I. Title

Data Governance Policy 

II. Policy

A. Purpose

1. This policy outlines the principles and responsibilities for managing The University of Texas at Arlington (UTA or University) data to ensure it is accurate, secure, and appropriately governed in support of academic, administrative, and research activities, while meeting legal and ethical obligations. 
2. It applies to all University staff, faculty, students, contractors, and third-party partners who access, manage, or share University data. 
3. University data refers to all data or information held on behalf of the University, created as a result and/or in support of University business, including but not limited to data regarding academic records, administrative functions, student services, and institutional operations. 
4. Specifically excluded is data related to ongoing and completed research. 

B. Policy Principles

1. Access Control 
   Access to data will be role-based and authorized by Data Owners. 
2. Accountability 
   All University data will be assigned a Data Owner responsible for ensuring data quality, compliance, and appropriate access. 
3. Data Classification 
   Data will be classified based on sensitivity, relevance, and legal requirements (e.g. FERPA, GDPR, funding body obligations). 
4. Data Privacy and Ethics 
   Data will be collected and used in line with data protection laws, policies, and institutional values. 
5. Data Quality 
   University data will be maintained to ensure accuracy, consistency, and reliability across systems. 
6. Data Sharing and Use 
   Data will be shared responsibly within and outside the University, subject to legal review and appropriate data sharing agreements. 
7. Metadata and Documentation 
   Key academic and administrative data assets will be documented to promote data understanding, transparency, and reuse. 
8. Retention and Archiving 
   Data will be retained according to University records retention policies and legal or research funder requirements. 

C. Roles and Responsibilities

1. In addition to key roles as referenced in UT System Policy UTS 165 Information Resources Use and Security, operational roles also include Data Owners and Data Stewards. Each is responsible for ensuring the appropriate handling of University data in line with their role, including data quality, access control, compliance, and reporting of issues or breaches. 
2. The University has designated its Chief Analytics and Data Officer as its data management officer to establish and maintain UTA’s data governance program, to identify UTA’s data assets, exercise authority and management over UTA’s data assets, and establish related processes and procedures to oversee UTA’s data assets pursuant to Texas Government Code § 2054.137. 

D. Policy Enforcement and Compliance

Violations of this policy may result in disciplinary action in accordance with University codes of conduct, University policies, or applicable state and federal regulations. All users are expected to report data issues, misuse, or suspected breaches to the Chief Analytics and Data Officer or Chief Information Security Officer, as appropriate. 

E. Review and Maintenance

This policy will be reviewed regularly or in response to changes in regulation, University policy, or operations. 

III. Definitions

• Data: Means all data or information held on behalf of the University, created as a result and/or in support of University business, including but not limited to data regarding academic records, administrative functions, student services, and institutional operations. 
• Data Owner: Has overarching accountability for the overall management of data owned by the business function or University department whom the Data Owner represents. This accountability includes the data quality, security, and compliance to legal and ethical standards. The role is crucial for maintaining the integrity and security of data within the University’s governance framework. Data Owners work closely with Data Stewards to ensure that data governance policies are effectively implemented and followed. 
• Data Steward: Handles the operational aspects of managing and maintaining data on a daily basis. Data Stewards are responsible for the day-to-day management of data. This includes tasks such as opening and resolving data issues, maintaining data quality, implementing data policies and procedures, and ensuring that data is used appropriately within their specific domain. Like Data Owners, Data Stewards represent a business function or University department. 

IV. Relevant Federal and State Statutes

• Tex. Gov. Code § 2054.137 Designated Data Management Officer 
• Tex. Gov. Code § 2054.138 Security Controls for State Agency Data 

V. Relevant UT System Policies, Procedures and Forms

• UT System Policy UTS 165 Information Resources Use and Security 

VI. Who Should Know

All University staff, faculty, students, contractors, and third-party partners who access, manage, or share University data. 

VII. UTA Office(s) Responsible for Policy

• Responsible Officer: CFO & Vice President for Business & Finance 
• Sponsoring Department: University Analytics 

VIII. Dates Approved or Amended

October 7, 2025 

IX. Contact Information

• All questions regarding this policy should be directed to: universityanalytics@uta.edu 
• Send notifications of errors or changes to: policysite@uta.edu