Reporting, provisioning and disclosing

Human Capital Management (HCM): data security levels

Types of Data Elements Public Confidential Highly Confidential
Directory Information
First and last name, business title, official university email, department name, department address, campus
Personnel Records
Employee ID, universal ID, operator ID, pronouns, birthdate, address, phone number, personal email, emergency information, position number, job data, compensation, contract details, supervisor, performance ratings, training records, payroll data, benefit elections, tax information, time collection, leave requests, employment application information
Protected by Law
Social Security number, taxpayer ID, national ID, race, ethnicity, religion, national origin, citizenship, legal presence, visas, age, sex, marital status, disability, military status, veteran status, bank account numbers, dependent information

In PeopleSoft HCM, records (database tables) are assigned to query trees for reporting purposes. Access to one or more query trees is granted based on assigned roles and gives users access to all records found on the corresponding query trees. Typically, records containing higher level data are assigned to query trees that are only accessible to those in roles who must be able to query that level of data en masse. Query tree access does not affect page access.

PeopleSoft HCM also utilizes row level security which enables users to access a record without viewing all rows of the record. Row level security is typically implemented for records with position and/or employee data. Row level security applies to most page access, as well as Query, a built-in reporting tool.

Approved by Employee Data Management Group (EDMG) on 3/2/2020.