Skip to content

Data Stewards

Data Stewards have the right and responsibility to manage the data in their stewardship in accordance to all college policies, state and federal laws and compliance regulations. In safekeeping and managing data, Data Stewards take on multiple responsibilities including, but not limited to, information life-cycle management (creation, access, retention, preservation, and destruction), security, privacy, identity management, general internal controls for information, and legal and regulatory requirements. This article will outline the various expectations and responsibilities of a Data Steward.

Overview

Data Stewards receive their right to determine business needs and to define the processes and procedures through their appointment from their Data Trustee. Data Stewards may delegate some management activities to Data Custodians.

Responsibilities include:

  • Establish appropriate information management policies and procedures;
  • Identify the laws and regulations; College policies, procedures, and standards; and contracts and licenses that affect the institutional data under his or her care;
  • Identify the classification of institutional data under his or her care;
  • Determine the appropriate access and use of institutional data under his or her care;
  • Provide communications and education to data users on the appropriate use and care of institutional data;
  • Work with data custodians to establish and maintain trustworthy institutional systems.
Responsibilities Defined:

In order to successfully fulfill the duties and responsibilities of a Data Steward described above, there are practices that need to drive all decisions regarding sensitive data. These practices are described in further detail below.

Technology System Upkeep
In conjunction with the IT support team, Data Stewards must ensure that the computer systems managing sensitive data (operating systems, databases software, and hardware) are running current or supported version numbers. This means the technology should be actively receiving updates and patches and is being well maintained.

Budget
It is the Data Steward's responsibility to procure budget dollars for maintaining technology system upkeep and for IT support personnel. For example, the Blackboard Transact System requires the Windows Operating system, therefore a budget must cover any updates to both the Blackboard Transact System and Windows.

Data Cycle Plans
Data Stewards must develop a written retention and disposal plan for their data. This also requires monitoring that the plan is being successfully carried out.

Training
Before granting access to sensitive data to any member of Snow, the Data Steward must confirm that the recipient has received the required training. For example, before handling student information, employees must complete FERPA Compliance training.

Data Sharing Agreement
The Data Sharing Agreement should be used when data needs to be shared or accessed by other individuals. The agreement defines the intended use of the data and outlines the terms and conditions the Data Steward requires when interacting with their data. It will also act as a method for tracking how data is shared and maintaining consistent data management practices. Agreements need to be revisited and resigned on an annual basis to account for job position changes and/or new procedures.

Data Custodians

Data Custodians are individuals that have been appointed by Data Stewards to carry out some or all of the duties mentioned above in managing and safekeeping sensitive data. For example, a Data Steward may appoint someone to maintain and grant access to their department's database. Ultimately decisions regarding security and compliance are still the responsibility of the Data Steward.

For more information about the other roles associated in managing data at Snow refer to the Data Management and Storage article.