DATA MANAGEMENT POLICIES
NC DEPARTMENT OF PUBLIC INSTRUCTION (NCDPI)
DATA POLICY MANUAL
NOTE :: Various file formats are used on this page that may require download. If larger than 1mb, it will take longer to download. For instructions or more information, please visit our download page.
DMG-2008-001-DQ: Authoritative Data Elements
To maintain consistency throughout the entire state data reporting source system, each data element is required to have only one authoritative (primary) system source. The designated system is the only system allowed to report those data elements unless otherwise approved by the DMG.
DMG-2008-002-DQ: Conducting Data Audits
The Director, Policy and Strategic Planning is authorized to and responsible for determining the acceptable level of data quality and conducting data auditing / data profiling of the data produced or collected by the Department of Public Instruction (DPI) source systems. Annually, the Director will publish a data auditing / data profiling schedule for the DPI information technology systems. Each system will undergo an audit annually or as deemed necessary by the Director, Policy and Strategic Planning.
DMG-2008-003-DQ: Data Audit/Data Profiling
Using the results of the data audits / data profiling, the Director, Policy and Strategic Planning will approve the corrective actions. System corrective action will be set by department priorities and the urgency for each source system based on business initiatives. If departmental resources are needed, the Director will prioritize those across source systems. The Director will provide data quality trend information to the Data Management Group and the Executive Steering Committee within six weeks of each audit's completion. (See policy on Frequency of Data Audits.)
DMG-2008-004-DQ: Data Validation Process
No data under the purview of the DMG reported to the DPI will be accepted into the authoritative source system until it passes a data validation process.
DMG-2008-005-DQ: Implementing the Data Validation Process
The authoritative source data business unit is responsible for and authorized to define, ensure the implementation, and enforce the validation process for the source system's inputs. This includes developing and implementing the process, and communication with the system users. For data under the purview of the DMG, the authoritative source data business unit validation details will be approved by the DMG. Upon approval, format, layout and validation methods for acceptance into the authoritative source system will be provided to the LEA and other data providers prior to policy enforcement. The authoritative source system data business unit is responsible for providing data validation details.
DMG-2009-001-DQ: New Data Elements or Changes to Existing Data Elements
All additions of new data elements or changes / deletions of existing data elements to source systems must be reviewed and approved by the DMG. Consideration of additional data elements will rely on existing statutory, regulatory, policy requirements, and business requirements.
DMG-2009-002-DQ: Metadata Repository
A Metadata Repository in alignment with the current version of the National Center for Education Statistics' Education Data Model (EDM) must be established and operated. Consideration of deviation from the EDM will rely on statutory, regulatory, or policy requirements.
DMG-2009-003-DQ: Master Data Calendar
The office of Policy and Strategic Planning is responsible for creating and publishing a consolidated master calendar, detailing a schedule of data collection, and key points in time, pursuant to DMG-2009-002-IN. The calendar shall be published by the end of February of each year and updated as needed.
DMG-2009-001-SE: Security of Confidential Data on Desktops and Laptops
All NCDPI full- and part-time, permanent and temporary employees, and contractors are responsible for the security of confidential data stored on computers (or other electronic devices) assigned to them.
DMG-2009-002-SE: Data Access Roles
All users who require access to data must be assigned specific data security role/roles, as determined by the source system owner, before accessing any system containing state data. The delivery security liaison(s) for each source system must determine how much access is appropriate and assign the relevant role(s) to the individual that authorize(s) acceptable read/write privileges. Reference DMG policy DMG-2009-003-SE: DPI Access to Information and Systems Policy.
DMG-2009-003-SE: DPI Access to Information and Systems Policy
All authorized users must follow the North Carolina State Information Technology guidelines to access (on-site or remote) any system containing state data. Reference DMG policy DMG-2009-002-SE: Data Access Roles.
DMG-2009-004-SE: Reporting on Data in Small Cells or Extremes
NCDPI will suppress results to protect the privacy of students in reporting data for small cells in compliance with FERPA guidelines and agency standards for public distribution of data.
DMG-2009-005-SE: Data Access Control
Data managers will apply data access control when providing/granting access to source systems and transmission of data in accordance with the standards for Controlling Access to Information and Systems as detailed in Chapter 2 of the Statewide Information Security Manual (see link in Related Documents section), which has jurisdiction and authority provided by N.C.G.S. 147-33.110.
DMG-2009-006-SE: Physical Transport of Data
In the physical transport of data, the Department of Public Instruction will protect the privacy of individuals.
DMG-2012-002-SE: Electronic Transmission of Data
The Department of Public Instruction will protect the privacy of individuals in transmitting education data electronically.
DMG-2012-001-SE: Data Sharing Process
Source Systems shall request access from the publishing system before consuming files from the MFTS (Managed File Transfer System).
DMG-2009-001-CO: Communication Policy for the Data Management Group
Key information will be posted to the Data Management Group (DMG) website and notification sent via email to the Superintendent's Leadership Council and to any authoritative data system owners not represented on the DMG. DMG members are responsible for providing key information to all affected personnel in their business areas. In addition, changes to key information affecting the LEAs will be communicated via email to at least one representative in each LEA. Recipients will be chosen from among Superintendents, NCWISE contacts, Longitudinal Data System contacts, LEA Public Information Officers, or other Central Office staff identified by the DMG.
Information and Needs Analysis
DMG-2009-001-IN: DPI Data Source System Data Elements: Annual Review
The inventory of authoritative data elements that are maintained in their respective authoritative source system will be reviewed annually by the respective data manager.
DMG-2009-002-IN: DPI Data Collection Management: Annual Schedule
By the end of January of each year, source system owners will publish an annual data collection schedule for the upcoming school year. The calendar will include all relevant availability, submission and reporting dates. These collection dates will be presented to the DMG for review prior to publication and kept current in thee Metadata Repository by the system owners.
DMG-2009-003-IN: Coordinating Data Collections
Business units that are responsible for managing authoritative sources are responsible for proactively coordinating the timing of different data collections, resolving perceived conflicts between them, and referring proposed resolutions to the DMG for review and approval. When an issue cannot be satisfactorily resolved by the business units, it shall be referred to the DMG for resolution.
DMG-2010-001-IN: Managed File Transfer Service: Recurring Data Transfers
All recurring data transfers will use the Managed File Transfer Service (MFTS) and adhere to the Data Flow and Request Approval Process.
DMG-2012-001-IN: Policy Waiver Process
Source systems shall have six months to conform to the newest version of published MFTS files. Any waiver request past the sixth month grace period will be presented to the Enterprise Data Manager (EDM).
DMG-2009-001-RR: Sharing Data with Researchers
A Memorandum of Agreement (MOA) between NCDPI and any organization or individuals conducting educational research is required for the release of any Personally Identifiable Information (PII) about individuals.
DMG-2009-002-RR: Requests for Personally Identifiable Information
All requests for Personally Identifiable Information (PII) (data at individual level) must be approved by the State Superintendent or designee (current designee: Policy and Strategic Planning Office).
DMG-2009-003-RR: Employees Working with Data
An Employee Confidentiality Agreement is required for all new and current employees regarding the release of any Personally Identifiable Information (PII) about individuals.