Info |
---|
|
June 21February 6, 2018 2019 – This new set of reference groups is being designed. See ACCESS-166 and ACCESS-168finalized for production release in February. |
Summary
This document describes support for UW employee location groups including naming, data integration, data quality, life-cycle and access controls.
...
Each group is identified by this pattern of naming components:
uw_org_location_workday<workday-locationlocation>
The "workday-location" component is substituted with the name of employee's position's location id.
...
The following table illustrates a couple of employee location code groups:
| | |
---|
uw_org_location_seattle-campus | Current employees with a Seattle Campus position | Current employees who hold a position that has location ID "Seattle Campus" |
uw_org_location_seattle-other-buildings | Current employees with a Seattle Other Buildings position | Current employees who hold a position that has location ID "Seattle Other Buildings" |
Data Integration
The following table summarizes how data is integrated into the groups service, related to identifiers, display names, descriptions, memberships, contacts, classification, and access controls.
Group Attribute | Data Integration Notes |
---|
Group ID | Group IDs include a lower case version the location id, e.g. uw_org_location_seattle-other-buildings |
Group Display Name | Display names include the location id, e.g.
Current employees with a Seattle Other Buildings position |
Group Description | Group descriptions include location id, e.g. "Current employees who hold a position that has location ID "Seattle Other Buildings". This group is updated nightly from the HRPWS. It is available for appropriate business purposes in support of the UW mission. Access to the membership is controlled. Authorized clients are responsible for enforcing the defined access control policy and may not share employee group memberships with unauthorized parties without first obtaining authorization to do so. All users are expected to know and follow the rules related to ethical and appropriate use of UW computing and networking resources. Please contact help@uw.edu for questions about using this group." |
Contact Person | Employee location groups have no owner or contact specified. |
Group Classification | Employee location groups are classified as |
restricted.Restricted. See UW Groups Data Classification Guideline. |
Group Access Controls | Employee location groups have a membership viewer control that enforces the defined access control policy (below). Only members of the u_groups_org_location-read are authorized to view these memberships. |
UW G Suite | Employee location groups cannot be enabled for use in UW G Suite. Contact help@uw.edu to inquire more. |
UW Exchange Status | Employee location groups cannot be enabled for use in UW Exchange. This business rule is in place to ensure the privacy restriction on the group memberships, which the current design of the UW Exchange service cannot enforce by itself. Contact help@uw.edu to inquire more. |
Group Membership List | Memberships are reconciled nightly to accurately represent current operational data rather than historical data. Members are identified by UW NetID. |
Data Quality Standards
This section summarizes the data quality standards for employee location groups represented in the groups service.
...
Lifecycle Policy: Employee location groups are created automatically and won't be deleted without 90 days prior notification to customers who have registered their dependency on them by emailing iam-support@uw.edu.
Access Control Policy
The data custodians for employee data classify employee location groups as restricted. This classification forms the basis of the following access control policy and appropriate use guidelines. It is also the basis of the required membership viewer control and group description text (described above).
Access Control Policy: Having considered the privacy, security, and compliance concerns and acknowledging the business needs and widespread operational efficiencies enabled via UW employee location groups, the data custodians for HR data have established an access control policy that grants permission to view employee location group memberships to UW authorized users and processes acting based on behalf of core UW business needsneed. Access for third parties may be authorized on a case-by-case basis, based on establishing a business need and/or an appropriate data sharing agreement.
...
Workday Location Directory report/list
ISC user guide: Change Job - Voluntary Location or Work Shift Change