The Information Stewardship Policy and three supporting policies (Use of Institutional Systems, Information Classification and Handling, and Information Roles and Responsibilities) are replacing Tufts original Responsible Use Policy.
David Kahle, Vice President for Information Technology and CIO is the executive sponsor of the Information Stewardship Committee and Director of Information Security, Chuck Young, and University Records Manager, Eliot Wilczek, serve as committee co-chairs. “We were asked to update the responsible use policy,” says Wilczek. “Within our working group we determined the policy didn’t need just updating but a basic reconceptualization due to changes in regulations and privacy laws. “ The key with the Information Stewardship Policy was to be compliant with regulations already in effect while being general enough to adapt as laws and technology change. “The old Responsible Use Policy gave a lot of strictures but it didn’t help people manage information. It was also a stand-alone policy whereas Information Stewardship offers a more modern, flexible, and robust set of information policies, with a consumption layer for the vast majority of people and then management and governance layers.”
“Each individual as a member of the Tufts community is responsible for the appropriate use and security of all sorts of information and resources,” OIT Director of Information Technology Jan Mathews says. “One of the most important things that we did was to create the tiers of policies. The intention is that there can be specific policies for specific areas.”
The tiered, adaptive, and comprehensive Information Stewardship Policy more clearly defines roles and responsibilities using language that doesn’t limit the policy. “We wanted the Information Stewardship Policy to be all-encompassing, yet easier to understand than the old policy,” says Mathews. “While there is a lot more heft to the policy, our hope is that it will get people to think about what they see and deal with every day and how they think about that information. The Information Stewardship Policy is useful in helping define what kinds of data are confidential and what kinds of data are sensitive.”
It is important in the transition from the Responsible Use Policy to the Information Stewardship Policy that everyone knows that these policies don’t fundamentally change their rights but instead offer clearly defined roles and responsibilities.
“These are information policies, not strictly IT policies. UIT is the executive sponsor of the Information Stewardship Policy but ISP and the supporting policies apply across the University,” notes Wilczek. “The biggest challenge with the Information Stewardship Policy is spreading the word and educating people on the new policy. Our next step is training people impacted by the policies and providing ongoing training for information-related laws and regulations,” says Mathews.
A synopsis of the Information Stewardship and supporting policies with links to full-text is available here: http://uit.tufts.edu/?pid=786