Data Owner and User Policy

Data Owner

A Data Owner is an individual or group or people who have been officially designated as accountable for specific data that is transmitted, used, and stored on a system or systems within a department or an administrative unit of the College. CCS Data Owners are as follows:

DATAOWNER
Donor DataVice President for Institutional Advancement
Human Resource DataDirector of Human Resources
Payroll, All Student Accounts, and Financial DataDirector of Business Services
Student Financial Aid DataDirector of Financial Aid
Student Housing, Judicial, and Wellness DataDean of Students
Student Immigration DataDirector of International Student Services
All Student RecordsRegistrar

The role of the data owners is to provide direct authority and control over the management and use of specific information. Responsibilities of a Data Owner include the following:

  • Ensure compliance with CCS policies and all regulatory requirements.
    Data Owners need to understand whether or not any College policies govern their information assets. Data Owners are responsible for having an understanding of legal and contractual obligations surrounding information assets within their functional areas. For example, the Family Educational Rights and Privacy Act (“FERPA”) dictates requirements related to the handling of student information. The Privacy and Security Committee can assist Data Owners in gaining a better understanding of legal obligations.
  • Determine appropriate criteria for obtaining access to sensitive information assets. A Data Owner is accountable for who has access to information assets within their functional areas.
  • Implement appropriate physical and technical safeguards to protect the confidentiality, integrity and availability of information assets.
  • Document and disseminate administrative and operational procedures to ensure consistent storage, processing and transmission of information assets.
  • Understand and report security risks and how they impact the confidentiality, integrity and availability of information assets. Report any violations of policy or breaches to the Director of Information Technology Services.

Data Users

All users have a critical role in the effort to protect and maintain College information systems and data. For the purpose of information security, a Data User is any employee, contractor or third-party provider of the College who is authorized to access College Information Systems and/or information assets. Responsibilities of data users include the following:

  • Adhere to policies, guidelines and procedures pertaining to the protection of information assets.
  • Report actual or suspected security and/or policy violations or breaches to the Director of Information Technology Services.

EFFECTIVE DATE
June 22, 2019

LAST UPDATED DATE
May 29, 2020

APPROVING OFFICE
Administration and Finance