University of Wisconsin–Madison

Organization Structure

Data Governance Program Committee Structure

Data Governance Steering Committee:

The Data Governance Steering Committee will be responsible for approving high level data-related projects and for awarding financial assistance.  The Steering Committee will help promote Data Governance throughout the institution and will remove barriers to the implementation and ongoing operations of the program.

Data Stewardship Council:

The Data Stewardship Council consists of both Data Stewards and Senior University officials who have planning, policy-level and management responsibility for data within their functional areas. The Data Stewardship Council works with the Chief Data Officer (CDO) to ensure that the appropriate resources (staff, technical infrastructure, etc.) are available and to ensure proper planning, policies and protocols are in place to support the data needs of the entire university.

The Council’s responsibilities include:

  • Assigning Data Custodians
  • Oversight of data management policies in their areas
  • Determining legal and regulatory requirements for data in their areas
  • Promoting appropriate data quality and data integrity, including consistent data definitions and their application throughout connected systems.
  • Promoting appropriate data use through planning, policy and protocols for data security and development of educational programs related to appropriate data use.

The Data Stewardship Council may delegate responsibility to other established committees. For example, the Identity Management Leadership Group (IMLG) has been authorized to be the group responsible for managing digital identities for UW-Madison.  The Payment Card Industry Compliance Team (PCI-CT) is responsible for ensuring we remain compliant with PCI Data security standards.  A list of domain specific steward groups can be found here: Domain Specific Steward Groups Table

Data Custodians:

There are two types of Data Custodians:  Business Custodians and Technical Custodians.  Business Data Custodians are university officials having direct operational-level responsibility for the management of one or more types of data.  They are charged with providing authorization for access to institutional data.

Business Data Custodian responsibilities include:

  • Authorizing access to institutional data
  • Data Classification – determining the levels of classification of data (Restricted, Sensitive, Public) and monitoring access to those classifications. Work with the Chief Information Security Officer (CISO) and the Chief Data Officer (CDO) to develop access criteria and guidelines for each classification.
  • Ensure that individuals with access to Restricted data have completed required training and agreed to all statements of confidentiality
  • Developing processes, procedures, tools and training to ensure that data is being used appropriately and all confidential information is being treated according to policy.
  • Assuring compliance with all legal and regulatory requirements for data in their areas.

 

Technical Data Custodians are information technology administrators responsible for the management of systems and servers which collect, store and provide access to institutional data.

Their responsibilities include:

  • Implementing all data management policies established by the Data Stewards and Custodians
  • Managing access to data as determined by Data Custodians
  • Maintaining a physical environment for the safe handling of data that meets all regulatory requirements, disaster recovery and business continuity requirements and data protection policy requirements set forth by the Data Stewards and Custodians.