Applies to: Faculty (including part-time and visiting faculty), and staff (including postdoctoral scholars and student workers) employed by University of Southern California and its subsidiaries including the USC Health System. This policy continues to apply to individuals on sabbatical, other leaves or while visiting other institutions.
Issued: February 1, 2023
Last Revised: N/A
Last Reviewed: N/A
1. Policy Purpose
The purpose of this policy is to memorialize the appropriate use, safeguarding, and integrity of institutional data primarily used for external survey submission. This policy also sets the expectations and procedures related to the validation and verification of data submissions.
2. Scope and Application
This policy applies to all employees with job responsibilities that include, but are not limited to, the entering, submission, safeguarding, and use of institutional data, and to those who supervise these individuals.
This policy applies to USC and all of its campuses, schools, colleges, institutes, health system, administrative units, and auxiliary units.
This policy applies to academic/administrative Institutional Data of USC, including, but not limited to, faculty and student data.
|Institutional Data||Institutional Data is defined as all data created, collected, maintained, recorded, managed, stored and/or used as a result of the University’s functions, operations and activities.|
Nothing in this policy supersedes the University’s obligations under federal and state regulations and policies, including Title IV of the Higher Education Act of 1965 and Title IX of the Education Amendments Act of 1972.
Institutional Data does not include data relating to clinical or patient data associated with research studies subject to Institutional Review Board review.
|Data Integrity||Data Integrity is defined as the accessibility, accuracy, completeness, consistency, and reliability of Institutional Data:|
I. Accessibility – data are made available when required, to ensure timeliness and transparency
II. Accuracy – data are free from errors
III. Completeness – all values are present
IV. Consistency – data satisfy a set of definitions or constraints that are applied uniformly across reports
V. Reliability – independent users are able to obtain consistent results when applying the same definitions or constraints
|Data Classification||The University’s Data Protection Policy defines the classification of data. (https://policy.usc.edu/data-protection/)|
Data are classified into one of three defined classes: “Public”, “Internal Use Only”, and “Confidential”. Additionally, all data can be defined as “High Value Information”.
Public data are not regulated and are generally made available through public interfaces and require no protection mechanisms.
Internal Use Only data include all information used to conduct USC business, unless categorized as Confidential or Public.
Confidential data typically include regulated data requiring compliance efforts if exposed to unauthorized parties, or would cause legal, financial, reputational, and/or operational harm if disclosed.
High Value Information are data that if inappropriately disclosed, accessed, used, disrupted, modified, or destroyed, could cause significant impact, as defined by the Information Risk Standard, to USC’s reputation and public confidence. High Value Information could be Confidential, Internal Use, or Public data.
4. Policy Details
All involved in the preparation of survey submissions must do so diligently, accurately, and with the highest level of integrity—without regard for actual or potential impact on the final rankings. This policy details the appropriate use of institutional data, including, but not limited to: ownership, stewardship, maintenance, classification, accessibility, security, and integrity. Please refer to Section 6 on the Procedures that ensure the integrity of USC’s external survey submissions and rankings data management, and to Section 8 on the Responsibilities of individuals associated with the preparations of external survey submissions and rankings data management. The outcome of USC’s ratings/rankings in surveys will not affect the employment of the individuals involved in completing or responding to the survey, or the performance evaluation of any USC Employee.
- Data Ownership. All Institutional Data is owned by the University of Southern California. All employees of the University have an obligation to appropriately use and safeguard Institutional Data.
- Data Stewardship. In order for the University to appropriately manage and safeguard its Institutional Data, procedures must be in place to guide appropriate access to, ensuring the security of, and maintaining the integrity of Institutional Data. It is necessary for all employees who manage Institutional Data to be trained and informed about data security and integrity.
- Data Maintenance and Manipulation. The University prohibits all who work with Institutional Data from knowingly falsifying, fabricating, or modifying data, or destroying or deleting data unless such data are subject to destruction and deletion under an applicable retention policy (including the University’s Record Management Policy: https://policy.usc.edu/record-management/). Data must be maintained in accordance with any applicable policies. Personal retention or use of Institutional Data, in any format and at any location, is prohibited. All data users are expected to be familiar with and conform to the University’s Acceptable Use Policy (https://policy.usc.edu/acceptable-use/).
- Roles and Responsibilities. Definitions of roles and responsibilities of all employees who manage Institutional Data is necessary to support data security and integrity (See Section 8).
- Data Classification and common usage. Data are classified into one of three defined classes: “Public”, “Internal Use Only”, and “Confidential”, and all data are defined as “High Value Information” (USC Data Protection Policy (https://policy.usc.edu/data-protection/). Implementation of this policy will ensure a uniform set of definitions, throughout the University, for commonly used data terms.
- Data Accessibility. Institutional Data is a University resource and sharing of information should be facilitated across academic and administrative units, when appropriate.
- Data Security and Confidentiality. Institutional Data should be protected and managed to maintain its security and integrity, from the creation of the data through all levels where the data are accessed and used. Institutional Data should be safeguarded to maintain confidentiality and privacy of individually identifiable information, and protected from loss, destruction, and/or inappropriate use and access.
- Data Integrity, Validation, and Correction. Institutional Data used for external submission should be verified and certified, by the appropriate academic and administrative units, for completeness and accuracy. Each academic and administrative unit is responsible for identifying, correcting, and reporting erroneous or inconsistent data on a timely basis.
Please see the procedures for this policy.
|POSITION or OFFICE||RESPONSIBILITIES|
|Data Trustee||Data Trustees are senior University officials (typically at the level of Dean, Vice Provost, Vice President or higher) who have planning and/or policy-making responsibilities for Institutional Data and for the development of operational processes.|
I. Data Trustees are responsible for appointing data management roles for their units.
II. Data Trustees set priorities for external reporting for their academic or administrative unit.
III. Data Trustees, as a group, are responsible for overseeing the establishment of Institutional Data management policies and procedures.
|Data Steward||Data Stewards are senior managers with direct operational responsibility for one or more types of Institutional Data.|
I. Data Stewards are appointed by their respective Data Trustee.
II. Data Stewards serve as the delegated authority for a unit and are responsible for policy-level decisions in their unit.
III. Data Stewards determine access to Institutional Data in the unit, create and manage processes to maintain data integrity, and implement appropriate controls for access to and use of Institutional Data.
|Data Manager||Data Managers are typically operational managers in an academic or administrative area with responsibilities for managing business processes and establishing the business rules.|
I. Data Managers are responsible for data management processes including the creation, storage, maintenance, use, dissemination and disposal of data.
II. Data Managers ensure that there are procedures in place to carry out policies and comply with standards set out by the University.
|Data User||Data Users are unit employees who have access to Institutional Data to perform their assigned duties.|
I. Data Users are responsible for safeguarding their access privileges.
II. Data Users comply with University policies to ensure appropriate use of all Institutional Data.
|Office of Institutional Research||The Office of Institutional Research is the University designated office for official data collection and reporting of Institutional Data.|
I. The Office of Institutional Research is responsible for working with Data Trustees and Data Stewards to develop definitions for commonly used data terms, and the metrics on how data are calculated.
II. The Office of Institutional Research will report any data discrepancies and inconsistencies to the appropriate Data Steward for resolution.
III. The Office of Institutional Research maintains an archive of all external survey submissions.
|Data Integrity Group||The Data Integrity Group is appointed by the Office of the Provost. Group members include, but are not limited to, Academic Dean, Senior Vice President for Research and Innovation, Vice President for Enrollment Management, Office of General Counsel, Executive Vice Provost, Vice Provost for Academic Operations, and Director of Institutional Research. The Data Integrity Group assists the University by:|
I. Providing guidance to ensure consistency in survey responses in the area of statistical calculations (average, mean, median), rounding conventions, and interpretation of incomplete or inconsistent information provided by applicants and students (i.e., related to demographics or post-graduate employment), etc.
II. Ensuring the position of the University regarding necessary interpretations of survey questions is documented with the agreement of the appropriate decision-makers and terms used in the surveys (e.g., full-time and part-time) are consistently applied.
III. Reviewing exceptions and comments included in any certification or sub-certification process and consulting with the appropriate individuals to appropriately resolve the comments.
IV. Resolving questions of interpretation through consultation with rating agencies or peers, when appropriate.
V. Providing guidance on the use of estimates, if and when estimation is appropriate.
VI. Performing inquiries and obtaining assurance that information is not cross-claimed by multiple schools or units if it should not be.
9. Related Information
Please direct any questions regarding this policy to:
|Office of the Provost||(213) firstname.lastname@example.org|