Information & Data Governance Group

Purpose and Scope

The primary purpose of the Information and Data Governance Group (IDGG) is to ensure the development and implementation of an effective strategy for information and data governance across the University. As part of that, the Group exists to facilitate the exchange of knowledge and best practice in the overall management of data and information within the many disparate parts of the University and to recommend any action, programme or policy that will promote, improve and assure the efficient and safe processing of University data and records. IDGG holds responsibility for approving and reviewing all policies related to information compliance and data security.

Key Objectives

  • Provide a focal point for the collaborative resolution and discussion of information and data management issues.
  • To ensure a collaborative and consistent approach to the implementation of information compliance, data governance and records management policies throughout the University.  This will include overseeing the implementation of the Data Governance Policy, promoting best practice principles and regularly assessing our data capability against the four supporting pillars of people, data, processes and technology.
  • Monitor the use of privacy impact assessments, the adoption of standards or data sharing agreements and oversee risks, escalating these where necessary in high-risk areas of data and information processing. The Group will consult with and take advice from the Information Security Advisory Group as appropriate.
  • Identify the need for staff awareness and training and recommend appropriate programmes to increase and promote consistent and universal practices regarding information security, information compliance and records management issues across the University.
  • To review and advise on relevant University data, records management and archiving issues including scanning; records retention; updating of data, destruction; storage and digital preservation.
  • To review biannually any instances of serious breach of data protection legislation or any other performance related issues involving the UK or Scottish Information Commissioners in order to inform future decision making.
  • To promote and encourage electronic records management throughout the University.
  • To ensure the delivery of a corporate data and information catalogue which enables staff to understand and use the University’s corporate data more easily, responsibly and consistently. Furthermore this technology, and its underpinning design, should provide a means to measure the health of our business processes via the resulting levels of data quality.

Group Membership

The IDGG core membership will include:

  • Chair: Deputy Secretary
  • Head of Data Protection & Freedom of Information Office
  • Director of IT Services
  • Head of Business Intelligence
  • Assistant Director, Digital Strategy, Library Services
  • Expert input: Dr Craig Macdonald, School of Computing Science
  • Senior user: Dr Jane Townson, MVLS
  • Clerk: Information Compliance and Records Management Specialist

Accountability and Reporting

This is a formal decision making group reporting to the Information Policy and Strategy Committee (IPSC).

Meeting frequency

Quarterly, aligned with meetings of IPSC, or in extremis.