Data governance seeks to encourage desirable behavior in the valuation, creation, use, storage, archiving, and deletion of information, all with the objective of ensuring data quality control and integrity. Specifically, it is the role of data stewards at U-M to protect the confidentiality, integrity, and availability of university data. Effective data stewardship is the process for maximizing the value of data as an institutional resource. Guidance is provided in Data Administration Guidelines for Institutional Data Resources.
The Institutional Data Resource Management Policy (SPG 601.12) defines the responsibilities for the protection of institutional data, and guides the management of institutional data.
Every member of the U-M community with access to institutional data shares this responsibility. As outlined in the U-M Statement on Stewardship, individual faculty, researchers, and staff function as stewards of university resources. All U-M employees are entrusted with protecting the property and other assets of U-M. Specifically, they are responsible for protecting university data—especially sensitive university data—stored on devices they use, whether university- or personally-owned.
Data Stewardship Roles and Responsibilities
U-M owns its institutional data. Individual executive officer areas, units, and departments have stewardship responsibilities for portions of that data. Several roles govern the management of, access to, and accountability for institutional data. These roles include:
To learn who fills these roles at the University of Michigan, see Data Stewards & Managers.
Data Steward
Executive officers with policy-level responsibility for managing a major area of the university’s information resources.
Their responsibilities include the following:
- Be aware of policies and programs relevant to data stewardship, such as the U-M Statement on Stewardship, SPG 601.12, and SPG 601.27.
- Communicate data stewardship policies and procedures to U-M affiliates.
- Promote data management and security training, education, and awareness.
- Establish goals and action plans for implementing relevant policies and programs.
- Consider information security when budgeting and business planning.
- Identify delegated data stewards for appropriate data subareas.
- Ensure accurate, valid, and timely collection of data.
- Classify data relative to sensitivity and criticality to the university.
- Set policies about storage, protection, manipulation, access to, and sharing of data.
- Ensure disaster recovery and business continuity plans are developed and implemented.
- Coordinate with the Chief Information Security Officer to determine proper response to serious IT security incidents that negatively impact protected or regulated data.
Delegated Data Steward
Senior university officials with policy-level responsibility that have been designated by a data steward to serve as the delegated authority for a specific data area. The responsibilities of delegated data stewards are the same as those for data stewards.
Data Manager
University officials and their staff that have operational-level responsibility for the capture, maintenance, and dissemination of data for specific data areas.
Their responsibilities include the following:
- Carry out data steward responsibilities for specific data areas if delegated.
- Develop operational-level procedures
- Respond to questions concerning data validity.
- Appoint individuals to authorize data access.
- Provide appropriate user support for the use of data.
Data Management Integration Coordinator
University staff who are responsible for facilitating and resolving shared data management issues among central offices, schools and colleges, and Michigan Medicine.
Their responsibilities include working with data stewards and their delegates to:
- Facilitate policy, process, and practice discussions about institutional data.
- Resolve shared data management issues.
- Provide appropriate user support in the use of data.
Data User
University departments, individual university community members, or university affiliates that have been granted access to institutional data in order to conduct university business.