Enterprise data standards
Direction and guidance to support the effective management and use of data throughout its lifecycle while achieving department objectives.
Audience
All department staff.
| Version | Date | Description of changes | Approved by |
|---|---|---|---|
V01.1.0 |
24/04/2025 |
Updated to include content on data deletion standards. |
Chief Data Officer |
| V01.0.0 | 26/07/2024 | Under the 2023 Policy and procedure review program, new policy document with consolidated instructions previously provided in the Enterprise Data policy. A more comprehensive review is currently being conducted. | Chief Data Officer |
About the policy
These procedures relate to the Enterprise management policy.
Secretary:
- is the custodian of education data on behalf of the state (as the department’s Chief Executive Officer)
- ensures data investments align with education outcomes and community expectations
- establishes governance and accountability for data management, with effective monitoring and auditing measures.
Chief Data Officer:
- drives data governance, management, analysis, and use throughout the data’s lifecycle
- ensures data quality, accessibility, and capability aligns with NSW policies and frameworks to leverage data and achieve the department’s objectives.
Chief Information Officer:
- manages and maintains department infrastructure and cloud services for enterprise data and metadata
- ensures secure management of department data as per the Cyber security policy.
Executive, managers and principals:
- ensure effective communication and implementation of this policy, associated standards and frameworks across all areas within their control.
Staff:
- must comply with the Code of ethics and conduct policy document to manage and protect the data/information they work with daily. This includes the responsible use and management of confidential information, including copyright and intellectual property.
Other role-specific responsibilities
As well as the responsibilities described above, specific staff are assigned as owners and stewards of specific information assets. These roles include:
Data owners:
- approve all policies and actions related to the data set, such as collection and quality plans, and decisions about data sharing.
Data stewards:
- manage the dataset in accordance with all policies and implements decisions and plans.
Information Governance Group:
- approves frameworks and guides developed under this policy
- ensures the department's custodianship role is discharged effectively
- provides overall governance for developing information management functions across the department.
Standards
1. Data sharing
The department is committed to the NSW Government’s strategic goal of maximising the potential of its significant data holdings through promoting data sharing and open data initiatives. The department’s default position is to share information where the needs and benefits of sharing are evident, and the risks are identified and managed.
Supporting information:
2. Data quality
Throughout the data life cycle, quality management is essential for evidence-based decision-making.
A data quality management framework is in place for managing all department information assets.
Supporting information:
3. Master and reference data management
Master data management controls the master data values to enable consistent, shared, contextual use across systems of the most accurate, timely and relevant version of the truth about essential department entities such as student, school and employee.
Reference data management controls the defined values (also known as vocabularies) that are attributes of the entities. Examples of reference data are gender, language, school type and country of birth.
Supporting information:
4. Data deletion
Data should only be retained as long as necessary, in accordance with legal, regulatory and business requirements.
The information retention plan, applicable to a particular business application, will document decisions about when and how data will be disposed when it is no longer required.
Information on decommissioned or damaged equipment and assets must be securely cleansed to prevent unauthorised access or data breaches. Data must be securely deleted using approved methods (refer to ‘Methods of destruction’ below).
Data remaining from the transfer of an agency’s functions to another agency should be deleted or archived to maintain organisational data integrity and compliance.
These standards will be supplemented with additional supporting information through a phased development program to be initiated in 2025/2026 by the Chief Data Office.
Supporting information:
Back to IndexRecord-keeping requirements
- Data captured and managed in business systems must be managed according to the State Records Act 1998 (NSW)External link.
- Data owners are accountable for ensuring that data is retained and disposed of according to the guide to retention of data in business applications (staff only).
Mandatory tools and templates
The following MyPL Mandatory Training (staff only) courses:
- Cyber security and data breaches – School based and ESS (for new staff)
- Annual competency check (existing staff)
Supporting tools and resources
Policy contact
The Chief Data Officer monitors the implementation of these standards, regularly reviews the contents to ensure relevance and accuracy, and updates them as needed.
