate-employee | UW Affiliate Employees | Contingent Workers with an active position in Workday. |
Affiliation groups are identified by UW Group IDs that conform to the UW Group Naming Plan. The following affiliation/organization stem is reserved for them:
The UW Person Registry is the source for the affiliations represented by the affiliation groups. In turn, the Person Registry relies on several data sources, including the student database (SDB), the UW HR system, the Washington State DOH health practitioner database, etc. As the data from the various sources are processed and reconciled, affiliations are assigned to individuals. Because an individual may have multiple affiliations with the UW, an individual may be a member of more than one affiliation group. To contain costs and support smooth operations, UW-IT manages affiliations using the concept of a "grace period". That is, the status of an individual's affiliation changes from current to grace to former, where the intermediate grace period eases transitions from current to former status. Most of the affiliation group memberships retained members who are either current or in grace periods. The duration of the grace period varies, depending on affiliation.
The following table summarizes the most relevant aspects of data integration between the Person Registry and the groups service, related to identifiers, display names, membership derivation, and grace period information.
Group | Display Name | Membership | Real-time updates | Membership Derivation | Grace Period |
|---|---|---|---|---|---|
UW Undergraduate Students | student database (SDB) | YES | In SDB, class is one of (01, 02, 03, 04, 05, 06) | 1 quarter | |
UW Graduate Students | student database (SDB) | YES | In SDB, class is one of (00, 08, 11, 12, 13, 14) | 1 quarter | |
UW Current Graduate Students | student database (SDB) | YES | In SDB, class is one of (00, 08, 11, 12, 13, 14) | none | |
| UW Graduate Students - Graduate | student database (SDB) | YES | In SDB, class is 08 | 1 quarter | |
UW Seattle Undergraduate Students | student database (SDB) | YES | In SDB, primary_branch is 0, class is one of (01, 02, 03, 04, 05, 06) | 1 quarter | |
UW Seattle Graduate Students | student database (SDB) | YES | In SDB, primary_branch is 0, class is one of (00, 08, 11, 12, 13, 14) | 1 quarter | |
UW Bothell Undergraduate Students | student database (SDB) | YES | In SDB, primary_branch is 1, class is one of (01, 02, 03, 04, 05, 06) | 1 quarter | |
UW Bothell Graduate Students | student database (SDB) | YES | In SDB, primary_branch is 1, class is one of (00, 08, 11, 12, 13, 14) | 1 quarter | |
UW Tacoma Undergraduate Students | student database (SDB) | YES | In SDB, primary_branch is 2, class is one of (01, 02, 03, 04, 05, 06) | 1 quarter | |
UW Tacoma Graduate Students | student database (SDB) | YES | In SDB, primary_branch is 2, class is one of (00, 08, 11, 12, 13, 14) | 1 quarter | |
Current Bothell students | student database (SDB) | YES | In SDB, primary_branch is 1, and enrolled in current quarter | none | |
Current Tacoma students | student database (SDB) | YES | In SDB, primary_branch is 2, and enrolled in current quarter | none | |
Current Seattle students | student database (SDB) | YES | In SDB, primary_branch is 0, and enrolled in current quarter | none | |
UW Extension Students | student database (SDB) | YES | In SDB: EO flag | 1 quarter | |
| uw_affiliation_continuum-student_graduate | UW Continuum College Graduate Students | student database (SDB) | YES | In SDB: class is one of (08, 11, 12, 13, 14) AND EO flag | 1 quarter |
| uw_affiliation_continuum-student_undergraduate | UW Continuum College Undergraduate Students | student database (SDB) | YES | In SDB: class is one of (01, 02, 03, 04, 05) AND EO flag | 1 quarter |
UW Applicants | student database (SDB) | YES | In SDB: application for future quarter | 1 quarter | |
UW Alumni | Alumni Advancement database | YES | In Advancement database, type is alumni | 30 days | |
UW Alumni Association Members | Alumni Advancement database | YES | In Advancement database, alumni_member is A | none | |
| uw_affiliation_staff-employee | UW Staff Employees | UW HR system (Workday) | YES | Active in UW HR system, Has position in job family groups: Staff, Stipend Family, Student Employees, or Union/Bargaining Unit. | 14 days |
UW Student Employees | UW HR system (Workday) | YES | Active in UW HR system, Position with job family group: Student Employee | 14 days | |
UW Affiliate Employees | UW HR system (Workday) | YES | Active in UW HR system, Position with job family group: Contingent Workers | 14 days | |
Cascadia Community College Members | Cascadia Community College | YES | In Cascadia Active Directory | 14 days | |
Cascadia Community College Students | Cascadia Community College | YES | In Cascadia Active Directory as student | 14 days | |
Cascadia Community College Employees | Cascadia Community College | YES | In Cascadia Active Directory as employee | 14 days | |
UW Medicine Workforce Members | UW Medicine IT Services | YES | Identified as "UW Medicine Workforce" by UW Medicine ITS | none | |
| uw_affiliation_wwami-medical-resident | Medical residents in FMRN and Spokane Internal Medicine programs who are eligible for employee computing services and UW Libraries services | New Innovations Resident Database Spokane Providence Medical Center HR | YES | Individuals active for the current academic year by UW WWAMI Family Medicine or WWAMI Spokane Internal Medicine | none |
UW Medicine Affiliates | UW Medicine IT Services | YES | Identified as "UW Medicine Affiliates" by UW Medicine ITS | none | |
Seattle Cancer Care Alliance Employees | Seattle Cancer Care Alliance | YES | Company = 'CCA' and | none | |
Seattle Cancer Care Alliance Affiliates | Seattle Cancer Care Alliance | YES | Company = 'CCA' and | none | |
Fred Hutchinson Cancer Research Center Employees | Fred Hutchinson Cancer Research Center | YES | Company = 'FHC' and | none | |
Fred Hutchinson Cancer Research Center Affiliates | Fred Hutchinson Cancer Research Center | YES | Company = 'FHC' and | none | |
HEAL-WA | Washington State DOH | YES | Valid Washington State health practitioner license holders (except Dentists) | 16 days | |
| uw_affiliation_uwp-provider | UW Physicians Providers | UW Physicians | YES | Active in UWP HR system as a "provider" | none |
| uw_affiliation_professional-staff | UW Professional Staff Employees | UW HR system (Workday) | NO | In ODS with ECS code = 'E'. To learn more, refer to the UW Professional Staff Group information page. | none |
| uw_affiliation_staff-non-uwm-workforce | UW Staff Employees who are not an active UW Medicine Workforce member. Group to be deleted after 2FA is universally required. | UW HR system (Workday), UW Medicine IT Services | NO | Active in UW HR system, Has position in job family groups: Staff, Stipend Family, Student Employees, or Union/Bargaining Unit. Not listed as "UW Medicine Workforce" by UW Medicine ITS staff | none |
| uw_affiliation_faculty-non-uwm-workforce | Workers with an academic appointment who are not an active UW Medicine Workforce member. Group to be deleted after 2FA is universally required. | UW HR system (Workday), UW Medicine IT Services | NO | Active in UW HR system, Has position in job family groups: Faculty or Unpaid Academic Worker. Not listed as "UW Medicine Workforce" by UW Medicine ITS staff | none |
There is also a set of legacy eduPersonAffiliation groups, not in the uw_affiliation stem (see eduPerson Affiliation Reference). These eduPerson affiliation groups are:
Group | Display Name | Membership | Real-time updates | Membership Derivation | Grace Period |
|---|---|---|---|---|---|
uw_employee | UW HR system (Workday) | YES | In Workday with a worker position, not contingent workers | 14 days after separation | |
uw_faculty | UW HR system (Workday) | YES | In Workday with a paid academic worker position | 14 days after separation | |
uw_staff | UW HR system (Workday) | YES | In Workday with a position in job family groups: Academic Personnel, Staff, Stipend, Student Employees, or Union/Bargaining Unit, | 14 days after separation | |
uw_student | student database (SDB) | YES | In SDB and status is: admitted for future quarter, pre-registered for future quarter, enrolled for current quarter, on-leave, or active Continuum College flag (EO flag). | Yes One quarter of grace, not including summer quarter | |
| uw_alum | UW Alumni | Advancement database | YES | In Advancement and has alumni flag set to yes | Yes |
uw_affiliate | Person Registry | YES | Is active in: UW Medicine (AMC), a contingent worker in Workday, an applicant in SDB, a active affiliate in Advancement DB, a Cascadia user, in SCCA/FHCRC Workday system. Also included are all users who were sponsored to obtain a UW NetID. Required: User does not have another eduPerson affiliation (also represented by uw_employee, uw_faculty, uw_staff, uw_student, or uw_alum groups) | yes, for most |
This section summarizes the data quality standards for affiliation groups represented in the groups service.
Data Validation Rules: Validation rules are applied only to ensure that affiliation data conform to the constraints of the groups data model. Therefore, the accuracy of affiliation groups, including names and memberships, is primarily determined by the quality and validity of the source data. To ease transitions, members which have been removed from the source data are retained in the groups for the period of time specified in the Grace Period column, above.
Timeliness of Updates: Under normal operating conditions, real-time updates are sent within 10 seconds of a change in the identity system. During periods of large turnover, eg. start of quarter, updates may be delayed by up to 8 hours. Groups updated nightly are updated 7 days a week.
Defined Error Rates: Overall, the groups service relies on the data sources, as the systems of record, to define the frequency of errors in affiliations data.
Integrity Monitoring: The integrity of affiliation data is ensured during secure transport between the data sources and the groups service. Physical, system, and administrative controls are used on the groups service to maintain integrity.
Reliability: Affiliation groups are provisioned using processes monitored to ensure reliability and availability of the groups. When abnormalities such as potentially corrupt or incomplete data feeds are detected during the provisioning process, updates are not applied until the abnormalities are reviewed. The reliability of affiliation groups, once provisioned, is that of the groups service itself: 24 hours a day, 7 days a week, with rare exceptions.
The following lifecycle policy provides notification of affiliation group availability to help customers make informed information technology decisions, anticipate de-provisioning, identify other business needs, and provide feedback.
Lifecycle Policy: Affiliation groups are retained indefinitely. While the groups themselves will be retained, the membership of the groups will of course change over time, as peoples' affiliations change.
The affiliation group memberships are restricted based on their size and the confidentiality of the membership data. This restricted classification forms the basis of the following access control policy and appropriate use guidelines. It is also the basis for membership viewer controls on some of the group memberships.
Access Control Policy: Having considered the privacy, security, and compliance concerns and acknowledging the business needs and operational efficiencies enabled via affiliation groups, the responsible custodians have established an access control policy that grants permission to view memberships only to authorized users. Requests for access (by applications, students, affiliates, and other third parties) may be authorized on a case-by-case basis, based on establishing a business need and/or an appropriate data sharing agreement.
Appropriate Use Guidelines: Use of affiliation groups is subject to the following appropriate use guidelines. Permission to view affiliation group memberships is granted on the condition that authorized clients use the memberships for appropriate business purposes. Authorized clients are responsible for enforcing the defined access control policy and may not share affiliation group memberships without first obtaining authorization to do so. Sending unsolicited email to the membership of an affiliation group may violate UW privacy policy. All users are expected to know and follow the rules related to ethical and appropriate use of UW computing and networking resources. These rules include guidelines on email use that apply to the use of affiliation groups with email.