Data Owners are the university’s authorities on how data can be used, stored, shared, and transported (identified in Appendix B of the Data Stewardship Policy). However, only a Chief Data Steward can give permission to store Highly Sensitive Data (HSD).

The Data Owner is the business lead for a department that governs a class of data:

• The Registrar: for student data
• The Associate Vice President of Human Resources: for faculty and staff HR data
• The University Controller: for financial data (credit card numbers, etc.)
• Deans of Schools or Colleges: for research data collected in their particular school or college (but NOT for Mason faculty, staff, student or financial data collected in their school or college)

The Data Owner may grant permission to access and/or share HSD (Note: Approval may have been previously granted through a Banner Security Liaison and/or Banner Security Officer; confirm with department head or Mason’s IT Security Office.)

The Data Owner oversees agreements in place between suppliers and receivers of sensitive data:

• In agreements between the supplier of the sensitive data and the receiving department, the departmental authority of the supplier of the sensitive data is responsible for determining how the data can be used, stored, shared and transported, recognizing the preeminent authority of university policies governing data.
• In agreements which are required between the authority in the department and those with whom data is shared, the departmental authority is responsible for determining how the data can be used, stored, shared and transported, recognizing the preeminent authority of university policies governing data.