1. Donna Tatro Bill Clebsch CSG – May 15, 2008 Michael Pickett

2. It’s 10 PM. Where are your data?

3. Distributed Data Management What are we talking about? The array of policies, practices, tools, services and common understandings that influence or control data spread around our university. Some policy dimensions: Data classification Data stewardship Data retention/elimination Data preservation Data retrieval and analysis Meta-data management Data security Location of the data (central vs decentral, fixed vs mobile)

4. Distributed Data Management Survey QuestionYesNo Does your institution classify its data through policies or guidelines?141 Is there a data classification scheme in place across the institution?78 Is there a data retention policy?69 Are there policies about safeguarding data across various media?141 Are tools are in place to make the institution's data accessible, searchable, and retrievable? 96 Does your storage and digital content infrastructure support retention and classification policies? 78 Does IT have services to help cope with information security concerns? 141 Does IT have a role in user/customer education about data management? 132

5. Distributed Data Management What tools do we use to manage data? (3 responses) Entrust (encryption) Microsoft SharePoint (document/records management/workflow) Xythos (document sharing/management) Interwoven (document management system) Data warehouse (Oracle DB) Others?

6. Discussion 1. Are there learning experiences around best practices or bad practices for “classifying” data that we should know?

7. Discussion 2. Data management policy is easy if you “own” the data (kind of). What do we need to do about data distributed around the institution? What do we do about mobile data?

8. Discussion 3. Who sponsors data policies?

9. Discussion 4. Who should determines access to data?

10. Discussion 5. What services do we need to handle data breaches? For assistance around data protection? To ensure the quality and integrity of data?

11. Discussion 6. What role should IT have in user/customer education about data management - who should promulgate policy?

12. Other Policy Issues Here? Data classification Data stewardship Data retention Data preservation /elimination Data retrieval and analysis Meta-data management Data security Location of data (central/decentral, fixed/mobile)

13. Brown Guiding Principles Endorsed by Executive Committee 1. University Principles Apply to all IT functions at Brown (not just Central IT).

14. Brown Guiding Principles 4. All University data has an identified Custodian who ensures their data is defined, accurate and traceable and can be appropriately accessed and understood by its users.

15. Brown Guiding Principles 11. Wherever feasible, information is captured once, as close to the source as possible and electronically validated. For full policy on classifying and securing sensitive information see: www.brown.edu/Facilities/CIS/policy/safeinfo.html