Chairperson: Margaret Greer and Katie Gutierrez
- The chairperson(s) is selected by the taskgroup membership for a one-year, renewable term.
- Meetings will be held at the direction of the chairperson(s).
Protect data from destructive forces and from the unwanted actions of unauthorized users. Ensure employees have access to relevant data they need to conduct University business, prevent unauthorized access to data and data systems, and prevent misuse of, or damage to, data assets.
- With the ongoing need to use data for decision-making, data is an institutional asset. Successful data governance requires the participation and collaboration of functional experts and stakeholders who will inform and guide the processes.
- This taskgroup may include members that are not on the Data Governance Council.
- Members unable to be at a scheduled meeting are encouraged to send an informed substitute.
- This taskgroup will have a chair, who will provide status updates at each DGC meeting.
- The leader of this taskgroup will be the point of contact but will collaborate with as many resources at their disposal for input into decision-making processes.
Responsibility of the Data Security Taskgroup:
- Information technology policies are under the purview of Information Services and the safeguard of data asset is the responsibility of all employees.
- This taskgroup will help identify risks and data security gaps in business processes and define controls to manage them.
- Develop and/or maintain data-related documentation including policies, procedures, audits, and guidelines.
Outcomes and Deliverable
- Campus-wide data asset inventory that addresses acquisition, access, handling, governance, quality protocols, usage, accessibility, and literacy.
- Maintain a reference list of data security policies at the campus and system-wide level.
- Resolved or escalated risk-related data issues and vulnerabilities to lessen the likelihood of data breaches.
- Guide the development of data retention guidelines for information extracted from university data assets to ensure proper data disposal that ward off unauthorized access.
- Establish a holistic data certification process that bridges certification gaps and help data stewards make informed decision on granting/removing access; this process should extend to all relevant data assets.
- Proactive data security awareness campaigns and metrics to keep focus strategic rather than reactive and make abstract risks relevant; develop and promote data security best practices.
- Established process for data extraction and file shares inclusive of a review of third-party contract/service agreement review by Data Steward and Information Security Services, as appropriate, and a documented Memorandum of Understanding, if warranted.
- Cheryl Arroyo
- Joe Dominiak
- Justin Dwyer
- Peggy Greer, Co-chair
- Anka Matijevich
- Kevin Popa
- Brad Remmenga
- Javier Solis, Co-chair
- Karen Stachyra
- Sandy Steele