Open Records Process - Scope of Work

Charge:  A primary goal of Data Management Committee (DMC) initiatives is to facilitate Recommendation 1.2 of the Administrative Systems Master Plan: “Improve Design and Management of Data to Enhance Decision-Making.”  More specifically, the DMC’s objectives are established in accordance with the principles set forth in the Data Management Standards (see memo, Provost and CFO; May 1, 2013).  On behalf of the DMC, working groups have been formed to identify and mitigate specific areas of risks associated with access, storage, and distribution of UT Austin’s data assets.  The Data Management Standards will serve as the primary guide for the activities of the working groups.

Members: Carol Longoria, Mary Knight, Maryrose Hightower-Coyle, Gary Lavergne, Margo Iwanski, Jeff Graves, Kristi Fisher (ex officio)

Scope of Work:  The Open Records Transition Process Workgroup is charged with identifying and evaluating risks and mitigation strategies associated with processes, tools, and policies for fulfilling Open Records requests, including:

  • Data storage and archival plans
  • Legal / political / reputational risks
  • Accessing archived data
  • Resources and mechanisms
  • Adherence to Records Retention schedules
  • Other risk areas identified by the workgroup

Possible mitigation strategies may include the use or development of:

  • Processes for review/approval of transition plans
  • Records Retention policy review
  • Open Records guidebooks or training
  • Data retrieval processes and tools
  • Other strategies proposed by the group

At appropriate intervals, the group will report their work and/or findings to the full DMC and make recommendations for implementing mitigation strategies.

A prior working group developed an initial list of risks relevant to the access, store, and distribution of institutional data.  That list will serve as a basis for the working groups initial discussions, but it is anticipated that the group will identify additional risks.  The risks identified by this group may overlap with the subject matter of other DMC workgroups; in those cases, the workgroups are expected to coordinate their work and to determine more broad-based and efficient solutions.

The workgroup should review all existing policies and procedures around their risk area in order to avoid duplication of effort or time spent discussing strategies that are already in place.  The group is also expected to engage additional personnel, as needed, to provide expertise and input to their discussions (ex: legal affairs, ISO, compliance, data stewards).  In addition, the group should be mindful of whether the risks identified are within the purview of the DMC, meaning the issues and strategies are actionable by DMC as they relate to institutional data assets.  (For instance, in instances where physical data security is an issue, the risks and mitigation strategies may