Defines UCSF “affiliates” and “financial systems” and establishes rules and procedures for affiliate access to financial systems.
This policy defines UCSF “affiliates” and “financial systems”, and establishes rules and procedures for affiliate access to financial systems. Depending on their role and responsibilities, affiliates may require access to financial systems to enable the University to operate efficiently and/or for departments to process payments or other financial transactions related to affiliates.
This policy is intended to minimize the risk associated with allowing access to UCSF’s financial systems by ensuring that access is granted only for valid business reasons.
For the purpose of this policy, an affiliate is an individual who is associated with the University for a business purpose but who is not a current UCSF student, faculty, post doc, academic or staff employee. An affiliate may be a consultant, contractor, temporary staff from an employment agency, other UC (non-UCSF) employee, or other third party (e.g. principal investigator or researcher) conducting business or collaborating with the University.
Affiliates are divided into three groups for access purposes:
Group 1 - Consultants, contractors and temporary employees paid through a third party employment services agency. These individuals provide services to UCSF under purchase order, business contract, or other binding agreement.
Group 2 - Other UC (non-UCSF) employees working on a joint project with UCSF.
Group 3 - Other affiliates who require access to University systems due to collaborations and other business activities with the University. Examples include but are not limited to employees of third party agencies such as HHMI and the Gladstone Institutes, external auditors, other universities external to the University of California System, and charitable foundations.
For the purpose of this policy, UCSF financial systems are those under the oversight of, and/or functionally owned by, the Controller's Office. See list at http://controller.ucsf.edu/fin_systems/.
Affiliates in Groups 1 and 2
These affiliates may be granted access to the University's financial systems following the regular, established access procedures to permit departments the ability to process university payments, receipts and other financial transactions.
Departments are responsible for ensuring the appropriate use of financial systems to minimize risk and safeguard University resources.
Affiliates in Group 3
Access to financial systems may only be granted to affiliates in Group 3 by exceptional approval of the Control Point where there are valid business needs and justification to support operational efficiencies.
Two financial transaction systems may be used:
- Connexxus - to arrange business travel.
- MyExpense - to process reimbursement requests for University associated expenses.
- Departments should refer to the training and job aids section for arranging travel or requesting reimbursement on the Controller's Office Travel & Entertainment website.
Access to the reporting systems (MyReports and WebLinks) should be granted for business needs on a case-by-case basis.
- Although MyReports and WebLinks are read only applications, it is inappropriate to assign access as a default to all Group 3 affiliates due to the nature and scope of data that is accessible via the reports. MyReports and WebLinks provide access to data across the entire UCSF Health System and Campus including non-personal/non-restricted information. In most cases, the systems do not restrict data access to specific units.
- Rather than providing the affiliate direct access to MyReports and WebLinks, the department can provide Group 3 affiliates with necessary reports on a regular basis. Most of the reports are available in PDF and/or Excel format supporting ease of distribution.
- If the Group 3 affiliate requires direct access to MyReports and WebLinks for necessary and essential activities, the Control Point may approve access to the reporting systems on an exception basis following the established, regular access procedures.
All Affiliates (Groups 1, 2, and 3)
In addition to the instructions established above, affiliates may be granted access to a financial system(s) only after they have qualified and met the access eligibility requirements for the system(s); and, where applicable, passed a Livescan background check.
All members (including affiliates, faculty, students, and employees) of the UCSF community with access to financial systems must understand and consent to the UC Electronic Communication Policy. All data and information stored on UCSF financial systems is considered confidential and must be handled in compliance with this policy.
Unauthorized use of data and information stored on UCSF financial systems may result in criminal, civil, or administrative actions.
Information on procedures including how to obtain systems access is available in the UCSF Financial Systems section of the Controller’s Office website:
- Forms and instructions for Access Administrators are available on the Forms tab
- Individual affiliates may request access to Connexxus (to arrange business travel) and/or MyExpense (to request reimbursement for University associated expenses) following the instructions on the UCSF Financial Systems Overview tab.
- Support and training materials for Connexxus and MyExpense are available in the Travel & Entertainment section of the Controller’s Office website.
A. Control Points (Dean's and Vice Chancellor's Offices)
- Are responsible for ensuring the access granted to individuals in Group 3 is necessary and essential to assist UCSF employees in performing administrative tasks. The Control Points should implement measures to minimize the risk associated with granting access to UCSF financial systems including regular review of Group 3 affiliates and their access.
B. Controller's Office
- Is responsible for maintaining clearly defined roles, permissions and access requirements for each UCSF financial system.
Business Officer and Department Managers
- Are responsible for timely communication of changes in financial system user responsibilities and access to ensure only authorized individuals have access to the financial systems.
- Ensure that the affiliate has met all the eligibility requirements prior to requesting access to a financial system.
- Are responsible for securing and maintaining documentation for approvals from the appropriate authority before access is granted.
- Maintain activations and changes in a timely manner to ensure system access is available as needed, and that system access is removed on a timely basis as the affiliation expires or need changes.
D. Individuals granted access to financial systems
- Are responsible for understanding, consenting to and following the UC Electronic Communications Policy. All individuals are also responsible for protecting their credentials from unauthorized use.
- Unauthorized use may result in criminal, civil, or administrative actions.