Known Approved Uses of DukeCard Access Control Data
Author: Office of Information Technology (OIT)
Category 1 – Operational Support (OIT)
Duke’s OIT may use card tracking information to troubleshoot problems with card access security equipment or problems with the ID cards themselves.
Category 2 – Security and public safety (DUPD)
The DUPD, when investigating a public safety, potential crime, student or employee issue (e.g., domestic violence case), may request DukeCard access records for certain time frames and doors to confirm who had access to a certain area at the time of an incident. After hours, DUPD may access the system directly for time-critical public safety issues.
The DUPD Chief of Police will provide a list of approved investigators to the DukeCard office. Approved DUPD investigators may contact the DukeCard Service Manager for DukeCard access information or access the system after hours for time-sensitive public safety issues. Notification of the request will be provided to the EVP.
The data may only be used as part of an ongoing DUPD investigation and may not be shared outside of those that “need to know” for purposes of the investigation. Data may not be shared with outside law enforcement agencies without approval from Office of Counsel. Data should be destroyed at the conclusion of the investigation.
Category 3 – Space utilization or property issues (schools/departments)
The DukeCard office may receive requests for access logs from schools and departments pertaining to how a space is used, or if an issue occurred in a space (e.g., trash left in a room).
Requests by the space “owner” involving de-identified or summarized data to analyze space utilization may be requested from the DukeCard office. Requests will be reviewed and a determination made if a one-time or regular report is warranted.
Requests involving unique or identifiable data must carry with them a compelling reason for the data. Such requests are submitted to the EVP for approval. Specifically, the following approvals are followed:
- Requests by the space “owner” for ongoing reports must be approved by the EVP.
- Requests by the space “owner” for one-time utilization data that is identifiable and will be used for purposes of security/property issue must be submitted by the DUPD (see category 1)
- Requests by the space “owner” for one-time utilization data that is identifiable and will be used for purposes of space utilization evaluation will be approved by the DukeCard office. If data linked to access times is needed, it will be submitted to the EVP for approval
- Requests by the space “owner” for one-time utilization data that is identifiable and will be used for purposes of “room cleanliness” will be denied.
- Requests by the space “owner” for one-time utilization data that is identifiable and will be used for purposes other than the above will be submitted to the EVP for approval.
The data may only be used for the purposes provided. It may not be shared with any other individuals or departments. Data for property issues will only be provided for doors that directly control the room in question. Data must be destroyed at the end of the review.
Category 4 – Service improvement requests
The DukeCard office may receive requests about access habits for the purpose of improving a service. For example, the Recreational Center may request information about who is accessing the center to tailor programs to attract more customers.
Such a request should come from a department head. The request should specify what type of information, and a well thought out and descriptive reason for the request. If the requesting department only asks for de-identified data (e.g. groupings based on affiliation), then a completed Data Use Agreement (DUA) will suffice. If the requesting department asks for identified information including but not limited to name, DUID, email address, home address, telephone, demographic, or gender, then approval must come from the EVP after the DUA is complete. Approval will not be sought until a complete and compelling case is submitted.
The data may only be used as part of the service improvement request and may not be shared outside of those that “need to know” for purposes of the research. Data may not be shared with anyone else without approval from EVP. Data must be destroyed at the conclusion of the investigation.
Category 5 – Student and Academic Affairs issues
There are times when Student Affairs staff need access to DukeCard information for official purposes. This could be in crisis situations, disciplinary matters, or for health and safety reasons. The on-call staff member most frequently obtains this information; however, a staff member who is not currently on-call but who serves in the on-call rotation could need the information as part of his/her job responsibilities. The staff members who serve in the on-call system report urgent, emergency and crisis situations to the Associate Vice President of Student Affairs and Dean of Students, Vice President for Student Affairs, and Senior Leadership. Information is obtained via an “Oncall” tool developed by DukeCard, or via a direct request to the DukeCard office.
The Dean of Academic Affairs and Associate Vice Provost for Undergraduate Education in Trinity College and The Dean of the Pratt School of Engineering, or their designee, may request card swipe data in event that such data could inform the appropriateness of granting an academic exception/accommodation as requested by a student. The request will come from the Academic Deans and made via a direct request to the DukeCard office.
Approval process – Student Affairs
Student Affairs provides DukeCard with a list of people authorized to receive DukeCard usage reports for students and access the Oncall application to access the information. Staff members are trained on how to use the tool and the requirements for confidentiality, including expressly prohibiting the re-disclosure of DukeCard usage to those without a legitimate need to know. Additionally, it is understood by the on-call staff that DukeCard usage is not to be disclosed to anyone outside of the university, including parents.
The data may only be used for crisis, safety, and disciplinary reasons. Data may not be shared with anyone else without approval from EVP. Data must be destroyed at the conclusion of the investigation.
Approval Process – Academic Affairs
The respective deans in Trinity College of Arts and Sciences and The Pratt School of Engineering will provide the DukeCard Office with a list of people authorized to receive DukeCard usage reports.
Data received will only indicate the usage of a student’s DukeCard during the period in question and used for the sole purpose for which it was requested. Its use will not extend the stated parameters without the expressed approval of the Dean of Academic Affairs and Associate Vice Provost for Undergraduate Education in Trinity College and The Dean of the Pratt School of Engineering, respectively. The data will be discarded once the academic matter has been resolved.
Category 6 – Event attendance
Card readers may be checked out and used for attendance at Duke events. Alternatively, event data may also be collected via apps linked to DukeCard (future). In those cases, attendees MUST be notified that their data is being collected and how it will be used (e.g., to track attendance or to email information after the session). Attendees must be provided with the reasoning for the access and an opt-out option (provided if there is no compliance reason to track).
- The specific use of the data must be identified to the Security Office in advance of the event (when the card-access process is requested), including whether the access to data is strictly required for all attendees or optional.
- The use must be disclosed to attendees at the event, before they access (i.e., students know in the first case that their attendance is recorded due to compliance requirements, or in other optional cases, such as knowing that their email may be added to a mailing list as a result).
- If the attendee does not wish to consent to the data use being requested, for optional data uses they are allowed to pass through without swiping (such as in the 2nd case) or they are turned away if it is really a requirement.
The specific use of the data must be applied in advance of the event. Attendees must be told how their data will be used. The data may not be shared with anyone but the event organizers and must be destroyed after use.
The DukeCard office may receive other requests for access to financial or access data. In those cases, the data request will be reviewed by the CISO and CIO before submission to the EVP for final approval. It should be noted that requests asking for identifiable data or demographic information (e.g. name, DUID, email address, home address, telephone, demographic, or gender) require a more detailed review than requests for aggregated or de-identified data.
In Compliance with:
Article number: KB0030031
Valid to: July 18, 2024