Following is a master list of all Data Governance policies, procedures and guidelines. These are developed and maintained by Data and Information Governance office. You can contact the Data & Information Governance Office via email datagov@unsw.edu.au.
The UNSW Data Breach Policy and Procedure sets out the policy principles and procedures for identifying, assessing, managing and responding to a breach of data held by UNSW.
It establishes responsibility and accountability for all steps in addressing information security incidents resulting in data breaches and describes clear roles and responsibilities. It also describes the principles and procedures relating to internal and external notification and communication of such data breaches.
The Policy and Procedure has been drafted in response to amendments to the Privacy and Personal Information Protection Act 1998 (NSW) (PPIP Act) that came into effect on 28 November 2023. The principal amendment requires agencies to provide notifications to affected individuals and the Privacy Commissioner in the event of an ‘eligible data breach’ of their personal or health information by a NSW public sector agency subject to the PPIP Act (called the Mandatory Notification of Data Breach, or MNDB Scheme).
The Data Breach Policy and Procedure applies to all UNSW staff, students, contractors, consultants, third-party vendors and agents of the University.
Effective breach management assists UNSW in avoiding or reducing possible harm to both the affected individuals and UNSW and may prevent future breaches.
The UNSW Data Classification Standard is a framework for assessing data sensitivity, measured by the adverse business impact a breach of the data would have upon the University. This standard for the University community has been created to help effectively manage information in daily mission-related activities.
Determining how to protect and handle information depends on a consideration of the information’s type, importance, and usage. The standards outline the minimum level of protection necessary when performing certain activities, based on the classification of the information being handled.
The classification applies to University employees (faculty, staff, student employees) and other covered individuals (e.g., affiliates, vendors, independent contractors, etc.) in their handling of University data, information and records in any form (paper, digital text, image, audio, video, microfilm, etc.) during the course of conducting University business (administrative, financial, education, research or service).
Data Controllers and System Managers at UNSW are required to determine the data classification for the systems and data repositories for which they have responsibility. Such assessment should be done at least bi-annually. The data classification assessment will then determine how the UNSW Data Handling Guidelines apply to the system or data repository that has been classified. Following are the steps required to complete the data classification process for UNSW systems or data repositories. The process of data classification is governed by the UNSW Link to the Data Governance Policy or the Research Data Governance & Materials Handling Policy.
Here is a link to the Data Classification Standard.
More information regarding Data Classification is available on the Data & Information Governance intranet.
UNSW has had an institutional Data Governance Policy for several years now and has recently released a Research Data Governance & Materials Handling Policy. They weredeveloped in consultation with academic and professional staff, and have been subject to revision based upon staff feedback.
The purpose of the Data Governance Policies is to:
This policy applies to all institutional data used in the administration of the University and all of its Organisational Units. This policy covers, but is not limited to, institutional data in any form, including print, electronic, audio visual, backup and archived data. These policies apply to all UNSW staff, contractors and consultants.
Link to the Data Governance Policy and the Research Data Governance & Materials Handling Policy.
This will outline the policies, standards, procedures and guidelines that govern any defence related research.
Details TBC.
This outlines the requirements for the Handling of UNSW data as endorsed by the Data Governance Steering Committee and UNSW Data Governance Framework (DGF).
This guidance should be used in conjunction with UNSW Policy, Standards and Procedures, the following of which are most applicable.
This guidance commensurate with Data Classification, determines, how to protect & handle information with a consideration of the information’s type, importance, and usage. The guidelines outline the minimum level of protection necessary when performing certain activities, based on the classification of the information being handled.
UNSW personnel can access the current data handling guideline.
The key legislative instruments governing Higher Education in Australia is as follows:
More information is available from UNSW Legal.
The Research Data Governance & Materials Handling Policy is now in force for all people working on research at UNSW.
This policy outlines the requirements, roles and responsibilities associated with access, retrieval, storage, disposal and backup of UNSW research data and materials, as well as best practice measures to enable compliance with these requirements.
Research data are a strategic asset of UNSW, which makes the appropriate governance regarding management and use of research data critical to the University's operations. Data governance involves creating and implementing rules to protect and get the most benefit from data. Lack of data governance could expose the University to unwanted risks and may lead to improper management of UNSW assets.
Research data and materials allow research findings to be validated and have long-term value as a potential resource for future research and teaching. Good practice in research data governance and materials handling benefits the wider research community by enabling future researchers to publish, share, cite and reuse the research data and materials by reducing the risk of loss and corruption.
‘Good data management is good research’ is the principle upon which our approach to managing research data and materials at UNSW is founded. This Policy has been developed in response to the specific needs of the research community. Additionally, an overarching UNSW Research Data Governance Framework (RDGF) has been developed.
For all research data management matters, please email RDM@unsw.edu.au or visit the Research Data Management webpage.