A Data Owner is an individual or group or people who have been officially designated as accountable for specific data that is transmitted, used, and stored on a system or systems within a department or an administrative unit of the College.
CCS Data Owners are as follows:
|Applicant, Inquiry, and Prospect Data||Dean of Enrollment and Executive Director of Admissions|
|Donor Data, Alumni Employment Data||Vice President for Institutional Advancement|
|Human Resource Data||Director of Human Resources|
|Payroll, All Student Accounts, and Financial Data||Director of Business Services|
|Student Financial Aid Data||Director of Financial Aid|
|Student Housing, Judicial, Student Disabilities Records, and Wellness Data||Dean of Students|
|Student Immigration Data||Director of International Student Services|
|All Student Records||Director of Academic Advising and Registrar|
The role of the data owners is to provide direct authority and control over the management and use of specific information. Responsibilities of a Data Owner include the following:
- Ensure compliance with CCS policies and all regulatory requirements.
Data Owners need to understand whether any College policies govern their information assets. Data Owners are responsible for having an understanding of legal and contractual obligations surrounding information assets within their functional areas. For example, the Family Educational Rights and Privacy Act (“FERPA”) dictates requirements related to the handling of student information. The Privacy and Security Committee can assist Data Owners in gaining a better understanding of legal obligations.
- Determine appropriate criteria for obtaining access to sensitive information assets. A Data Owner is accountable for who has access to information assets within their functional areas.
- Implement appropriate physical and technical safeguards to protect the confidentiality, integrity and availability of information assets.
- Document and disseminate administrative and operational procedures to ensure consistent storage, processing and transmission of information assets.
- Understand and report security risks and how they impact the confidentiality, integrity and availability of information assets. Report any violations of policy or breaches to the Director of Information Technology Services.
All users have a critical role in the effort to protect and maintain College information systems and data. For the purpose of information security, a Data User is any employee, contractor or third-party provider of the College who is authorized to access College Information Systems and/or information assets. Responsibilities of data users include the following:
- Adhere to policies, guidelines and procedures pertaining to the protection of information assets.
- Report actual or suspected security and/or policy violations or breaches to the Director of Information Technology Services.