Topics Map > University of Chicago > IT Services > Business Systems > Reporting Systems
Business Objects - GEMS Reporting Security
This article explains security related to the data found in GEMS Reporting.
Responsibility and Confidentiality
GEMS Reporting contains confidential and sensitive University data. In order to use its data, you must have proper authorization. Your authorization means that you have the authority to use the data and the responsibility to share stewardship of the data with the other users of the collection.
Once authorized, you can access the data that you need to do your job. All authorized users are cautioned, however, that they are entrusted to use the data they retrieve from GEMS Reporting with care. Confidential data should not be released to others except for those with a "legitimate need to know." See Personnel Policy #U601.01, regarding Treatment of Confidential Information.
Remember that you should never share Business Objects Documents with other users with the data intact -- send the query without the data. More information about sending and saving Business Objects documents.
Querying Data with Security Restrictions
If you execute a query requesting data that you are not authorized to access, you will get results which may be incomplete because they are missing the data you are not allowed to access.
If your authorization is limited to a specific set of data, be sure when querying the data that you include conditions that let you enter your security restriction(s). For example, if you are authorized to access just data for a particular department, add the predefined condition for 'Dept No' so you can enter your department number when the data provider is refreshed. This will document why the query gets the results it does (you should show the parameters entered in your headers), and will also help your query run faster.