Identity Access Management
What is it?
Identity & Access Management (IAM) is the process used by organizations to grant or deny individuals authorization to secure systems; establishing a single authoritative source to provision access. UMMS, as well as all other UMass campuses, has adopted the IAM process to ensure that constituents associated with the University of Massachusetts have a single identity across all campuses.
Why is this important?
Understanding who has access to the UMMS networks, systems and data, is paramount to ensuring that information is properly protected. Contractual and grant requirements obligate the Medical School to have a clearly defined and systematic process to manage access.
How is access granted?
UMMS Network accounts are created based on inclusion into our two primary systems of record, PeopleSoft Student and PeopleSoft HR. An active status in either system of record is necessary to gain or retain access.
Students - Student network and email accounts are automatically created during the enrollment process.
Employees - Employee network and email accounts are automatically created during the hiring process.
Non-employees - Non-employees are defined as individuals with an ongoing relationship with the Medical School who require access to UMMS network, but are not employed directly by the Medical School. This designation requires a manual entry into the PeopleSoft system. Learn more here.
Residents - Residents are active in PeopleSoft HR during their appointment.
Emeritus - Emeritus faculty are active in the PeopleSoft HR system; network and email accounts will remain indefinitely.
Short-term leave/Sabbatical - Individuals on short-term leave/ sabbatical remain active in the PeopleSoft HR system and will therefore retain network and email access.
How is access removed?
Per the Identity Access Management policy (link when finalized), upon termination:
- Employee and non-employee access will be removed immediately upon termination. Access includes network and email accounts.
- Student email account access will be removed 60 days after graduation; network access will remain for one year after graduation.
If a terminated employee or graduated student has an ongoing relationship with UMMS, they must be added to PeopleSoft HR as a non-UMMS employee to receive their network and email accounts.
UMass Memorial Health Care (UMMHC) Users – those UMMHC employees requiring access to the UMMS network must be sponsored and added to the PeopleSoft HR system as a non-employee.