Data governance
Data governance is the system of decision rights and accountabilities for managing the quality, availability, documentation and security of an organisation's data assets.
The University's Data Governance Group brings together a range of professionals working on aspects of data governance, to share experience and make recommendations for improving data governance policies and procedures.
Data Governance Group (UoE SharePoint site- access required)
Three levels of data confidentiality
All administrative data is classified as either unrestricted, restricted, or confidential.
Unrestrictricted data is available for anyone in the world to read.
Restricted data is limited to people who need the data as part of their work.
Confidential data imposes extra controls and is only available to a small number of relevant members of staff.
Personal information
The University maintains a record of all personal data, in compliance with data protection priniciples and law. The Data Protection Officer oversees a comprehensive register of all personal information stored by the University. Privacy statements clearly explain the reasons and uses for storing personal information.
Most personal information is classifed as restricted. Sensitive personal information, which includes information such as race, sexuality and religion, is classified as confidential.
University of Edinburgh data protection policy and guidance
Retention periods & anonymisation
The University has to hold some data for set periods in order to satisfy legal requirements; some other data has to be deleted to meet other legal requirements. These retention periods are defined on the Records Managment web pages.
The University also keeps some data for statistical and reporting purposes. Any personal information in this data is carefully anonymised before it is presented to users, In order to protect personal details.
University retention schedules
Information Security
The University's Information Security service provides guidance on a wide range of security issues.
It also looks after the University's Information Security policy and associated standards.