Workgroup on Access and Use of Faculty Data

This workgroup addresses data fidelity, security, and ethical and appropriate use of data consistent with the mission and values of UCLA.
Email: opushelp@ucla.edu.

• Chair: Kent Wada, Chief Privacy Officer
• Robert Baldridge, Manager, Information Practices
• Amy Blum, Senior Campus Counsel
• Heather Small, Opus Project Lead
• Todd Grappone, Associate University Librarian, Digital Initiatives and IT
• Leah Lievrouw, Professor, Information Studies
• Scott Monatlik, Director, Tax Services
• Julie Sina, Assistant Vice Chancellor and Vice President-Finance/CFO and Treasurer, The UCLA Foundation
• Burton Swanson, Professor, Anderson School and Chair, UCLA Board on Privacy and Data Protection
• Frederick Zimmerman, Professor, Health Services, Fielding School of Public Health

Use of Opus Data

The heart of the Opus system is the data that it aggregates and integrates from many disparate campus sources (as well as from faculty themselves) to build more holistic representations of individual faculty members' work. These higher-level representations ('Opus data') are a valuable institutional asset beyond the value of its component data, leveraged by individual faculty for academic review purposes and curated public exposure and by the institution for academic review, reporting, and analysis.

From a functional perspective, the value of the Opus data depends on a consistent set of expectations about data fidelity, security, and access. Data fidelity and security is assured for component data by each authoritative book of record office, augmented by an Opus-defined error resolution process faculty can use to make corrections at the source. The Opus system itself does the same for data it is authoritative for as well as depending on individual faculty for those data components entered directly.

Opus data is valuable not only to individual faculty and to UCLA, but in external contexts as well (e.g. accreditation, and federal and state regulatory requirements).

The Academic Personnel Manual, Data Summary guidance, and Summary 2 of the UCLA CALL specify that certain kinds of faculty data must or should be divulged as part of the academic personnel process. Policies around confidentiality of faculty data are summarized in Section 20 of the Academic Personnel manual. A new Delegation of Authority from the executive vice chancellor and provost will grant the vice chancellor, academic personnel to use the Opus system and Opus data consistent with the needs of the Academic Personnel Office, including the ability to temporarily grant Deans the authority to use Opus data for such purposes during the academic review process.

Use of Opus data by senior campus management for legitimate University purposes outside of academic review. Existing Academic Senate, University, and campus policies specify many aspects of how faculty data whether in Opus or previously on paper can be appropriately used, including Sections 20, 158, and 160 of the Academic Personnel Manual, and the California Public Records Act.

A new Delegation of Authority from the executive vice chancellor and provost will grant authority to Deans, Vice Chancellors, Vice Provosts and the University librarian to use the Opus system and Opus data. The Delegation will articulate intent, typical appropriate uses, and known prohibited uses of the Opus system and Opus data.

Identified Risks

• Data can be misused and/or the limits of the data misunderstood.
• The transparency required of public institutions can be in tension with the privacy of records about individuals and research even as it remains an important cornerstone of the University;
• New uses of the data and new syntheses of the data made possible by Opus need a mechanism by which they are considered in the context of the University's mission and values;
• Security of the Opus system; and The very nature of systematizing and recording information creates categories and names that can unintentionally influence perception or privilege certain ways of looking over others;

The Senate will be cognizant of any potential impact of Opus on the academic review process. UCLA is taking action to minimize these risks to the extent possible.

California Public Records Act

As a public institution, transparency is an important principle: public access laws are an important component of the democratic process in our society, and UCLA's scholars themselves frequently benefit from this legal framework. Yet there is always a risk that Opus data obtained through a California Public Records Act (CPRA) request could result in a framing of the data inconsistent with its intended use and/or the campus' mission and values. Faculty should be aware of the current reach of the CPRA (including the Statement on the Principles of Scholarly Research and Public Records Requests ) and also of its implications with respect to Opus. A statement regarding UCLA's position on intended use of Opus data and CPRA requests, akin to the Statement on scholarly research, is being developed.

Data Security

UCLA Logon ID

Per UCLA Policy 403, UCLA Logon ID Security Standards , a UCLA Logon ID will be used as the authentication mechanism for access to Opus. The UCLA Logon ID and associated password serve to electronically identify an individual, enabling access to campus electronic services or resources that are restricted to that individual or to the UCLA community. The UCLA Logon ID also satisfies the standards of the InCommon Federation and the University of California's UCTrust, and can therefore be used to identify an individual as a member of the UCLA community.

SSL/HTTPS Encryption

As recommended by the IT Services Security Office, SSL/HTTPS (a cryptographic protocol designed to provide communication security over the Internet) is enforced for accessing Opus. Files uploaded to Opus will be encrypted and stored in a secure database.

Secure Hosting

The system is hosted at IT Services, on servers stored in a secure location with restricted physical access.