Search the business manual

• Introduction
• 1.0: Accounting Principles and Definitions
• 2.0: Chart of Accounts
• 3.0: Purchasing and Contracts
• 4.0: Travel
• 5.0: Payroll
• 6.0: Accounts Payable
• 7.0: Capitalization
• 8.0: Budget Process
• 9.0: Banking and Investments
• 10.0: Accounts Receivable
• 11.0: Inventory
• 12.0: Protection and Security of Records
  • Section 12 Introduction
  • 12.1 Purpose
    • 12.1.1 Scope and Restrictions
    • 12.1.2 Institutional Data Definition
    • 12.1.3 System Data Definition
  • 12.2 Data Governance and Management Structure
    • 12.2.1 Chief Data Officer
    • 12.2.2 Data Owner
    • 12.2.3 Data Trustees
    • 12.2.4 Data Stewards
  • 12.3 Data Classification
    • 12.3.1 Unrestricted Data
    • 12.3.2 Sensitive Data
    • 12.3.3 Confidential Data
  • 12.4 Data Access
    • 12.4.1 Data Access
    • 12.4.2 Data Documentation
  • 12.5 Privacy and Security
    • 12.5.1 Family Education Rights and Privacy Act (FERPA)
    • 12.5.2 Health Insurance Portability and Accountability Act of 1996 (HIPPA)
    • 12.5.3 Electronic Communications Privacy Act (ECPA)
    • 12.5.4 USA Patriot Act
    • 12.5.5 TEACH Act
    • 12.5.6 Gramm – Leach – Bliley Act (GLBA)
    • 12.5.7 Computer Fraud and Abuse Act (CFAA)
• 13.0: Financial Management and Information Systems
• 14.0: Agency Funds
• 15.0: Auxiliary Enterprise Funds
• 16.0: Audits
• 17.0: Affiliated Organizations
• 18.0: Major Repair and Rehabilitation Funds and GSFIC Projects Managed By Institutions
• 19.0: Miscellaneous
• 20.0: Required Reports
• 21.0: Study Abroad Programs
• 22.0: Federal Stimulus Funds
• 23.0: Unrelated Business Income (UBI)
• 24.0: Student Fees
• Updates and Revisions

12.2 Data Governance and Management Structure

A data governance and management structure is required at the University System Office (USO) and at each institution. The data management structure will demonstrate accountabilities for the data assets of the entity to ensure proper use and handling of data being read, created, collected, reported, updated or deleted.

The data management structure should identify the offices/positions (including identifying incumbent) responsible for fulfilling the roles defined herein.

12.2.1 Chief Data Officer

The USG Chief Data Officer (CDO) is responsible for defining and managing implementation of the policies and procedures for the data governance and management functions at the University System Office (USO) and assisting the institutional Chief Data Officers in defining and establishing similar data governance and management functions at each institution.

Specific responsibilities include, but are not necessarily limited to the following:

• Defining data management roles and responsibilities herein and in other policy and procedure documentation;
• Collating and maintaining documentation pertaining to data governance and management policy and procedure in a centralized and easy-to-access location for the staff of the USO and the institutions;
• Identifying the data governance committee structure and membership;
• Serving as chair of the senior-level data governance/management committee and convening the committee on a schedule to ensure effectiveness; and
• Assisting the chairs of the functional committees to ensure effectiveness.

return to top

---

12.2.2 Data Owner

The individual institution is responsible for all data being read, created, collected, reported, updated or deleted by offices of the institution. As the Chief Executive Officer, the president of the institution is identified as the Data Owner of the institutional data.

The USO is responsible for all data being read, created, collected, reported, updated or deleted by offices of the USO collective. As the Chief Executive Officer, the Chancellor of the University System of Georgia is identified as the Data Owner of the USO data.

Data Owners have the responsibility for the identification, appointment and accountability of Data Trustees.

Data Owners will inform the USG CDO of their data trustee appointments including office, name, and contact information of the incumbent.

return to top

---

12.2.3 Data Trustees

Data Trustees, designated by the Data Owner, are institute/USO executives who have overall responsibility for the data being read, created, collected, reported, updated or deleted by the units reporting to them. These positions/offices would normally be cabinet-level positions reporting directly to the entity Data Owner.

Responsibilities of the Data Trustees include, but are not necessarily limited to:

• Ensuring that data accessed and used by units reporting to them is done so in ways consistent with the mission of the office and institution.
• The identification, appointment and accountability of data stewards within the functional area(s) they are responsible for. The trustees will inform the USG CDO of their Data Trustee appointments, including office, name, and contact information of the incumbent.
• Participating as a member of the strategic data governance and management committee.
• Communicating concerns about data quality to the Data Owner.

The CIO, whether or not designated as a Data Trustee, has the responsibility for ensuring that a technical infrastructure is in place to support the data needs and assets, including availability, delivery, access, and security across the entirety of their operational scope.

The Data Trustees of the USO and the institutions are normally the counterpart of the other.

return to top

---

12.2.4 Data Stewards

Data Stewards, designated by the Data Trustees, are offices/positions responsible for the data being read, used, created, collected, reported, updated or deleted, and the technology used to do so, in their functional areas. Positions held by the Data Stewards normally would report directly to the Data Trustee. Data Stewards recommend policies to the Data Trustees, and establish procedures and guidelines concerning the access to, completeness, accuracy, privacy, and integrity of the data for which they are responsible. Individually, Data Stewards act as advisors to the Data Trustees and have management responsibilities for data administration issues in their functional areas. Depending on the size and complexity of a functional unit, it may be necessary, and beneficial, for a designated Data Steward to identify associate Data Stewards to manage and implement the stewardship process.

Responsibilities of the Data Stewards include, but are not necessarily limited to:

• Ensuring data quality and data definition standards are met.
• Identifying the privacy level as unrestricted, sensitive, or confidential, for functional data within their area(s) of supervision/direction.
• With the entity CDO and/or Chief Information Security Officer, establishing authorization procedures to facilitate appropriate data access as defined by institutional/office data policy and ensuring security for that data.
• Developing standard definitions for data elements created and/or used within the functional unit. The data definition will extend to include metadata definitions as well as the root data element definition.
• With the entity CDO and the functional data governance/management committee(s), identifying and resolving issues related to stewardship of data elements, when used individually or collectively, that cross multiple units or divisions. For example, the individual data element “Social Security Number” may have more than one Data Steward since it is collected or used in multiple systems, such as financial, human resources, and student systems. Resolving stewardship issues for “Full-time Student” would be an example of using multiple data elements collectively to garner the informational item.
• Participating as a member of the functional data governance and management committee(s) as appointed by the Data Trustee.
• Communicating concerns about data quality to the Data Trustee.

Depending on the size and compliment of the office for which the Data Steward is responsible, the Data Steward should assume or delegate steward-type roles to define the accountabilities and responsibilities that go with each data action occurring within the functional area, to wit: data definition, data collection, data reading, data creation, and so on. Examples of these roles and associated responsibilities would likely include, but not necessarily be limited to, the following:

• Data Definer

  • Responsible for defining data in the best interest of the organization
  • Responsible for making the definition of data available to the organization
  • Responsible for communicating concerns about data quality to the Data Steward or Data Trustee

• Data Creator

  • Responsible for accuracy of data being captured, created or entered
  • Responsible for the timeliness of data being captured, created or entered
  • Responsible for defining the processes by which the technologies capture, create or enter the data to be used
  • Responsible for communicating concerns about data quality to the Data Steward or Data Trustee

• Data Reader

  • Responsible for the integrity/security of data being read/used
  • Responsible for communicating concerns about data quality to the Data Steward or Data Trustee

return to top

---

Contact Us

270 Washington Street, S.W.,
Atlanta, GA 30334
U.S.A.

Website Information

• Privacy Policy
• Accessibility
• Compliance & Ethics Reporting

Academics

• Academic Planning
• Academic Programs
• Educational Access and Success
• Faculty Affairs
• Health Workforce Planning & Analysis
• Information Technology Services
• Research & Policy Analysis
• Student Achievement
• Student Affairs

Administration

• Facilities
• Fiscal Affairs
• Georgia Public Library Service
• Human Resources
• Legal Affairs
• Strategic Planning

External Affairs

• Business Development
• Customer Focus
• Economic Development
• Government Relations
• Media & Publications

Board of Regents

Chancellor

Internal Audit & Compliance

USG Institutions

Newsroom

Policies & Reports