Framework

Information Governance Framework

This framework establishes and sets out the current roles and responsibilities associated with the management of the University’s information, data and system assets

Updated on 4 March 2024

Introduction

Information is a vital asset for all aspects of the University’s operation and for the efficient management of the University’s resources. As well as protecting and providing the rights of access to public and personal information, it plays an increasingly strategic role in the way in which the University is regulated and held accountable by external bodies. Insight and intelligence gathering from our data is key to understanding our institutional position and performance. It plays a key role in the management and governance of the University and its future planning. 

Information governance is concerned with how information is held, obtained, recorded, used and shared by an organisation. Information is used here as a collective term to cover terms such as data, documents, records and content. It is essential that the University has a robust information governance management framework, to ensure that information is effectively managed using the appropriate resources and documented policies, processes and procedures, staff training and the necessary management and accountability structures.

Purpose

This Information Governance Framework establishes and sets out the current roles and responsibilities associated with the management of the University’s information, data and system assets.  It concerns the management of all paper and electronic information and its associated systems within the organisation, as well as information held outside the organisation that affects its regulatory and legal obligations. Information Governance compliance covers the legal framework and the standards that need to be established to ensure the University’s management of information operates within the law and the rights of individuals. 

Scope

The Framework relates to institutional or management data across, but not limited to, the following domains: 

  • Student data
  • Staff data
  • Research data
  • Learning resource data
  • Enterprise and community engagement data
  • Business data
  • Finance data
  • Space and asset data 

The Framework outlines the following Information Governance elements:

  • Strategy
  • Policies and processes
  • Responsibilities
  • Guidance and training

Strategy

Good Information Governance will ensure that the University’s information is properly held, obtained, recorded, used and shared ensuring compliance, lessening risk, increasing business efficiencies, creating a better working environment and securing the data of its staff and stakeholders.

Within the context of this Framework Information Governance will establish and embed policies and processes to meet the following aims:

  • Records are created and processed in compliance with legislation and to meet business requirements
  • Records are reliable and trustworthy and vital records are identified
  • Records can be easily identified and accessed by the appropriate people when necessary
  • Information is kept in accordance with business and legal requirements and disposed of when necessary
  • Information of enduring historical value is preserved permanently for future generations
  • Staff have understanding of value of IG and the skills to implement best practice

Embedding good Information Governance practices within the University will:

  • Contribute to the University’s strategic plan by supporting teaching, research, enterprise and partnerships and contributing to its digital and people enabling streams
  • Improve the management of information and records
  • Ensure compliance with legislation and improve business efficiencies
  • Establish clear policies, responsibilities, and ownership in relation to information management
  • Reduce financial, operational, legal and reputational risk 

The rest of this Framework outlines how this will be achieved. 

Policies and Processes

Information Governance is concerned with all stages of the information lifecycle; our policies govern how information is managed during these stages and our processes assist in implementing these. 

Diagram showing the information lifecycle

The information lifecycle: Create, Store, Use, Share, Archive, Destroy

Additional key policies and guidance for Information Governance at the University of Dundee are:

  1. Records Management policy
  2. Guidance on Managing records
  3. Guidance on the Proper Disposal of Information
  4. Policy to Govern the Management of Research Data
  5. Lecture Capture Policy
  6. Asset Management Policy (DTS)
  7. UoD / NHS Tayside Clinical and Data Governance

Responsibilities

The governance structures, lines of management and risk responsibilities for information are outlined below. 

Information Governance and Legal Compliance Support

Information Governance provide professional support and guidance to the University to ensure data governance best practice, in accordance with legislative and regulatory requirements.

Information Asset

An identifiable system and/or set of records that contain information required for the operation of University business. May be in physical (such as paper) or digital form and may include personal data, research data, teaching material and more.

Guidance and Training

Mandatory Information Governance training is provided as part of our staff induction.

Role specific and continual learning is provided by the Information Governance team. If you have any specific questions about the training available, please contact the team at [email protected].

See Appendix 2 for relevant legislation.

From Information Governance
Corporate information category Information governance and management