Data Governance & Security
What is Data Governance?
Data governance is a framework that ensures data is accurate, reliable, and ready to support decision-making. It includes:
- Processes and structures that establish accountability for data assets
- Policies and procedures for data use, management, and security
- Collaboration across departments to maintain data integrity
- Standardized definitions for consistent usage
The Five Pillars of Data Governance
- Data Stewardship - Ensures accountability for managing institutional data
- Data Management - Focuses on processes and tools for handling data throughout its lifecycle
- Data Integrity & Consistency - Ensures accuracy and reliability in decision-making
- Data Standards & Policies - Sets rules and guidelines for data handling
- Data Security, Privacy, & Ethics - Protects sensitive data and guides ethical data practices
Data Classification
Data Classification Levels
| Level | Description | Examples |
| High |
Information whose loss, corruption, or unauthorized disclosure would cause severe personal, financial, or reputational harm to the institution, employees, or constituents. It may result in regulatory or government sanctions. |
Personal health information, financial data, SSNs. |
| Moderate |
Information whose loss, corruption, or unauthorized disclosure would cause limited personal, financial, or reputational harm. |
Internal communications, employee records without PII. |
| Low |
Information whose loss, corruption, or unauthorized disclosure would have minimal or no impact to the institution. |
Public web pages, published reports. |
| Prohibited |
Information that should not be stored or processed at Hamilton College. |
Contact Information Security for details. |
How to Determine Data Classification
- Identify the type of data
- Assess potential harm if compromised
- Consider regulatory requirements
- Apply appropriate classification level
- Implement required security controls
View full Data Classification Policy
Data Cookbook Basics
What is Data Cookbook?
Hamilton College’s business glossary and metadata repository called iData Data Cookbook is a tool accessed through web browsers that promotes clarity, transparency, and trust in data usage.
Key Components in Data Cookbook
Words or phrases referring to objects, people, business concepts, measurements, or metrics.
The “shopping list” for data - designs and information about reporting deliverables.
Groups of related specifications managed through Data Cookbook functionality.
Rules used to identify quality data.
Lists of codes defining valid values for data elements (gender, ethnicity, phone type, grades, etc.).
Places where data is stored (Colleague, Salesforce, Presence, Slate, etc.).
Searching for Definitions and Specifications
1. Navigate to the Data Cookbook web page: https://hamilton.datacookbook.com/
2. In the top right corner, enter the definition you are looking for in the Quick definition lookup...
3. On the menu bar, hover over Definitions and click Browse Definitions or choose one of the options outlined in the image below.
4. Search for a definition using any of the numbered options shown in the image below.
1. Navigate to the Data Cookbook web page: https://hamilton.datacookbook.com/
2. On the menu bar, hover over Specification and click Browse Specification or choose one of the options outlined in the image below.
3. Search for a specification using any of the numbered options shown in the image below.
Tags
None found.
Data Security & Privacy
Key Responsibilities:
- Access and use data strictly for official purposes
- Keep personal and sensitive information confidential
- Follow ethical and contractual guidelines and legal requirements
- Adhere to Data Retention Policy (delete data when no longer needed)
Prohibitions:
- Share data only as job responsibilities require
- Do not use data for personal benefit
- Access data solely for job-related activities
Report all security concerns, including:
- Data disclosures (including inadvertent self-disclosures)
- Suspicious activities
- Information about external data incidents/breaches
Contact: Jerry Tylutki (jtylutki@hamilton.edu, infosec@hamilton.edu) or the Help Desk
How to Access Data
1. Identify data needs: Determine what data you need and why.
2. Request access:
- For existing dashboard/report data: Contact the functional area data steward.
- For new reports/dashboards: Submit an EIS request.
- If unsure what data you need: Contact the Office of Institutional Research & Assessment.
3. Approval process: Data trustees and/or data stewards grant access based on:
- Data security classification
- Stated purpose
- Need or intended use of the data
Before transferring data to third-party vendors:
- Initial screening by Procurement Office
- Security assessment by Information Security
- Legal review in collaboration with BS&K
- Data Privacy review by Data Governance Subcommittee (DGS)
- Final contract approval
Last updated: April 7, 2025
Best Practices
- Collect only the minimum necessary data with attention to security and privacy
- As sensitivity increases, apply more scrutiny to data collection
- Avoid collecting Restricted Use data whenever possible
- Follow the record retention policy when destroying data
- Understand the purpose and background of data before reusing it
- Complete all required Security Awareness training
- Create strong passwords
- Keep systems up-to-date
- Secure laptops and mobile devices
- Exercise caution with emails requesting data sharing
- Communicate with your Data Steward about data usage queries
- Awareness Resources
Contact Information Security for more resources: infosec@hamilton.edu
This reference guide is designed to support Hamilton College’s Data Governance mission: “To empower students for lives of meaning, purpose, and active citizenship by ensuring the highest standards in data collection, analysis, and dissemination.”
Contact
Team Name
Business Intelligence and Web Services
198 College Hill Road
Clinton, NY 13323
