Authorized Users -
UIV/EIV users shall be authorized by the EIV Coordinator Director on a need-to-know basis. Persons not employed by this organization shall not be authorized, and only those whose job duties specifically relate to UIV/EIV shall be granted access to the systems and related documents.
Only the following types of authorized users shall be allowed access to the UIV/EIV system by the EIV Coordinator:
Persons whose job duties include the determination of rental payment charges
Persons whose job duties include securing data obtained under UIV/EIV.
Persons whose job duties include retrieving UIV/EIV data
Persons whose job duties include reviewing UIV/EIV data for the purposes of performing UPCS and/or HQS inspections
The EIV Coordinator will provide each user a User Access Form, and the user shall apply for a User ID and password as applicable. EBMC’s Acceptable Computer Use Policy, contains provisions specifically prohibiting sharing of User ID and Password data between users and is therefore hereby incorporated into this document by reference.
EIV Coordinator Responsibilities:
Shall serve as the UIV/EIV Security Officer.
Shall authorize users for access to UIV/EIV systems and data only where necessary, and shall maintain a log of authorized users. The EIV Coordinator shall update this log on a periodic basis, at least once per calendar quarter.
Shall facilitate staff training and/or review of UIV/EIV security procedures on a period basis, to be completed at least annually.
Shall be responsible for determining and reporting any instances of improper disclosure of UIV/EIV data and/or unauthorized access of UIV/EIV computerized systems.
Upon noting a security breach, the EIV Coordinator shall immediately contact appropriate HUD personnel for removal of the offending parties from the UIV/EIV system.
Shall monitor UIV/EIV procedures to ensure ongoing compliance. Procedures will be updated as needed.
Attachments;
History______________________________________________________________
Gabrielle Harris composed this Policy/Procedure on 02/09/2011 03:13:22 PM.