This section provides best practice resources on the topic of data governance, which is an organizational approach to managing data, from acquisition to use to disposal, formalized as a set of policies and procedures. Recent growth in the amount of student records collected and stored electronically by educational agencies has increased the scrutiny of data management and protection practices they employ. To assist education stakeholders, including state and local educational agencies, the postsecondary community, and other parties engaged in building and using education data systems, the Privacy Technical Assistance Center (PTAC) developed a number of documents that identify critical components of a successful data governance plan and provide suggestions for optimizing the management of complex data systems. These tools can be used both by the organizations looking to design a new data system and those wanting to improve performance of an existing system.
Available resources are listed below in chronological order, with the most recent at the top of the page:
This brief provides guidance on how to successfully manage complex data systems by establishing a comprehensive data governance approach. Data governance principles discussed in this paper apply to a large number of audiences and can be used to improve data management of systems spanning pre-school through postsecondary education and into the workforce.
This checklist is designed to assist stakeholder organizations with establishing and maintaining a successful data governance program by summarizing the key data privacy and security components of such a program and listing specific best practice action items.
This Statewide Longitudinal Data Systems (SLDS) Technical Brief focuses on data stewardship, which involves each organization’s commitment to ensuring that privacy, confidentiality, security, and the appropriate use of data are respected when personally identifiable information is collected. Data stewardship involves all aspects of data collection, from planning, collection and maintenance to use and dissemination. The Brief also discusses internal control procedures that should be implemented to protect personally identifiable information, including the use of unique student identifiers and linking codes, workforce security, authorization for access, role based access to student record data, permitted uses, and the handling of data breaches. This Brief concludes with a discussion of accountability and auditing, including an overview of the types of audit activities that can be implemented to ensure that all stages of data stewardship have been successfully implemented.
Copyright 2015 - Privacy Technical Assistance Center | U.S. Department of Education