Skip to main content

COVID-19 UPDATE: NU is open; faculty/staff are working remotely if possible; campuses will be open for in-person learning this fall.


COVID-19 UPDATE: NU is open; faculty/staff are working remotely if possible; campuses will be open for in-person learning this fall.


Managing Information Safely & Securely

Data governance & Policy

Why is Data Governance Needed?

The importance of data to organizations is growing exponentially. A data governance program helps ensure that data is complete, consistent and accurate—and reduces data security risks due to unauthorized access or misuse of data. As a public university, we are also responsible for using our data to make informed decision to best support our students and their academic journeys.

Data Governance at Large

Data and data governance play a key role in the future of universities and many other large organizations. By 2022, 90% of corporate strategies will explicitly mention information as a critical enterprise asset and analytics as an essential competency. By 2023, 65% of the world’s population will have its personal information covered under modern privacy regulations, up from 10% today.

Healthy data governance ensures that cloud services are appropriately assessed for managing the risks to the confidentiality, integrity and availability of sensitive institutional information and the personally identifiable information (PII) of constituents. 

Data Governance at the University of Nebraska System

The University of Nebraska system is focused on making data-informed decisions—helping to effectively manage our resources.

  • Data governance helps us to work more strategically, intentionally and collaboratively across the University.
  • It also maximizes dollars and resources, especially critical when budgets are tight, and helps us do more with less.
  • Given regulations around PII, HIPPA and FERPA, the University needs to know where data is at—who is accessing it, where it's stored and where it's going.

Data Leadership: Chief Data Officer

Kristin Yates

Kristin Yates, Ph.D., J.D.

Associate Vice President, Enterprise Data Solutions & Chief Data Officer

The Chief Data Officer (CDO) is responsible for implementation of University-wide data policy reform and modernization. The CDO leads adoption of consistent data governance policies and procedures to ensure that the University of Nebraska system collects, uses, manages and shares data in a manner that maintains a fact-based, data-informed decision-making culture. The CDO creates consistency with institutional data and minimizes risk, which is important since all University data is the property of the Board of Regents.

Data Leadership: University Records

Erin Busch

Erin Busch

Associate General Counsel & Director, University Records

The University’s records management program is coordinated by the University Records Director, who works with the designated campus records officers for each campus. The University of Nebraska system is committed to maintaining an active and continuing records management program in compliance with federal and state law. In addition, the Office of the General Counsel provides legal advice regarding public records requests, privacy issues around records, policy issues, records retention issues, and information technology or security matters, including data breaches.

Data Leadership: Chief Security Officer

Rick Haugerud

Rick Haugerud

Assistant Vice President, IT Security Services & Chief Security Officer

The chief security officer (CSO) ensures that data and information assets are protected. They oversee information security, creating procedures and policies that keep systems safe from IT risks and threats. The CSO understands risk management and deals with regulatory complexity, cyber threats, and data compliance.

Data Governance Policies

These system-wide policies help scaffold behavior, classify data, and give parameters around using data responsibly.

Data Classification and Storage Policy (ITS-05)

This policy helps protect institutional data while preserving the open, information-sharing mission of the University system’s academic cultures. Institutional data is classified in accordance with legal, regulatory, administrative, and contractual requirements; intellectual property and ethical considerations; strategic or proprietary value; and/or operational use.

Read ITS-05

Institutional Data Use Policy (ID-01)

This policy outlines the stewardship responsibilities for data—including security and permissions—and provides definitions, procedures, forms and other direction for using University of Nebraska system data.

Read ID-01

Executive Memorandum No. 16

This executive memorandum provides guidance relating to responsible use of the University's electronic information systems, including proper authorization for use.

Read EM16

Best Practices in Working with Data

arrows icon

Sharing & Sending Data

Organizations rely on email and other file sharing methods to transmit information between co-workers. But like everything else in the world, there’s a right way and a wrong way to do things. If you can, avoid emailing data.

tag icon

Selecting Vendors

An essential question to ask before selecting a vendor: what happens to our data if we sever ties? You don't want your data to be held hostage should you move to a different provider. Find out in advance what the answer is. 

sending and storing icon

Using & Storing Data

A key principle for data storage: keep it safe. This means working on and depositing your data in a protected environment and not in an unsecured environment like an unencrypted work laptop or an unencrypted USB—and never on a personal machine.


The University of Nebraska uses cookies to give you the best online experience. By clicking "I Agree" and/or continuing to use this website without adjusting your browser settings, you accept the use of cookies.