Data Governance 101. Agenda  Purpose  Presentation (Elijah J. Bell) Data Governance Data Policy Security Privacy Contracts  FERPA—The Law  Q & A.

Slides:

Advertisements

Similar presentations

Module N° 4 – ICAO SSP framework

Advertisements

FERPA: UPDATE ON THE FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Presented by Brenda V. S. Selman University Registrar-MU University of Missouri-Columbia.

PRESENTATION ON MONDAY 7 TH AUGUST, 2006 BY SUDHIR VARMA FCA; CIA(USA) FOR THE INSTITUTE OF INTERNAL AUDITORS – INDIA, DELHI CHAPTER.

Data Quality And Stewardship. PROVIDED BY THE IDAHO STATE DEPARTMENT OF EDUCATION.

The Office of Information Technology Information Security Administrator Kenneth Pierce, Vice Provost for IT and Chief Information Officer.

Data Ownership Responsibilities & Procedures

Information Security Policies Larry Conrad September 29, 2009.

Security Controls – What Works

WHY CHOOSE CEO-PE?  We employ International Association of Privacy Professionals (IAPP) Certified and Health Insurance Portability & Accountability Act.

Developing a Records & Information Retention & Disposition Program:

Data Management Awareness January 23, University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.

IS Audit Function Knowledge

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

Management of Communication and Information Chapter -MCI

Session 3 – Information Security Policies

Copyright © Center for Systems Security and Information Assurance Lesson Eight Security Management.

Training on Data Protection Roles of the Data Protection Office.

Protection Against Occupational Exposure

1 1 Roles and Responsibilities in the CDBG Program For Grant Administrators.

Control environment and control activities. Day II Session III and IV.

Internal Auditing and Outsourcing

Peer Information Security Policies: A Sampling Summer 2015.

Session No. 3 ICAO Safety Management Standards ICAO SMS Framework

Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.

CUI Statistical: Collaborative Efforts of Federal Statistical Agencies Eve Powell-Griner National Center for Health Statistics.

Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Chapter 3 Internal Controls.

Outsourcing Louis P. Piergeti VP, IIROC March 29, 2011.

HIPAA COMPLIANCE WITH DELL

How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.

Roles and Responsibilities

Foundations of Effective Board Operation Nicole L. Mace Vermont School Boards Association.

1 CDBG Roles and Responsibilities For Local Officials.

Private & Confidential1 (SIA) 13 Enterprise Risk Management The Standard should be read in the conjunction with the "Preface to the Standards on Internal.

Data Governance Webinar Kathy Gosa, Kansas Josh Klein, Oregon Baron Rodriguez, PTAC Data Governance: Key components & implementation steps.

1 Information Sharing Environment (ISE) Privacy Guidelines Jane Horvath Chief Privacy and Civil Liberties Officer.

LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.

The right item, right place, right time. DLA Privacy Act Code of Fair Information Principles.

Chapter 21 Internal, Operational, and Compliance Auditing McGraw-Hill/IrwinCopyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.

The Culture of Healthcare Privacy, Confidentiality, and Security Lecture d This material (Comp2_Unit9d) was developed by Oregon Health and Science University,

SMS Planning.  Safety management addresses all of the operational activities of the entire organization.  The four (4) components of an SMS are: 1)

Tad and Terry Legal Issues in ILP. 28 CFR Part 23 The federal rule that governs or provides guidance for these issues. § 23.3 Applicability: These policy.

ISO DOCUMENTATION. ISO Environmental Management Systems2 Lesson Learning Goals At the end of this lesson you should be able to:  Name.

Information Security IBK3IBV01 College 2 Paul J. Cornelisse.

ISO/IEC 27001:2013 Annex A.8 Asset management

Copyright © 2007 Pearson Education Canada 23-1 Chapter 23: Using Advanced Skills.

National Public Health Performance Standards Local Assessment Instrument Essential Service:6 Enforce Laws and Regulations that Protect Health and Ensure.

State of Georgia Release Management Training

1 1 Effective Administration of Commercial Contracts Breakout Session # Session D06 Name: Holly Walker, CPCM Corporate Learning Solutions and Contract.

1 Information Governance (For Dental Practices) Norman Pottinger Information Governance Manager NHS Suffolk.

Information Security Office: Function, Alignment in the Organization, Goals, and Objectives Presentation to Sacramento PMO March 2011 Kevin Dickey.

Introduction to Procurement for Public Housing Authorities Getting Started: Basic Administrative Requirements Unit 1.

INFORMATION ASSURANCE POLICY. Information Assurance Information operations that protect and defend information and information systems by ensuring their.

Lecture 5 Control and AIS Copyright © 2012 Pearson Education 7-1.

COBIT. The Control Objectives for Information and related Technology (COBIT) A set of best practices (framework) for information technology (IT) management.

Security Methods and Practice Principles of Information Security, Fourth Edition CET4884 Planning for Security Ch5 Part I.

Shared Services and Third Party Assurance: Panel May 19, 2016.

Building an Effective Paperless Records Management Governance Structure BADM 559 Enterprise IT Governance Professor Michael Shaw By Moh’d A. Obeidat 12/15/2008.

EECS David C. Chan1 Computer Security Management Session 1 How IT Affects Risks and Assurance.

Information Security and Privacy in HRIS

Accountability & Structured Privacy Management

Data Security and Privacy Overview: NJDOE’s Approach to Cybersecurity

Obligations of Educational Agencies: Parents’ Bill of Rights

Red Flags Rule An Introduction County College of Morris

HIPAA Privacy and Security Summit 2018 HIPAA Privacy Rule: Compliance Plans, Training, Internal Audits and Patient Rights Widener University Delaware.

PRIVACY PRESENTATION TO THE SPRING 2013 CONFERENCE BY HANK MOORLAG

Student Privacy in the age of big data

Enterprise Content Management (ECM) Project

HUD’s Coordinated Entry Data & Management Guide

Presentation transcript:

Data Governance 101

Agenda  Purpose  Presentation (Elijah J. Bell) Data Governance Data Policy Security Privacy Contracts  FERPA—The Law  Q & A

Data Governance 101 State Board Resolution on Oct 10, 2013 LEAs shall have a student records governance and use policy. These policies and their implementation shall be monitored by the ALSDE as part of Comprehensive Monitoring

Data Governance 101  What is Data Governance?  Data governance is an emerging discipline with an evolving definition.  Data governance is a quality control discipline for assessing, managing, using, improving, monitoring, maintaining, and protecting organizational information.  Data governance refers to the overall management of the availability, usability, integrity, and security of the data employed in an enterprise. A sound data governance program includes a governing body or council, a defined set of procedures, and a plan to execute those procedures.  MY FAVORITE: An organizational approach to data and information management that is formalized as a set of policies and procedures that encompass the full life cycle of data, from acquisition to use to disposal.

Data Governance 101  Why is Data Governance Important?  To ensure confidentiality, integrity, accessibility, availability, and quality of the data! Our data must be correct at the source…Data Integrity.

Data Governance 101  Where do I start?  How can I accomplish this HUGE task?  Planning & Organizing:  Create a Data Governance Committee  Should include folks like school leaders, legal counsel, data system administrator, data owners, data stewards, technology coordinator, and data privacy officer.

Data Governance 101  Checklist Decision-Making Authority Assigning appropriate levels of authority to data stewards and proactively defining the scope and limitations of that authority is a prerequisite to successful data management. Standard Policies and Procedures Adopting and enforcing clear policies and procedures in a written plan is important to ensure that everyone knows the importance of data quality and security. Data Inventories Conduct an inventory of all data that require protection. Classifying data by sensitivity helps.

Data Governance 101  Checklist Continued Data Content Management Closely manage data content, including identifying the purpose for which data are collected, is necessary to justify the collection of sensitive data, optimize data management processes, and ensure compliance with federal, state, and local regulations. Data Records Management Specifying appropriate managerial and user activities related to handling data is necessary to provide data stewards and users with appropriate tools for complying with an organization’s security policies.

Data Governance 101  Checklist Continued Data Quality Ensuring that data is accurate, relevant, timely, and complete for the purposes they are intended to be used is a high priority issue for any organization. The key to maintaining high quality data is a proactive approach to data governance that requires establishing and regularly updating strategies for preventing, detecting, and correcting errors and misuses of data. Data Access Defining and assigning differentiated levels of data access to individuals based on their roles and responsibilities in the organization is critical to preventing unauthorized access and minimizing the risk of data breaches.

Data Governance 101  Checklist Continued Data Security and Risk Management Ensuring the security of sensitive and personally identifiable data and mitigating the risks of unauthorized disclosure of this data is a top priority for an effective data governance plan.

Data Governance 101  Data Policy  A data policy is the instrument of protection that implements data governance. A good data policy will contain certain essential elements. 1.Data Security 2.Data Privacy

Data Governance 101  Data Security 1.Data security refers to protective digital privacy measures that are applied to prevent unauthorized access to computers, databases and websites. Data security also protects data from corruption. Data security is the main priority for organizations of every size and genre. 2.In its most basic definition, data security means protecting information and information systems from unauthorized access, use, disruption, or destruction. The terms information security, computer security, data security and information assurance are frequently used interchangeably.

Data Governance 101  Data Privacy 1.Information privacy, or data privacy (or data protection), is the relationship between collection and dissemination of data, technology, the public expectation of privacy, and the legal and political issues surrounding them. 2.Privacy concerns exist wherever personally identifiable information is collected and stored – in digital form or otherwise. Improper or non- existent disclosure control can be the root cause for privacy issues. Data privacy issues can arise in response to information from a wide range of sources.

Data Governance 101  Contracts, MOUs, and MOAs 1. Contract; an agreement with specific terms between two or more persons or entities in which there is a promise to do something in return for a valuable benefit known as consideration. 2. Memorandum of Understanding; MOUs specify mutually-accepted expectations between two or more people or organizations as they labor together toward a common objective. 3. Memorandum of Agreement; a document written between parties to cooperate on an outlined agreement on certain projects and lay out the ground rules.

Data Governance 101  Contracts, MOUs, and MOAs Continued MOU vs. Contract:  MOUs are less formal than contracts  MOUs include fewer details and complexities  MOUs are simpler and more flexible

FERPA The Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99) is a Federal law that protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education.

Data Governance 101  Where can I get all of this information and more? 1 Login Information: Username and password that you use for Education Directory login.