Skip to main content

Data Governance

  1. Policy

    Salt Lake Community College recognizes institutional data as an asset and the importance of its security and quality. Widespread appropriate use of data increases its value; this value diminishes when data is mishandled, misused, or unnecessarily restricted. This policy establishes data governance definitions and procedures related to the college's treatment of institutional data to ensure its availability, usability, integrity, and security.

  2. References
    1. 15 U.S.C §6801 Gramm-Leach-Bliley Act
    2. 20 U.S.C §1232g- Family Education Rights and Privacy Act
    3. 42 U.S.C. §1320d Health Information Portability and Accessibility Act of 1996
    4. Utah Code §63G-2-101 seq. Government Records Access and Management Act
  3. Definitions
    1. Data Classification: A system to group data into one of four types, based on the level of sensitivity when considering the release of or access to such data.
    2. Data Governance Council: ("DGC") A cross-divisional governing structure that oversees the integrity and validity of college data assets and makes institutional-level data decisions. Membership consists of stakeholders of the college's functional areas involved in creating, managing, and maintaining data.
    3. Data Integrity: the accuracy and consistency of data over its lifecycle, from entry to processing to analytics.
    4. Data Owner: An individual with a role defined within the Data Roles guide who is authorized to make business decisions surrounding institutional data under the DGC's guidelines and conventions.
    5. Functional Area: A unit, department, or division of the college whose responsibility is managing business processes that create, maintain, and use data pertaining to one or more of the functions of the college.
    6. Institutional Data: Data that is:
      1. created, maintained, managed, or transmitted by or on behalf the college in relation to business, education, or research initiatives;
      2. relevant to operating, managing, maintaining, or planning administrative functions of the college;
      3. used for the fulfillment of regulatory or required reporting duties of the college;
      4. pertaining to students, staff, facilities, or assets in any structure; or
      5. derived from or used to derive a data element that fits the above criteria.
  4. Procedures
    1. Employees and students must treat institutional data as an institutional asset. 
    2. The college will establish the Data Governance Council ("DGC") under the approved charter. This group will manage institutional data policy, procedures, and definitions.
    3. The DGC will maintain the Data Roles Guide with ownership level definitions and assigned roles and make the guide available to the campus community.
    4. The DGC will maintain the Data Classification Guideto define sensitivity levels for data. The DGC will also establish standards and attributes for defining data elements.
    5. The DGC will oversee the integrity and validity of institutional data in a cooperative and collaborative effort with key college stakeholders who provide expertise and perspectives related to specific aspects of data integrity and security.
    6. Data Owners must purposefully plan, inventory, and implement all systems used to gather, report, or synthesize institutional data.
    7. Data Owners must adequately protect and document all institutional data definitions and access to institutional data.

Date of last cabinet review: June 7, 2022

The originator of this policy is the Institutional Effectiveness Department. Questions regarding this policy may be directed to the originator by calling 801-957-4069