Data Stewardship May 13, 2010 Tom Barton R.L. Morgan Ron Kraemer
Feb 23, 2016
Data Stewardship
May 13, 2010
Tom BartonR.L. MorganRon Kraemer
Introduction
• Data Stewardship• Surveys– ECAR study– CSG survey
• Let’s talk
Individual
College, School and
Unit
Institution
Accountability
Policy and Law
Assessment and Audit
Data Governance and Management (Data Stewardship)
Communication/Collaboration
Tools
ServicesEducation
Safeguarding the Information Entrusted to Us
Research
Student/Faculty/Staff/Institutional Data1. Social Security Numbers2. Driver’s License Numbers3. Financial Account Information (credit/debit card
numbers, bank account information) [student, employee, parent, guardian, alumni, and friends]
4. Health Records5. DNA profile information6. Biometric data (fingerprints, voiceprints, retina/iris
image)7. Alumni and donor financial information8. Behavioral data on the patients treated at
college/university hospitals, research subjects, and children cared for in campus day-care centers
9. Academic Records/Student Data10. Employment Records/Guest Records
11. Background check, reference, debt collection, and litigation data
12. Date of birth13. Security video records14. Photo ID records15. Security scan information16. E-Mail/Voice Mail Records17. Location/access data from key cards, wireless
Internet connections, etc.18. Library and electronic reserve records19. Purchase history information 20. Vehicle data21. Intellectual property related to teaching and
research
Where is this data?1. Servers, desktop systems, fixed storage devices (disk and tape), etc.2. Mobile devices (e.g., laptops, smartphones, removable hard drives, iPods, flash drives, etc.)3. Other devices connected to the network (e.g., microscopes, lab equipment, video conferencing
systems, smartboards, etc.)4. Other media (CDs, DVDs, microfiche, digital tape, paper, etc.)5. Devices outside the university (e.g., Facebook, Google, our homes, on associate’s devices, etc.)
Some of the Information Entrusted to the University
University devices might also be used to store individual personal data (tax forms, personal account information [Bank information, Amazon.com, etc.], passwords, etc.). If so, these data should be deleted.
Institutional Data Management in Higher Education (ECAR Study) – Dec 2009
• Restricted/sensitive data is secure from unauthorized access (3.87)
• Employees understand their responsibilities in the use of data (3.14)
• We get maximum academic value from institutional data (2.72)
• We get maximum business value from institutional data (2.67)
Scale: 1=strongly disagree/5=strongly agree
Protect
Serve
"You've got to ask yourself one question: 'Do I feel lucky?' Well, do ya, punk?"
Harry Callahan, 1971
Do you approach data stewardship more as protection
or as service?
How have your stewardship programs changed over time?
What are your data stewardship objectives?
Objectives in survey
• Clarify roles & responsibilities• Make data policies & standards• Ensure consistency & accuracy• Govern data access & movement• Document, guide & educate for proper use• Protect sensitive data, reduce exposure• Resolve issues & disputes
Outcomes
• Improvement in data consistency, metadata, etc
• Data access, classification, retention policies & procedures
• Requirements & policies for Identity Management
Collateral Outcomes
• Less replication• Inception of records management program• New/closer working relationships• Increased awareness of data security• Corrected misuse of title
Others?