University of Wisconsin–Madison

Data Governance

In aligning with the priorities established for the University of Wisconsin – Madison, the mission of the Data Governance Program is to allow for and facilitate campus-wide data-driven decision making.

The Program seeks to identify what data sources exist today and/or what data sources should UW-Madison capture and
define who within UW-Madison are responsible and accountable for the management of that data.

Governance Principles

  • Accountability

    Determining who is responsible for the management of data at UW Madison as well as holding them to our outlined standards.

  • Agility

    All of our processes should adapt when necessary and ensure that .

  • Change Management

    New processes demand new and changing staff at UW. We’re committed to ensuring smooth transitions and well informed decisions.

  • Consistency

    All decisions made will be applied consistently across campus.

  • Metrics Driven

    We monitor ourselves against measurable goals on a regular basis and use the results to determine courses of action.

  • Stewardship

    Determine formal roles for those in charge of data. This does not mean that everyone on campus is not responsible despite formal roles.

  • Transparency

    We will make it clear how and when decisions are made and when processes are created. We also strive to ensure that decisions and processes are audited to support compliance based requirements.

Goals & Objectives

Collaboration & Education

Facilitate collaboration and education related to data policies and use.

Structured Accountability

Facilitate collaboration and education related to data policies and use.

;

Data-Quality Culture

Establish a ‘data-quality culture’ that drives data-centered decisions.

Consistency

Facilitate collaboration and education related to data policies and use.

Completed Data Governance Initiatives

WorkType
Established risk-based data classificationsClassification
Formally delegated authority to four committees / teams responsible for specific data domains.Committees
Established 15 role-based groups to which proper access rights can be assigned in order to distribute institutional analytical content.Information Access
Established new policy determining what data are included in the Student Directory and how requests for that directory will be handled. Policy
Approved the Restricted Administrative Data Policy.
More Information
Policy
Accepted data management plans for the management of BIO/Demographic Student data, Marketing Automation Data & retiring Moodle / D2L data.Policy
Approved Policy & Procedures for Release of Wiscard Photos to ApplicationsPolicy
Created Restricted Administrative Data Policy Training videoTraining

In Progress Data Governance Initiatives

WorkType
Drafting policy governing the release of identity attributes to authorized applications
Policy
Drafting guidelines for the use of Race/Ethnicity dataPolicy
Implementing an online data dictionary for UW-Madison

Data Definitions
Drafting data management plans for the Academic Structure, Survey data, Admissions dataPolicy

Classifications of Data

Restricted

Data should be classified as Restricted when the unauthorized disclosure, alteration, loss or destruction of that data could cause a significant level of risk to the University, affiliates or research projects. Data should be classified as Restricted if protection of the data is required by law or regulation or UW-Madison is required to self-report to the government and/or provide notice to the individual if the data is inappropriately accessed

Internal

Data should be classified as Internal when the unauthorized disclosure, alteration, loss or destruction of that data could result in some risk to the University, affiliates, or research projects. By default, all Institutional Data that is not explicitly classified as Restricted, Sensitive or Public data should be treated as Internal data.

Sensitive

Data should be classified as Sensitive when the unauthorized disclosure, alteration, loss or destruction of that data could cause a moderate level of risk to the University, affiliates or research projects. Data should be classified as Sensitive if the loss of confidentiality, integrity or availability of the data could have a serious adverse effect on university operations, assets or individuals.

Public

Data should be classified as Public prior to display on web-sites or once published without access restrictions; and when the unauthorized disclosure, alteration or destruction of that data would result in little or no risk to the University and its affiliates.

Framework

The overall mission of the Data Governance Program is to enable Data-Driven decision making campus-wide.  In order for users from all departments on campus of data to be able to make informed decisions, a culture of Information Literacy should be established on campus.

The four pillars of Data Governance are as follows:

  • Policies & Standards

    The program will determine who has the authority to make decisions regarding access, priorities, data usage-standards and under what conditions those decisions can be made. Policies & standards can be found here.

  • Information Quality

    Formal and professional data stewardship is an essential part of any data governance program.   Those responsible for data stewardship are accountable for the integrity and quality of UW-Madison’s data.

  • Privacy, Compliance, & Security

    How UW-Madison institutionally deals with the inherent risk that comes along with curating data is an essential part of the data governance program.  Developing the risk management strategies and making those operational are under the purview of the program.  Additionally, compliance with Record retention policies for differing record types.  The Data Governance Program should align with and coordinate with records management to ensure compliance with those regulates occurs.

  • Architecture & Integration

    Ensuring that there are common data definitions and that those definitions are made available across multiple platforms is essential to enabling informed decision making.  Decisions on what those definitions are and how the requirements of those definitions are technically supported is a part of the program.

    It should be noted that the Data Governance Program that is created and implemented at UW-Madison should align with the Data Governance Program that is being created at the UW System level.  One of the tenets of the UW-System Data Governance Program is common and consistent data definitions and certainly what is implemented at UW-Madison should align with those at the UW-System level.