Data Management
Data management is the responsible stewardship of data throughout its lifecycle.
Proper data management is a responsibility of every University employee; you are responsible for any University information to which you have access. Properly managing the data in your care will protect you, the University, and the individuals or groups whose data is processed from data-related harm.
Improper data management can lead to IT security incidents, which are a cause of identity theft, reputational harm, lawsuits, and extremely expensive damages. The goal of data management is to mitigate these risks without impairing University operations.
Understanding data security
Managing data
Data must be managed throughout its lifecycle, from acquisition (when the data is obtained) to disposition (when the data is disposed of). To better understand data management as a whole, you can think of it in terms of the following processes:
- Data acquisition: The process of collecting data, including what data is acquired, how, and why.
- Data utilization: The process of using data to support University missions.
- Data maintenance: The process of organizing, storing, and curating data according to institutional needs.
- Data access: The process of sharing and accessing data as appropriate.
- Data protection: The process of protecting data's confidentiality, integrity, and availability.
Understanding data security
Data is varied and complex. Education records differ from HR records, which differ still from research data. But all data can be understood as having confidentiality, integrity, and availability needs:
- Confidentiality: Deals with the sensitivity of data and the need to keep it private.
- Integrity: Deals with the accuracy and authenticity of data.
- Availability: Deals with the extent of data's accessibility.
Collectively, confidentiality, integrity, and availability are known as the "security triad"; they're three security goals that can help you understand and manage data according to its particular context. Data security is a matter of maintaining the appropriate confidentiality, integrity, and availability for the data you help manage.
Data integrity and availability make up data criticality, which is a measure of how vital data is to the University's missions and processes.