Data Stewards

Administrative data is owned by the University and should be shared appropriately to meet the needs of the University and its customers. Data is to be managed by a Data Steward as a University resource and asset.

The Data Steward has the responsibility to ensure that the tasks listed below take place. The activities required to accomplish these tasks will be assigned either for initial and/or long-term accomplishment. The results of the tasks will be available as needed. Training, for instance, needs to be designed initially, and then carried out both for initial groups and continually as staff turnover occurs. The Data Steward is responsible for assuring that the results of the activities meet the needs of the University for this data.

A Data Steward must participate with IT Data Administration staff, application development teams, and knowledgeable departmental staff on projects creating, maintaining, and using University data.

• Data Steward Membership
• Data Steward Appointment Process
• Data Steward Responsibilities

Data Steward Appointment Process

The vice president for each business area will, through their departmental computing manager, assign a Data Steward for their administrative area. The term of appointment for a Data Steward is undefined; however, brief terms will not enhance this process. As with any role or position, planning for replacement is facilitated by the Data Steward sharing knowledge of their responsibilities with others serving as data analysts.

To effectively fill the Data Steward role, an individual should have:

• Broad-based knowledge of the data for which they are a steward. This knowledge should encompass all uses of the data as viewed from the University's perspective.
• Knowledge of how University business processes relate to their data.
• The flexibility to view their data as a University resource.
• The ability to work effectively within a team in performing the required tasks.
• The ability to communicate effectively in response to questions concerning the data.
• The ability to communicate effectively in writing in the many definition and documentation tasks involved in this role.
• The ability to utilize appropriate interpersonal styles and methods of communication to encourage the proper use of the University's information resource.
• The ability to complete work in sufficient detail to ensure integrity and completeness, and to identify inconsistency.

Responsibilities

• Work with Information Owners and Privacy Officers to assure that data is classified as restricted, sensitive or public as it relates to the distribution of the data. Identify procedures for maintaining data confidentiality as they relate to data under the Data Steward's management. When necessary, work with departmental Security Officers to enforce the procedures.
• Consult with University compliance officers for requirements of various laws, including but not limited to, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Family Educational Rights and Privacy Act (FERPA), the Gramm-Leach-Bliley Act (GLBA), and the Indiana Access to Public Records Act regarding the appropriate use of data according to such laws.
• Assure that there are documented and published processes for granting system access and privileges in the business area. Where necessary, validate that HR procedures are followed for creating roles and assigning roles to appropriate HR positions.
• In accordance with established guidelines approved by the Information Owner, grant or remove access by role or by person accounts internal and external to the business area. Act as the agent for central offices in coordinating all account requests. Assure staff requesting access to data or systems present proper signature authority for the request. Annually validate accounts assigned to each system.
• Provide and track appropriate certification or training prior to granting access to the requested data or system. Training may include but is not limited to the Purdue University Data Handling and Data Confidentiality Guidelines.
• Review and approve individual requests for data and the use of requested data. As needed, obtain a signed Memorandum of Understanding from the Director of a department requesting the ability to extract or use data from a system under the Data Steward's management. Work with IT Security and Policy to validate all systems, including externally hosted systems supporting business processes within the Data Steward's area, conform to Purdue University standards for security and data handling.
• As needed, participate in the management of shared data in ERP systems supporting the Data Steward's business area. Annually review and maintain updates to data standards manuals relevant to the Data Steward's business area.
• Support the Identity and Access Management Office through careful and responsible maintenance or distribution of identity data. Assure that staff within "core" business areas maintain identity data through timely correction and removal of suspended data within the Purdue University Identity System (PUID).
• Establish and maintain an appropriate structure and review process for responsible management of file shares.

Data Steward Members - 11/15/2023