Considerations

When devising a DMP, it is useful to consider the data lifecycle and the relevant data management issues related.

In general, the data lifecycle consists of the following phases

 

 →  →  →  → 

 

Creation → Storage → Use → Archival → Destruction

 

During each phase, one or more of the following data management issues may have to be considered:

  1. Data Quality – Is the data accurate, complete, and usable? Is it the authoritative source?

  2. Data Privacy – Are activities compliant with relevant regulations?

  3. Data Security – Is the data, on transit or at rest, secure?

  4. Data Availability – Is the data kept reliably and made easily accessible?

  5. Data Auditability – Are activities traceable?

     

Data management considerations in each phase of the data lifecycle

Creation

Creation refers to the stage when data, regardless of their forms, is collected, captured, generated, or imported; followed by necessary validation or processing for subsequent uses. Data owners normally consider data quality, privacy, and auditability issues during the creation phase. It is imperative for data owners to deliberate on whether a piece of data is necessary, considering the operational needs and liabilities it may bring to the University.

Storage

Storage refers to keeping and protecting created data and making it easily accessible to those who are authorized, for the appropriate period of justifiable retention. Regardless of whether data is stored within or outside the University campus, appropriate level of security must be applied. A robust backup and recovery process should be in place to ensure data is available for use when needed. Data owners normally consider data security and availability issues related to storage of data.

Use

Use refers to the access, update as well as sharing of stored data to support operational or analytical activities. Use of data must comply with relevant regulations and justifiable. For sensitive data, audit trail should be maintained to ensure that activities are traceable. Data owners need to consider data privacy, security, and auditability pertaining to the use of data.

Archival

Archival refers to moving stored data from the active production environment to a secure backup location for justifiable future uses. This often implies the stored data is no longer needed to support day-to-day operations. Due considerations of the appropriate retention period should be in order.

Data owners often need to consider data privacy, security, and auditability issues when deciding on what to archive and how.

Destruction

Destruction refers to the eradication of stored or archived data. This is sometimes prompted by practical constraints of limited storage or archival space. More often, eradication of data is required by regulations. Depending on the sensitivity of the data in concern, the challenge is to ensure that the data has been properly or securely destroyed, in a timely manner.