Data Governance Roles
The University Data Governance Policy and Data Management Standard describes four primary roles.
Data Trustees are responsible for:
- Providing oversight of compliance with IT Standards for data management in their organizational units
- Promoting appropriate data use, data quality and management procedures to advance the University’s mission
- Assigning one or more Data Stewards within a Data Trustees organizational unit
Data Stewards are responsible for the confidentiality, integrity, and availability of Institutional Data assigned to them by their Data Trustee including:
- Ensuring security and protection measures are implemented in accordance with relevant IT Standards
- Designating the System of Record and data definitions for critical Data Elements
- Designating Data Security Officers, as applicable
- Reviewing and approving access requests and access levels in accordance with IT Standards, or delegating approval to the designated Data Security Officer
Data Security Officers are designated by a Data Steward with operational responsibilities for maintaining technical solutions and enforcing access procedures and IT Standards related to Institutional Data, including:
- Maintaining technical solutions and executing procedures in compliance with relevant University policies, standards, and data steward requirements
- Managing Data User access and modification requests as authorized by the appropriate Data Steward
- Providing and updating procedures in conjunction with Data Stewards
Data Users are University units or individual University members who have been granted access to institutional data in order to perform assigned duties or in fulfillment of assigned roles or functions for the conduct of university business. Responsibilities include:
- Using institutional data only as required for the conduct of university business within the scope of employment, affiliation with the University, or enrollment as a student
- Following the policies and procedures established to store data under secure conditions
- Complying with federal and state laws and regulations as well as university policies, procedures, and standards associated with data privacy
- Implementing safeguards prescribed for Confidential, Sensitive, and Internal Data
- Ensuring the appropriateness, accuracy, and timeliness of institutional data used for the conduct of university business
- Reporting any unauthorized access, data misuse, or data quality issues to the appropriate data steward for remediation
- Accepting and completing the University Confidentiality Statement if work duties require access to Confidential Data
- Completing any training required for access to a specific data set, such as FERPA or HIPAA training