Upload
norma-joseph
View
225
Download
2
Tags:
Embed Size (px)
Citation preview
Data Governance
Webinar 08.12.11
Kathy Gosa, KansasJosh Klein, OregonBaron Rodriguez, PTAC
Data Governance: Key components & implementation steps
2
Why Data Governance?
• Data Governance (DG) is an organizational approach to data and information management Helps to protect interests of stakeholders by enforcing
compliance with agreed-upon rules and regulations regarding data management (including security)
Outlines who can take what actions, when, with what information, and using what methods
Defines rules of engagement, organizational bodies, accountable individuals, and processes
Is formalized as a set of policies and procedures
Encompasses the full data life-cycle
Components of a Data Governance Program
3
• Rules and Rules of Engagement1. Mission and Vision
2. Goals, Governance Metrics, Success Measures, and Funding Strategies
3. Data Rules and Definitions
4. Decision Rights
5. Accountabilities
6. Controls
• Organizational Bodies and Individuals7. Data Stakeholders
8. A Data Governance Office
9. Data Stewards
• Processes10. Proactive, Reactive, and Ongoing Data Governance Processes
Components of a Data Governance Program contd.
4
Source: “The DGI Data Governance Framework” (Gwen Thomas, The Data Governance Institute).
Data Governance Program: Scope
• Scope of a DG program with focus on privacy, compliance, and security includes
Protection of sensitive data Vulnerability assessment and risk mitigation Enforcement of regulatory, contractual, and architectural
compliance requirements Identification of stakeholders, decision rights, and accountabilities Access management
5
DG Program Implementation: Key Steps
• Decision-making authority: Establish organizational structure with different levels of DG & specify roles and responsibilities at each level
• Standard policies & procedures: Adopt and enforce a written data governance plan
• Data inventory: Conduct an inventory of all data that require protection
• Data content: Identify the purposes for which data are collected and justify the collection of sensitive data
• Data records: Specify activities related to handling data to ensure compliance with security policies
6
DG Program Implementation: Key Steps contd.
• Data quality: Ensure that data are accurate, relevant, timely, and complete for the purposes they are collected
• Data access: Define and assign differentiated levels of data access to individuals based on their roles and responsibilities
• Data security: Ensure the security of sensitive data by mitigating the risks of unauthorized disclosure
• Data dissemination: Ensure that data sharing and reporting activities comply with federal, state, and local laws
7
Data Governance: Sharing Best Practices
Successes, challenges, and areas in need of development
Guest speakers:
•Kathy Gosa (Director of Information Technology, Kansas DE): Postsecondary and internal program data governance
•Josh Klein (Chief Information Officer, Oregon Department of Education): LEA engagement through the District CIOs, data collection committee, and regional consortia participation
8
Data Data Governance Governance
ProgramProgramKansas State Department of Education
Kathy Gosa, IT DirectorPTAC WebinarAugust 2011
• Data Governance Board (Director level decision makers from each department / program area)
…establish and enforce policies and practices related to agency data management
– Ethics & security will be a part of every decision the group makes– Members have the authority and commitment to make policy
recommendations and decisions– LEA participation is via comments on proposed policy.
• Data Steward Workgroup (agency data stewards)– Focused on communication, collaboration, data quality– Build capacity for ownership and accountability of data– Eliminate the silo effect of working with data
• Data Request Review Board (subgroup of DGB)– Provides consistent treatment of data requests– Considers, prioritizes and assigns requests for data
KSDE Data Governance Program
• Setting expectations
• Escalation Process
Data Stewards and Programmers
Data Manager / Coordinator
Data Owners
Data Governance Board
ExecutiveLeadership
Data Governance Board
ExecutiveLeadership
Data Stewards & Programmers
Data Request Review Board
Issue Resolution
Data Governance for Data Governance for P20P20
• Kansas P20 Data Sharing o Executive Order gives authority for KBOR and KSDE to evaluate one
another’s programso MOU specifies that each party must notify the other party of any “use” of
the other’s data
• Federated approach for P20 Data Governanceo Postsecondary has a “seat” on KSDE’s DGB and DRRB
• for all items involving PS data (including revisions to KSDE DG Program)
• if voting is involved, the PS “seat” has veto powero KSDE is a data owner of P20 data housed at KBOR, and so
• has a “seat” and decision power on KBOR’s Data Review Committee for any data requests involving P-12 data
• authorizes access to P-12 data• Assigns a data steward with responsibility to assist with analysis/use
of P-12 data
Successes / Successes / ChallengesChallenges
• Successes:o Data Governance is a fundamental part of our culture.o As new issues / challenges have arisen we’ve been able to modify our
existing framework to address them.o Expanding re PS data governance was relatively painless.o We’ve “evolved” our process for including LEAs in DG processes.
• Challenges:o Keep meetings/issues focused – don’t waste time!o Inclusion of LEAs in DG processes. o Immaturity of DG processes at other state agencies.o Applicability of the federated model to other agencies (e.g., Dept of
Labor).
Oregon Education Governance Network
Josh KleinChief Information OfficerOregon Department of [email protected]
PTAC WebinarAugust 12, 2011
Oregon Landscape• 197 School Districts• 19 Education Service
Districts • 561,698 Students• 62,557 School Employees• 28,638 Teachers• Geographically Large• Strong Local Control
Data Source: 2009-2010 Oregon Statewide Report Cardhttp://www.ode.state.or.us/data/annreportcard/rptcard2010.pdf
Governance History• IT Manager’s Committee (ITMgrs)
– Quarterly* Since October 2000
• Data Collection Committee (DCC)
– Quarterly Since November 2002
• Data Quality Workgroup (DQWG)
– Triannually Since February 2008
• Data Warehouse Governance Committee (DWGC)
– Monthly Since April 2010
• Assessment and Accountability Advisory Committees (AAC)
DCC Website: https://district.ode.state.or.us/search/results/?id=402ITMgrs Website: https://district.ode.state.or.us/search/results/?id=403DQWG Website: http://data.k12partners.org/content/project-meetings
* Monthly IT Manager Meetings also held.
Assessment PanelsPanel / Committee
Number of Members
Meeting Frequency
Assessment Policy Advisory Committee
15-20 4-6 times a year
Sensitivity Panel 15-20 4-6 times a year
English Language Arts Assessment and Content
Panel35 6-8 times a year
Mathematics Assessment and Content Panel
35 6-8 times a year
Science Assessment and Content Panel
35 6-8 times a year
Social Sciences Assessment and Content Panel
25 6-8 times a year
Accommodations and Modifications Review Panel
24 2-3 times a year
English Language Proficiency Assessment and
Content Panel38 6-8 times a year
Content and Assessment Panels Website: http://www.ode.state.or.us/search/page/?id=488
Successes• Online Testing Since 2001 (ITMgrs)
• Required Data Owner Attendance (DCC)
• One-Year Rule & Annual Collection Cycle (DCC)
• Race/Ethnicity (DCC/ITMgrs)
• Student Record Exchange (DWGC)
Microsoft Office Word Document
Challenges• Coordination & Preparation• Including Small/Rural Districts• US vs. THEM - Mandate Compliance
In Development• Increased Frequency & Web
Option (DCC)
• Monthly Vendor Meetings• P-20/W Governance
– ALDER Executive Committee (AEC)– Oregon Education Investment Board (OEIB)
• Institution Reconstitution Policies• Oregon Education Information
Security Council– FERPA Compliance– Cloud Computing (i.e. Google Apps for
Education)
AEC Website: http://alder.orvsd.org/content/alder-executive-committee
References
21
•Statewide Longitudinal Data Systems (SLDS) Technical Brief 2. Data Stewardship: Managing Personally Identifiable Information in Electronic Student Education Records (NCES 2011-602)
•The Data Governance Institute – The DGI Data Governance framework
•National Association of State Chief Information Officers – Data Governance series
Upcoming PTAC Events
22
Regional Meetings 2011
• Regional meeting #4: MEIC (August, 2011) – Kansas City, MO – Midwest
PTAC Webinars 2011
• Threats to your Data - August 22nd: 1:30 - 2:30 pm EST
• Data Center Consolidation Best Practices - September 16th: 1:30 - 2:30 pm EST **New**
Stakeholders’ Feedback
23
• What are your needs?
• How can PTAC help you? Help Desk
Site visits
• Sharing best practices Input from organizations that have successfully implemented a
DG program
Sharing your experiences
PTAC Help Desk & Website
24
Send PTAC your questions on privacy, confidentiality, and data security related to longitudinal data systems (LDSs)
Contact the Help Desk
o Toll Free Phone: 855-249-3072
o Toll Free FAX: 855-249-3073
Get copies of PTAC resources, join listserv- nces.ed.gov/programs/ptac