Why Data Privacy Is More Than a Compliance Checkbox for Universities
We’re experiencing confusion and inconsistency, missed opportunities and privacy-related concerns. The care and protection of data has more than just the utilization of data for a better outcome.
There’s a responsibility around different forms of data, and the requirements for an organization to mitigate risk that need to have an owner who understands where that data lives and how that data is being used. Those are some of the drawbacks of having data that is disparate in different systems, and perhaps in many cases duplicative, but not governed in a way that there is a single source of truth.
Under data governance, you get two data classifications that will map back into your compliance requirements. For example, when it comes to the Family Educational Rights and Privacy Act, we know that these types of fields need to be protected in a particular way. Similarly, thinking about Payment Card Industry compliance, we’re thinking the same things — these types of fields have to be protected in a particular way, or maybe we don’t even store them.
For every compliance standard, your data classification should speak to how the institution and the people at the institution are behaving with that data, and this comes back to data integration. What agreements do I have to have in place, or what conditions do I need to have in place to share certain data — or not?
Why Data Integration Is the Most Underestimated Discipline in Higher Ed IT
There's a growing understanding that data governance is a required discipline, but I think data integration is perhaps a bigger topics.
The intention is to ensure that when we have data — that is moving in and out of systems, in and out of our institution, to a cloud platform — we understand that data is required to be used and to be stored. Institutions must own their data estate. In other words, don’t give it away. Don't allow somebody else to own your data and do things with it that you’re unaware of.
One dimension that gets underestimated: data integration, and specifically, what happens when data moves between your systems and vendor platforms. Every integration agreement should specify what data can be used, how it can be stored and what happens to it when the relationship ends.
The Difference Between Data Literacy and Data Fluency, and Why it Matters for AI
I’d also push on the difference between data literacy and data fluency. Literacy is understanding what your data is. Fluency is knowing how to bring it together to understand what it’s telling you and then acting on it. The goal isn’t a campus where people can read a dashboard. It’s a campus where people trust what the dashboard means.
Data literacy is important because we all have to understand our requirements. Data literacy is more than just understanding what my data is; it’s understanding how I can use it.
We don’t want to stop with data literacy. We want to actually get to data fluency. We need to know how to bring our data together to understand what the data is telling us, so we can make an informed decision.
It’s especially important for people who are working with data and helping to decide how universities are advancing. They really do need to understand the data so they can use it more effectively.
The higher ed CIO is no longer just the keeper of systems. The role now is to be the architect of a data-enabled institution where data isn’t just an IT asset, it’s an institutional one.
