Institutional Data Policy
Policy Statement
All electronic information that constitutes an official record, or has institutional value, shall be managed responsibly with regard to data access, backup, and disposal. This policy describes the requirements for proper management of institutional data records.
Institutional data is information that supports the mission and operation of California College of the Arts. It is a vital asset and considered essential to the College. The confidentiality, integrity and availability of institutional data must be ensured to comply with legal, regulatory, and administrative requirements.
Institutional Data Roles & Responsibilities
Data Trustees
A Data Trustee is a senior leader of the college, typically at the Vice President level, and oversees an area of the college that is responsible for management of institutional data.
Data Stewards
A Data Steward is appointed by a Data Trustee as the person responsible for maintaining the integrity of institutional data within a database or system by adhering to and communicating established guidelines or business rules for data input, updating, and maintenance. They are charged with keeping the guidelines relevant and appropriate to the specifics of the database/system as well as institutional best practices. There is generally one Data Steward per data set.
The Data Stewards collectively form the Data Stewards Council, and meet regularly to share best practices and foster a cooperative environment at CCA wherein most data-related concerns can be resolved.
Data Contributors
A data contributor is given access to making certain edits and updates to a data set after having thoroughly reviewed all established guidelines. When faced with a challenging data entry judgment call, they will defer to the Data Steward to make a final decision. This is a subset of the data consumers group (see below).
Data Consumers
A data consumer is anyone who has access to a data set. If one is not also a data contributor, they would only have read-only access. If a data consumer has a suggestion for a record edit or needs a report run from the data set, they would consult a data contributor. Data consumers also have a responsibility to maintain data integrity and accuracy, following the established guidelines for accessing, sharing and correcting data.
Management of Institutional Data
A data set is defined as a collection of data points that serve a common functional purpose, and carry similar characteristics such as risk classification, system of record, and data access guidelines. Each institutional data set is assigned to a Data Steward for oversight and management.
A single system of record will be designated for each data set. As necessary, tertiary data systems may also hold this data, in which case procedures should be established for integration with the system of record in a manner that preserves the integrity of the data.
A comprehensive inventory of institutional data sets will be maintained by Data Stewards. For each data set, the inventory must include:
- A description of the data set
- The responsible Data Steward
- The system of record
- Any systems that also contain this data (e.g. through an integration)
- Risk Classification (see below)
- Retention policy
The data sets inventory will be reviewed and updated by the Data Stewards on an annual basis, or more frequently as needed.
Data Stewards must ensure that all decisions regarding the collection and use of institutional data are in compliance with applicable laws and regulations, and with College policy and procedure.
All users must report to their immediate supervisor or Technology Services, instances in which institutional data is at risk of unauthorized modification, disclosure, and/or destruction.
Institutional Data that is moved, copied, extended or propagated is still considered Institutional Data and all Institutional Data Policies still apply.
Classifying Institutional Data
The overall sensitivity of institutional data encompasses not only its confidentiality, but also its integrity and availability. Many confidentiality obligations exist, such as those required for personal information and to meet contractual or regulatory requirements.
Three levels of sensitivity and risk are used to classify institutional data:
|
Classification Level |
Description |
Institutional Data Examples |
|---|---|---|
|
Low Risk |
Data that is intended for public access or widely distributed within CCA. The loss of confidentiality, integrity, or availability of the data would have minimal to no adverse impact on the mission of CCA, or the safety, finances, or reputation of CCA and our staff, faculty and students. |
Directory information for employees (e.g. name, title, work contact information, student ID) |
|
Moderate Risk |
Data that is intended for release only on a need-to-know basis, including personal information not otherwise classified as low or high risk, and data protected or restricted by contract, grant, or other agreement terms and conditions. The loss of confidentiality, integrity, or availability of moderate risk data would have a moderate impact on the mission of CCA, or the safety, finances, or reputation of CCA and our staff, faculty and students. |
FERPA-protected student records (e.g. transcripts, financial aid records) |
|
High Risk |
Data for which protection is required by law/regulation. CCA is required to self-report to the government and/or provide notice to the individual if the data is inappropriately accessed. The loss of confidentiality, integrity, or availability of high risk data could have a significant adverse impact on CCA's mission, or the safety, finances, or reputation of CCA or our staff, faculty or students. |
Social security number |
The Data Stewards will assess institutional risks and threats to the data for which they are responsible. For each data set for which they are responsible, the Data Steward will classify the data using the above risk levels.
Documentation of risk classification will be maintained in the Data Sets Inventory, which is maintained by the Data Stewards.
No individual is authorized to change the classification level of institutional data without authorization from the Data Steward.
Access to Institutional Data
Authorization to access institutional data varies according to the need for care or caution in handling. For each classification, data handling requirements are defined to appropriately safeguard the information.
College personnel may not change the classification level of institutional data (if moved, copied, extended, or propagated) without authorization from the Data Steward.
Authorization to access institutional data classified as moderate or high risk is approved by the Data Steward, and is typically made in conjunction with the requestor’s supervisor, or other authority.
Where access to moderate or high risk institutional data has been authorized, use of such data shall be limited to the purpose for which access was granted.
Data Stewards must ensure that appropriate security practices, consistent with the data handling requirements in this policy, are used to protect institutional data. These requirements also apply to copies of the data.
College faculty and staff must affirmatively accept the College’s institutional data confidentiality agreement in employee self service on an annual basis as a prerequisite for obtaining access to institutional data.
Where relevant, the Data Stewards must review external data sharing agreements to ensure appropriate enforcement of confidentiality.
Institutional Data Retention & Disposal
California College of the Arts is committed to effective records retention to ensure that critical records are available to meet business needs, comply with legal requirements, preserve College history, optimize the use of space, minimize the cost of record retention, and ensure that outdated and useless records are destroyed.
The Data Stewards are responsible for identifying the appropriate data retention policies relevant to each data set for which they are responsible, adhering to the rules and regulations of their governing body under which the data set is obligated. Each Data Steward is required to be familiar with the rules and regulations that outline the specific criteria for the retention of data for their area.
Data Retention Period
The retention period refers to the time AFTER the person or subject of the data ends their relationship with the College. For example, the retention period begins on the last day of employment for an employee, or on the day of graduation or withdrawal for a student.
By default, a retention period of seven (7) years will be applied to all institutional data sets, unless otherwise specified.
Any exceptions to the default retention period must be noted by the Data Steward in the Data Sets Inventory. The reason for the exception, such as for regulatory compliance or business purposes, must also be defined in the Data Sets Inventory.
Data Disposal
The Data Stewards are responsible for reviewing their data sets on an annual basis, to determine if any records have surpassed the defined data retention period.
The Data Stewards are responsible for ensuring the destruction, deletion or purging of records that have surpassed the data retention period. The method of disposal will vary, depending on the manner or system in which the data is stored.
In some cases, where the data holds analytical significance for anonymous reporting, the data can be retained for reporting purposes, provided that it is anonymized without the possibility of identifying the data subject in the future.
Contacts
Policy Stewards
Mara Hancock
Chief Information Officer/Acting Chief Operations Officer, Office of the CIO
