Transcript Data Stewardship - Stone Soup Fresno

Data Stewardship
May 13, 2010
Tom Barton
R.L. Morgan
Ron Kraemer
Introduction
• Data Stewardship
• Surveys
– ECAR study
– CSG survey
• Let’s talk
Safeguarding the Information Entrusted to Us
Data Governance and Management (Data Stewardship)
Policy and Law
Education
Services
Individual
Research
Accountability
Institution
College,
School and
Unit
Tools
Communication/
Collaboration
Assessment and Audit
Some of the Information Entrusted to the University
Student/Faculty/Staff/Institutional Data
1.
2.
3.
Social Security Numbers
Driver’s License Numbers
Financial Account Information (credit/debit card
numbers, bank account information) [student,
employee, parent, guardian, alumni, and friends]
4. Health Records
5. DNA profile information
6. Biometric data (fingerprints, voiceprints, retina/iris
image)
7. Alumni and donor financial information
8. Behavioral data on the patients treated at
college/university hospitals, research subjects, and
children cared for in campus day-care centers
9. Academic Records/Student Data
10. Employment Records/Guest Records
11. Background check, reference, debt collection, and
litigation data
12. Date of birth
13. Security video records
14. Photo ID records
15. Security scan information
16. E-Mail/Voice Mail Records
17. Location/access data from key cards, wireless
Internet connections, etc.
18. Library and electronic reserve records
19. Purchase history information
20. Vehicle data
21. Intellectual property related to teaching and
research
University devices might also be used to store individual personal data (tax forms, personal account
information [Bank information, Amazon.com, etc.], passwords, etc.). If so, these data should be deleted.
Where is this data?
1. Servers, desktop systems, fixed storage devices (disk and tape), etc.
2. Mobile devices (e.g., laptops, smartphones, removable hard drives, iPods, flash drives, etc.)
3. Other devices connected to the network (e.g., microscopes, lab equipment, video conferencing
systems, smartboards, etc.)
4. Other media (CDs, DVDs, microfiche, digital tape, paper, etc.)
5. Devices outside the university (e.g., Facebook, Google, our homes, on associate’s devices, etc.)
Institutional Data Management in Higher
Education (ECAR Study) – Dec 2009
• Restricted/sensitive data is secure from
unauthorized access (3.87)
• Employees understand their responsibilities in
the use of data (3.14)
• We get maximum academic value from
institutional data (2.72)
• We get maximum business value from
institutional data (2.67)
Scale: 1=strongly disagree/5=strongly agree
Protect
Serve
"You've got to ask yourself one
question: 'Do I feel lucky?'
Well, do ya, punk?"
Harry Callahan, 1971
Do you approach data
stewardship more as protection
or as service?
How have your stewardship programs
changed over time?
What are your data stewardship
objectives?
Objectives in survey
•
•
•
•
•
•
•
Clarify roles & responsibilities
Make data policies & standards
Ensure consistency & accuracy
Govern data access & movement
Document, guide & educate for proper use
Protect sensitive data, reduce exposure
Resolve issues & disputes
Outcomes
• Improvement in data consistency, metadata,
etc
• Data access, classification, retention policies &
procedures
• Requirements & policies for Identity
Management
Collateral Outcomes
•
•
•
•
•
Less replication
Inception of records management program
New/closer working relationships
Increased awareness of data security
Corrected misuse of title
Others?