by Angela Guess
The Privacy Technical Assistance Center has published a new checklist “to assist stakeholder organizations, such as state and local education agencies, with establishing and maintaining a successful data governance program to help ensure the individual privacy and confidentiality of education records.” The five page paper offers a number of suggestions for implementing a successful data governance program that can be applied to a variety of business models beyond education.
For example, the list begins with a discussion of decision-making authority: “Assigning appropriate levels of authority to data stewards and proactively defining the scope and limitations of that authority is a prerequisite to successful data management.” Important questions to reflect on include, “Has the organizational structure with different levels of data governance (e.g., executive, judicial, legislative, administrative, etc.) been established, and roles and responsibilities at various levels specified (e.g., governance board members, technology leaders, data stewards, etc.)? Have data stewards (e.g., program managers) responsible for coordinating data governance activities been identified and assigned to each specific domain of activity? Have data stewards’ roles, responsibilities, and accountability for data decision making, management, and security been clearly defined and communicated (to data stewards themselves as well as other relevant stakeholders)?”