Institutional Data: Data used or created for official administrative or academic purposes.
Data Owner: The individual who is accountable for protecting a dataset, holds the legal rights
and defines policies. Data Owners are typically management-level individuals (e.g.,VP’s,
Director’s and even can include some department heads) who are ultimately responsible
for the security and classification of specific data sets. They determine who has
access to the data, how it should be classified, and when it should be archived or
destroyed. They are accountable for ensuring that appropriate security controls are
in place to protect the data.
Data Custodian: Data Custodians are the technical personnel (e.g., IT staff or third party) who handle
the day-to-day management of data, including storage, access control, and backups.
They implement the security controls defined by the Data Owner, ensure data integrity,
and manage data backups and recovery. They work under the guidance and direction of
the Data Owner to fulfill the owner's security requirements.
User: Users are individuals who access and utilize data for business purposes. They must
adhere to the security policies and procedures established by the Data Owner and implemented
by the Data Custodian. User access is typically granted based on their roles and responsibilities,
and they are restricted from accessing data they are not authorized to use.
Data Steward: Optionally designated by the Data Owner to maintain data quality within their areas,
document standards, and support unit-level use. Data Stewards serve on the Data Governance
Committee.
Data Oversight Committee: The Data Oversight Committee serves as a coordination body for resolving shared data
issues across units; recommend practices for consistency; review significant cross-unit
changes when escalated. The Committee does not own operational data decisions or enforce
changes but facilitates coordination on shared concerns