Enterprise Data Policy
The Department of Education implements data governance systems and processes to ensure that information is governed and managed effectively to deliver the best opportunities and outcomes for all students.
Endorsed by the Enterprise Information Group on 10 July 2009.
1. Policy statement
The policy ensures that the enterprise information is governed and managed according to the following principles:
- data is valued and governed as an asset
- data is created and managed digitally
- data is fit for its intended purposes and is easy to find, access and use
- data is shared and released to the maximum extent possible within the privacy framework
- data management capability is fostered and embedded into how the department does its work.
Note: For the purpose of this policy, ‘information’ refers to both ‘information’ and ‘data’.
2. Audience and applicability
This policy applies to all:
- staff (full-time, casual, temporary or contractors) and parties that access or use the department’s information assets
- data and information collected, acquired, used and shared by the department
- data assets in any form, including paper, electronic files, audio and video
- aspects of the department’s operations including those of its controlled entities.
Delivering the best education services possible relies on evidence based decision making and effective use of data to inform education practice and administration.The implementation of best practice data governance and management will enable the department to maximise the benefits from its information assets by ensuring that information is fit for purpose, secure, available and accessible
Coherent and transparent data governance, from point of collection through to access protocols and quality assurance processes ensures compliance with applicable laws and regulations and reduces risks to the department from misuse or poor use.
This policy aligns with the NSW Digital Strategy and leverages best practice approaches developed by the NSW Government to ensure effective management, use and sharing of data to support service delivery.
4. Responsibilities and delegations
As well as the responsibilities associated with the staff positions, specific staff are assigned as owners and stewards of specific information assets. These roles include:
Makes decisions about the management of and access to the assets, including definition of quality, ensuring the asset is registered
Manages the asset on behalf of the owner including ensuring that data quality and other standards are met.
As the department's Chief Executive Officer, the Secretary is the custodian of education data on behalf of the state. The role ensures that investment in data aligns with government outcomes and community expectations in delivery of education services. The role is also responsible for ensuring establishment of auditable governance and management accountabilities for data management activities and for establishing appropriate monitoring and auditing measures to ensure these accountabilities are discharged effectively.
Information Governance Group
The Information Governance Group acts on behalf of the Secretary in ensuring that the department’s custodianship role is discharged effectively. It provides overall governance for driving and developing the information management functions across the department.
Chief Information Officer
The department's Chief Information Officer (CIO) is responsible for the management and maintenance of the infrastructure on which the department's enterprise data and metadata resides. The CIO also ensures that the department’s data is managed securely in line with the department’s Information Security Policy.
Executive and managers
All Executive staff and managers, including school principals, are responsible for ensuring that this policy and associated standards and procedures are effectively communicated and implemented throughout all areas of their control.
The code of conduct highlights the role of staff in managing and protecting data/information that they work with on a day-to-day basis. This includes protecting confidential information, using information wisely, managing information appropriately including in regards to copyright, intellectual property and record keeping.
5. Monitoring and review
The Information Governance Group is responsible for the monitoring, evaluation and reporting compliance in relation to the information management strategy and this policy.
This policy will be reviewed each year by the Information Governance Group and when significant legislation or organisational changes require an update.
6. Policy contact officer
Manager, Policy, Control and Governance
02 7814 1415