Standards for Management of Institutional Data
These standards and associated procedures support policy DM-01, Management of Institutional Data.
These standards apply to all users of Indiana University information technology resources regardless of affiliation, and irrespective of whether those resources are accessed from on-campus or off-campus locations.
These standards apply to all institutional data, and are to be followed by all those who capture data and manage administrative information systems using university assets.
Committee on Institutional Data:
Establishes overall policy and guidelines for management and access to the institutional data of the university.
Responsibility for the activities of data administration is shared among the data stewards, data managers, and the University Information Policy Office.
University officials and their staff who have operational-level responsibility for information management activities related to the capture, maintenance, and dissemination of data are considered data managers. Among the responsibilities of the data managers are any data administration activities outlined in this policy which may be delegated to them by the data stewards.
Indiana University is considered the data owner of all university institutional data; individual units or departments may have stewardship responsibilities for portions of the data.
Senior university officials (typically at the level of vice president, assistant vice president, dean, or university director) who have planning and policy-level responsibilities for data in their functional areas are considered data stewards. The data stewards, as a group, are responsible for recommending policies, and establishing procedures and guidelines for university-wide data administration activities. Data stewards, as individuals, have management responsibilities for defined elements of institutional data.
For historical reasons – because data and the responsibility for data have traditionally been organized along functional or subject-area boundaries – the data stewards are established according to this same subject-area organizing principle. However, because the eight-campus structure of the university is not explicitly recognized in this organizing principle, the data stewards need to be particularly sensitive to the view from the campuses. The specific or unique views of the individual campuses must be an integral part of institution-wide data policies, and the data stewards must ensure that their lines of communication to the campuses are active and user-friendly.
Individuals who need and use university data as part of their assigned duties or in fulfillment of their role in the university community.
Responsibility for the activities of system administration may belong to UITS and its regional campus counterparts or to other divisions or departments within the university.
Standards and Procedures
- Classification of data:
As a foundation for making decisions about data access, institutional data are organized into three classifications:
- Critical data:
Inappropriate handling of this data could result in criminal or civil penalties, identity theft, personal financial loss, invasion of privacy, and/or unauthorized access to this type of information by an individual or many individuals
Legal, ethical, or other constraints prevent access without specific authorization; selective access may be granted.
May be accessed by all eligible employees of the university, without restriction, in the conduct of university business. This is the default classification for all data; access restrictions may be applied only as required below.
Few restrictions; general public may be granted access. (Some data elements classified as public may have certain dissemination restrictions. For more information, contact the Office of the VP and General Counsel.)
- Critical data:
- Access to data:
The value of data as an institutional resource is increased through its widespread and appropriate use; its value is diminished through misuse, misinterpretation, or unnecessary restrictions to its access. This philosophy guides decisions about access to institutional data.
- Access to institutional data will be granted to all data users for all legitimate university purposes.
- As part of the data definition process, data stewards will assign each data element and each data view of institutional data to one of three categories: public data, university-internal data, and limited- access data.
- Except as noted elsewhere in this standard, all institutional data will be designated as university-internal data for use within the university. All university employees will have access to these data, without restriction or prior authorization, for use in the conduct of university business. These data are designated university-internal. They are freely available within the university but not open to the general public.
- Where appropriate, data stewards may identify institutional data elements or views which have few access restrictions and which may be released to the general public. These data will be designated as public data.
- Where necessary, data stewards may specify some data elements as limited-access. Limited-access data would include those data for which data users must obtain individual authorization prior to access, or to which only limited access may be granted. Data classified as limited-access may only be used by those whose positions explicitly require such access. Designation of data as limited-access will include:
- Specific reference to the policy, legal, ethical, or externally-imposed constraint which requires this restriction
- Description of categories of data users who are typically given access to the data, including under what conditions and with what limitations
- A data view does not necessarily inherit the restriction characteristics of the data elements which comprise it. (For example, removal of any association with personally-identifying data elements can result in a view which contains otherwise restricted data elements being designated as public or university-internal.)
- To the extent possible, data stewards will work together to define a single set of procedures for requesting permission to access limited-access institutional data elements, and will be jointly responsible for documenting these common data access request procedures.
- Each data steward will be individually responsible for documenting data access procedures that are unique to a specific information resource or set of data elements.
- Decisions about data access:
- Data stewards establish standard rules, guidelines, and profiles for data access, and decide about individual requests to access data. Responsibility for such recommendations may be delegated to data managers.
- Any data user may request that a data steward, or the Committee of Data Stewards as a group, review the restrictions placed on a data element or data view, or review a decision to deny access to limited-access data
- The University Information Policy and Security Offices implement the data stewards' recommendations and can help identify the appropriate data steward or manager for data access request or to appeal a recommendation.
- When necessary, the Committee on Institutional Data will make the final determination on data restrictions and requested access rights to institutional data.
- Data availability and integration:
- Data stewards are responsible for providing accessible, meaningful, and timely machine-readable institutional data for university use.
- Data stewards and the technology officials who manage systems share the responsibility for data compatibility, accessibility, and interfaces among institutional data elements.
- Data stewards and these technology officials will work together toward unification of the various data element coding structures and data storage formats which exist in various systems where institutional data are stored.
- Data collection and maintenance:
- The data steward is ultimately responsible for complete, accurate, valid, and timely data collection. Operational responsibility for data collection and maintenance is typically assigned to the data managers.
- Further delegation and decentralization of data collection and maintenance responsibility is encouraged in order to assure that:
- Electronic data are collected and maintained as close as possible to the source or creation point of the data as identified by the data steward.
- Each manual or computer process which handles data adds value to the data.
- Data documentation:
- Documentation of data elements is ultimately the data steward's responsibility. Some or all of these responsibilities may be assigned to data managers
- Documentation/definition for each data element must at least include:
- Name and alias names
- Data steward
- Usage and relationships
- Frequency of update
- Source for data capture
- Official data storage location and format
- Documentation must also include:
- Designation as "limited-access", "university-internal", or "public"
- For "limited-access" data elements: description or specification of the restriction
- Description of validation criteria and/or edit checks
- Description, meaning, and location of allowable codes
- Access rules and security requirements
- Archiving requirements
- Data storage location of extracts
- Documentation for derived institutional data must include the algorithms or decision rules for the derivation.
- Documentation of data views must include reference to the data elements which comprise the view and description of the rules by which the view is constructed.
- Overview documentation for databases, files, and groups of files that include institutional data must also be provided, and must include information about data structure and update-cycles necessary for the accurate interpretation of the data.
- The following guidelines will be implemented concurrent with implementation of a University Data Resource Dictionary:
- Documentation of data elements must be provided to UITS and its regional campus counterparts in machine-readable format by the data stewards. This documentation will ultimately reside in the University Data Resource Dictionary.
- UITS and its regional campus counterparts will be responsible for the data administration function of maintaining the University Data Resource Dictionary and for making it readily accessible to all interested parties.
- Change in any data definition characteristics must be noted to UITS and its regional campus counterparts and recorded in the University Data Resource Dictionary in advance of the change.
- Data integrity, validation, and correction:
- Applications that capture and update institutional data must incorporate edit and validation checks to assure the accuracy and integrity (consistency) of the data.
- The accuracy of any element can be questioned by any authorized data user. The data user has the responsibility to help correct the problem by supplying as much detailed information as available, sufficient to permit understanding and diagnosis of the problem.
- The data steward or delegated data manager is responsible for data integrity, responding to questions about the accuracy of data, and correcting inconsistencies if necessary.
- Upon written identification and notification of erroneous data, corrective measures must be taken as soon as possible to:
- Correct the cause of the erroneous data.
- Correct the data in the official storage location.
- Notify users who have received or accessed erroneous data.
- Data manipulation, modification, extraction, and reporting:
- The data steward is responsible for setting policies regarding the manipulation, modification, or reporting of institutional data elements and for creating derived elements, which are also institutional data.
- The data steward has ultimate responsibility for proper use of institutional data; individual data users will be held accountable for their specific uses of the data.
- All data extracted or reported from institutional data must include a record or display of the time and date of data capture.
- Data stewards will work with data managers and data users to define useful and meaningful schedules for creation of standard data extracts. These standard extracts of the data ("data snapshots") will also be considered institutional data.
- Data security:
- The data steward will be responsible for determining security requirements and access restrictions for institutional data.
- All data users having access to limited-access institutional data will formally acknowledge (by signed statement or some other means) their understanding of the level of access provided and their responsibility to maintain the confidentiality of the data they access. The data steward is responsible for monitoring and reviewing security implementation and authorized access.
- The data steward is ultimately responsible for defining and implementing policies and procedures to assure that data are backed up and recoverable in response to events that compromise data integrity..UITS and its regional campus counterparts or other university agencies may assist in this effort.
- Unattended workstations with access to directories containing limited-access data must be logged off, locked, or otherwise made inaccessible to individuals without access rights. Where technically feasible, this equipment must be set up for automatic lock-out after 15 minutes of non-use.
- Individuals requiring access to central sources of restricted institutional information must be authorized by the appropriate data steward or manager and subsequently must use the UITS Decision Support Service (DSS) via the IU Information Environment (IUIE) for that access. Direct (non-IUIE) access to the UITS DSS using individual desktop query tools will be restricted to a limited number of staff with advanced knowledge and experience with the DSS data constructs. These individuals must first establish a connection to the VPN servers to ensure that their password and the other data transmitted are encrypted.\
- Where technically feasible, the IU central authentication service (CAS) must be used for all services that facilitate update or inquiry access to limited-access data on university servers, so that (minimally) strong password selection rules, password expiry, and intruder lockout can be employed.
- Where technically feasible, password tokens (in addition to secure password) must be required for any update access to restricted institutional data on university servers.
- Departments (including UITS and its regional campus counterparts) must eliminate insecure protocols for connecting to all university systems, and for transferring data to and from those systems, especially those servers that support critical operations and/or host limited-access data.
- Data storage:
- The data steward is responsible for identifying an official data storage location for each data element, as well as an official data storage location of valid codes and values for each data element. The data steward will also determine archiving requirements and strategies for storing and preserving historical data for each data element.
- Data element names, formats, and codes must be consistent across all applications which use the data and consistent with such university standards as are developed.
- The University Information Policy Office will assist in determining data storage location and archiving requirements for institutional data.
- Limited-access data must never be stored on individual user workstations, laptops, personal digital assistants (PDA), or any other type of electronic equipment. Limited-access data must be stored on registered, and properly configured and managed, department or central file servers.
- Departments are expected to identify, for their users, appropriate server locations for storage of data extracted from central sources or derived through department operations. In addition, the University Information Policy Office will investigate technical methods for restricting the destination of extracts from central sources to registered servers.
- When limited-access university data are stored on appropriate servers, they must not include SSNs unless they are keys to linking with other files.
- SSNs must not be collected from individuals nor extracted from central systems and stored on departmental servers unless doing so is absolutely required to maintain the business functions of the office involved.
- So that standards for survey research and FERPA requirements for non-directory student records are met, all program evaluation and assessment data must be stored in such a way that responses are not associated with individual names or SSNs. Linkage files containing the association of protected data to individuals must be placed in different directories and with different naming conventions to obscure the connection, and must be permanently deleted when no longer needed.
- A student may file a directory exclusion to prevent disclosure of public information. For this reason, student public information must not be stored on local servers unless updated daily.
- Data views:
- Data views may be defined in order to:
- Aggregate data from multiple sources.
- Segment data into smaller and more manageable subsets.
- Segregate data according to confidentiality or restriction characteristics, so that access to the resulting subset may be more widely distributed
- The data stewards are responsible for defining standard views of institutional data. These views will also be considered institutional data.\
- Data managers or data users may recommend the definition of new data views.
- Data views may be defined in order to:
- System administration:
- Institutional data must be maintained within a single, logically-integrated information system.
- Institutional data may be stored on any of many diverse computing hardware platforms, provided such platforms are fully integrated components of an overall university information system.
- If institutional data are stored on any component of the university information system, that system component must have defined a formal system administration function and have assigned to it a system administrator whose responsibilities include: physical site security; administration of security and authorization systems; backup, recovery, and system restart procedures; data archiving; capacity planning and performance monitoring.
- University servers that are used to store limited-access data must comply with specific management standards, as outlined in IT-12, issued by the University Information Policy Office. Web and other servers that must be accessible from off-campus must be physically separated from servers hosting limited-access institutional data.
- Direct access to university file servers hosting limited-access institutional data must be blocked from non-IU network addresses. Individuals requiring direct access to files stored on these servers from off-campus must first connect through the university's modem pool or (preferably) the IU virtual private network (VPN) service.
- User support:
- The data steward and data managers responsible for the data and each major system housing institutional data will define the extent of support for data access and interpretation which is available to users of these data.
- Data stewards will provide user support--primarily through documentation of the information resource but also, as needed, in the form of consulting services--to assist data users in the interpretation and use of institutional data. This responsibility may be delegated to the data managers.
- The data users will be responsible for their own appropriate use and interpretation of the data which they access.
- Institutional data model:
- The data stewards, or designated data managers, will be responsible for establishing and maintaining a university-wide institutional data model which describes all major institutional data entities and the relationships among those data entities, including the linkages among data collected or maintained by the various organizational units of the university.
- The University Information Policy Office will support the establishment and maintenance of an institutional data model and provide access to expertise and software tools for data modeling.
- Institutional data:
- A data element is considered institutional data if it satisfies one or more of the following criteria:
- It is relevant to planning, managing, operating, or auditing a major administrative function of the university.
- It is referenced or required for use by more than one organizational unit. Data elements used internally by a single department or office are not typically considered institutional data.
- It is included in an official university administrative report.
- It is used to derive an element that meets the criteria above.
- Data elements which meet the criteria for inclusion may be identified as such by a data steward, a data manager, the University Information Policy Office, a user group, or a data user.
- A data steward must be identified for each institutional data element.
- The University Information Policy Office will assist in the negotiations for defining something as institutional data and for identification of data stewards.
- A data element is considered institutional data if it satisfies one or more of the following criteria:
Access to institutional data
refers to the permission to view or query institutional data; permission does not necessarily imply delivery or support of specific methods or technologies of information access.
The Committee on Institutional Data
is a committee chaired by the Associate Vice President for Information Resources which establishes overall policy and guidelines for management and access to the institutional data of the university, and which regularly reviews the performance of the overall data administration function.
is the function of applying formal guidelines and practices to the management of a computing resource.
The university data resource dictionary is a database system that functions as a repository that contains comprehensive information about the university's institutional data and documentation of university administrative systems.
The university information system
is a conceptual term used to identify the collection of computer hardware, software, and network connections which together form the single, integrated system on which institutional data reside.
is institutional data that may be accessed by all employees of the university, without restriction, for the conduct of university business.
Failure to comply with Indiana University information technology policies may result in sanctions relating to the individual's use of information technology resources (such as suspension or termination of access, or removal of online material); to the individual's employment (up to and including immediate termination of employment); to the individual's studies within the university (such as student discipline in accordance with applicable university policy); civil or criminal liability; or any combination of these.
Related Policies, Laws, and Documents
- Policy on Data Management (DM-01)
- Indiana University Policy on Student Records
- Indiana University Release of Student Information Policy
- Family Education Rights and Privacy Act (FERPA)
Campuses, schools, colleges, departments, and other administrative units may have issued local policies and standards governing the appropriate use of information technologies deployed specifically to support that unit's activities. Managers of information technology services may have issued service-level polices and standards governing the appropriate use of their services. In order to understand and adhere to these requirements, users of these resources are responsible for consulting with appropriate unit or service staff.
Maintained and revised as necessary by the University Information Policy Office under the direction of approved data management committees.
Campus registrars or University Counsel will handle questions about the impact of FERPA on IU student record use.
Office of the Vice President for Information Technology
University Information Policy Office
Reformatted by the University Information Policy Office in 2007 and merged with the Indiana University Committee of Data Stewards’ “Data Administration Issues Notice”, “Data Distribution and Storage Issues Notice”, and “Permission to Access Institutional Data” documents.
An initial Policy to Access Data was approved by the University Operations Cabinet in October, 1991, and distributed by the Office of the President in December, 1991.
Original document approved by the Administrative Computing Advisory Committee (ACAC) March 21, 1991 and the ACAC Data Administration Subcommittee on February 14, 1991.