Data Governance at UofT

The University of Toronto’s mission relies upon the adept and efficient use of institutional data. In recognition of data as an institutional asset, the University seeks to appropriately manage, protect and use data. The Institutional Data Governance Program enables the University to strategically harness data to achieve institutional goals while maintaining the trust of those who provide, interact with, and use data.

Data Governance, in the University of Toronto context, is the process that both establishes and provides consistent and clear guidance around creating, accessing, using, and defining the University’s institutional data, while managing the associated risks, responsibilities, and legal obligations.

Institutional data comprise all of the data that are held by the University for the purpose of supporting its administrative operation, broadly understood. For the purposes of the Institutional Data Governance Program, research data are data that are held at the University for conducting scholarly research, and are outside the scope of the Institutional Data Governance Program.

The goal of the Data Governance Program at the University of Toronto is to promote and support the responsible use of high-quality institutional data, to facilitate informed and insightful use of these data, and to increase their value to the University community and beyond.

Data Stewardship

The University of Toronto strives to use the institutional data entrusted to its care to support its students, faculty, and staff in their pursuit of the University’s aims described below.

“The University of Toronto is dedicated to fostering an academic community in which the learning and scholarship of every member may flourish, with vigilant protection for individual human rights, and a resolute commitment to the principles of equal opportunity, equity and justice.”1 The University will work to achieve this in accord with its Statement on Equity, Diversity, and Excellence.

Privacy, confidentiality, and security

The University respects the privacy of everyone whose information it holds. For data uses required for an official University purpose, clear and accessible notices will be provided. For optional activities, necessary consent will be sought, consistent with legal requirements and good privacy practice. The University will also use appropriate physical, technical, and procedural safeguards necessary to ensure the confidentiality and security of the data throughout its lifecycle.

Partnership and Inclusivity

Data governance is a collective responsibility. Everyone who manages, uses, or provides data should be a partner in its governance. The development, implementation, and administration of institutional data governance guidelines and procedures should involve the University community, including end-users and data contributors.2

Accountability and responsibility

The collection, use, and maintenance of institutional data should have clear lines of responsibility and accountability.


Guidelines and procedures regarding institutional data governance should be freely accessible to members of the University and to the public. In addition, notification about collection, use, availability, and disclosure are important features of transparency.


The University’s data governance guidelines and processes should advance uses of institutional data that demonstrate operational, analytical, and ethical integrity, free of actual or perceived conflicts of interest.

Clarity and consistency in access

Institutional data across the University should be subject to clear, consistent, and transparent access guidelines.


University data governance guidelines and procedures should support an environment wherein institutional data are not unnecessarily duplicated. Institutional data should be managed in an efficient fashion, taking into account human, digital, and physical resources.

1 University of Toronto Governing Council, October 15, 1992, Statement of Institutional Purpose
2 A data contributor is a person or organization/unit that submits data for inclusion in a collection of data

The primary, long-term objective of the Institutional Data Governance Program is to create a culture in which everyone who collects, manages, or uses institutional data follows good Data Governance principles and practices. Adopting these principles and practices will improve data quality and promote responsible use.

The Institutional Data Governance Program will improve the quality of the University’s institutional data by systematically addressing accuracy, interpretation, completeness, and reliability. For example, inconsistency or ambiguity in data definitions can make analysis unreliable and impedes collaboration. A good Institutional Data Governance Program will include attention to metadata, promoting broad agreement and clarity on how key variables in institutional datasets are defined and used.

Good data governance also promotes responsible data use. Institutional data should be managed securely throughout their lifecycle (collection, storage, access, transfer, retention, and destruction) and in compliance with relevant laws. Access to institutional data must be governed by appropriate procedures, with clear guidance as to the conditions for accessing data and the nature of their use. Access also needs to be timely. Responsible data use includes endorsing recognized standards for data literacy, data analytics and reproducibility.


Foundational Reports

Towards an Institutional Data Governance Program Report is a foundational document that outlines the goal, definitions, scope and guiding principles for the institutional Data Governance Program at the University of Toronto.

Implementation of an Institutional DG Program builds upon the first report by describing the partnerships, decision making structures, the role of the IRDG office and other support required to implement the Institutional Data Governance Program.