Data Domain Scope and Subdomains
The Human Resources data domain provides leadership, policy development, guidance and functional expertise to sustain and engage a talented, diverse workforce in one of the nation’s premier higher education systems. The institutional data managed includes access payroll documents, leave statements and benefits information.
Data Trustee
Data Trustees are university officials with authority over institutional data, as designated by Data Governance Council. Data trustees are accountable for managing, protecting, and ensuring the integrity and usefulness of institutional data and for upholding UW-Madison policies, UW System policies, state laws, and federal laws applicable to the institutional data.
The Data Trustee for the Human Resources data domain, as assigned by Data Governance Council, is the Chief Human Resources Officer.
Institutional Data Stewards
Institutional data stewards, who are assigned by and accountable to Data Trustees, help define, implement, and enforce data management policies and procedures within their specific data domain. Institutional data stewards have delegated responsibility for all aspects of how data is acquired, used, stored, and protected throughout its entire lifecycle from acquisition through disposition.
The Institutional Data Steward(s) for the Human Resources data domain, as assigned by the Data Trustee, are
- Employee Record: Catharine DeRubeis, HRS Director
Major Data Systems
UW System Administrative Procedure 1031.A requires Institutional Data Stewards to identify and classify the major systems where data from their data domain resides. The name and classification of the major systems where Human Resources data resides are:
Major System | Classification |
Workday (formerly HRS) | Restricted |
Data Classification Rationale
UW System Administrative Policy 1031 and UW-Madison policy UW-504 require that data be classified according to its risk. Within the Human Resources data domain, the classification rationale is:
Classification | Classification Rationale | Example(s) |
Restricted | Identifiable Employee Record data are classified as Restricted if protected under federal or state law (e.g. Social Security Protection Act of 2010). Disclosure could cause severe harm to employees and/or the university, including exposure to criminal and civil liability. | Social Security Number, Direct Deposit Banking information. |
Sensitive | Identifiable Employee Record data are classified as Sensitive if the data are highly personally sensitive, confidential, or subject to legal or regulatory requirements. | Date of Birth, Gender, Race/Ethnicity, Disability Status, Passport Number, Visa permit number, Driver’s license, Military Status, Criminal record, Home Address, Grievance information, Disciplinary records, benefits information. |
Internal | Identifiable Employee Record data are classified as Internal if disclosure could cause limited harm to employees or the university with some risk of civil liability. | Information used for staff management planning, including judgments or recommendations concerning future salary adjustments or other wage treatments, management bonus plans, promotions, and job assignments. |
Public | Aggregated Employee Record data are classified as Public. Identifiable Employee Record data that is public by law and data for which disclosure poses little to no risk to employees or the university (see Wisconsin Public Records Law [Wis. Stat. §§ 19.31-19.39]) are classified as Public. Employee Record data that has been de-identified in a way that does not allow association with a specific employee is classified as Public. | Directory information, aggregate data on employee population, employee salary information. |