Search JMU Web | Find JMU People | Site Index   
Vice President

AVP Human Resources, Training & Performance
  James Madison University

PUBLISHER:
Human Resources
MSC 7009,
Harrisonburg, VA 22807
PHONE: (540) 568-3825


FOR INFORMATION CONTACT:
Human Resources

Privacy Statement
Last Modified: 6/16/2008
Policy #1205
University Data Stewardship

Date of Current Revision: April 2002
Responsible Office: Assistant Vice President for Information Technology
  1. PURPOSE

    This policy establishes the methodology by which the university will manage its data. In addition, the policy assigns responsibilities for the control and appropriate stewardship of university data.

  2. AUTHORITY

    State and Federal laws such as the Family Educational Rights and Privacy Act (FERPA), the Privacy Protection Act, the Intellectual Property Act, the Virginia Public Records Act and the Freedom of Information Act regarding data stewardship require Information Technology to enforce this policy. The president has authorized Information Technology to enforce the policy.

  3. DEFINITIONS

    Institutional Data Stewardship Model:
    Procedures developed to support the Data Stewardship policy. These procedures are constructed by the university's data stewards and are consistent across all applications.

    Data Managers:
    University officials having direct operational level responsibility for information management related to the capture, maintenance, dissemination and user data and for any data administration activities delegated by the data stewards.

    Data Stewards:
    The university division heads (or their designates) who have planning and policy level responsibility for data within their areas and management responsibilities for defined segments of the institutional data.

  4. APPLICABILITY

    All university information that is stored, processed or distributed is subject to the specific parameters of the Institutional Data Stewardship Model, university polices and state or federal laws as they may apply.

    Certain types of data are protected by Federal and State privacy legislation. Other data are specified as critical to the mission of the university, its colleges and departments and, as such, require that procedural controls protect confidentiality, integrity and availability. These specific requirements as well as the general requirements for thoughtful data stewardship outlined in the Data Stewardship model extend to all forms of the data. Those data that are stored in printed or written reports, transmitted via facsimile, downloaded from the university's administrative or academic computers, and information stored in local office automation systems (including departmental microcomputers and networks) are included.

  5. POLICY

    Information, in all forms, is a strategic asset to the university. Protection and appropriate distribution of critical computer and information assets is a fundamental responsibility of Information Technology, but it is also a responsibility of individuals and unit/system managers throughout the university as well. For example, in cases where university information is used locally, or takes forms other than that protected within central computing resources, protection is incumbent upon each individual user.

    This policy establishes responsibilities for information availability, integrity and sensitivity. The Institutional Data Stewardship Model, is based on two basic premises:

    • That the greatest benefit of data is gained through its shared and thoughtful use but diminished through misuse, misinterpretation or unnecessary restrictions to its access; and
    • That the university is the owner of all university data. Further, the data stewardship model is designed to achieve an appropriate mix of three core values-availability, integrity and sensitivity.

    All data shall be classified in one of three categories:

    • Public,
    • Internal, general or
    • Internal, restricted.

    The definitions and specific requirements for these classifications are included in the Institutional Data Stewardship Model, and associated procedure.

  6. PROCEDURES

    See Institutional Data Stewardship Model.

  7. RESPONSIBILITIES

    All university employees and students are responsible for understanding the procedures and related terms and conditions under which they are to acquire and use university data. The Institutional Data Stewardship Model, the university's policy on Appropriate Use of Information Technology Resources, and other policies and procedures related to information and information technology use are available on the university's computing standards web site and shall be considered as appendices to this policy.

    Responsibilities are also assigned to specific individuals and groups as part of the data stewardship effort. These include: Data Stewards, the Data Stewardship Committee, Data Managers, and the Data Access and Policy Implementation Committee. These specific responsibilities are detailed in the Institutional Data Stewardship Model.

    As data are developed, the individual(s) responsible for the creation or collection of the data are responsible for identifying its relationship to the Institutional Data Stewardship Model, to assure that storage and access of the data is appropriately managed. This shall include the classification of all panels, views, reports and/or other forms of access in which this data is expressed.

  8. SANCTIONS

    Sanctions will be commensurate with the severity and/or frequency of the offense and may include termination of employment.

  9. EXCLUSIONS

    None.

  10. INTERPRETATION

    The authority to interpret this policy rests with the president and is generally delegated to the Assistant Vice President for Information Technology, in conjunction with the appropriate Data Stewards.

Original version: March 18, 1997

Approved:
April 2002
Linwood H. Rose, President
Index Terms

Data Steward
Data Manager
Data Stewardship
Institutional Data Stewardship Model