Data Management, Storage, & Retention Policy


The purpose of this policy is to direct the implementation of standards and procedures for the management, storage, archival, and disposal of institutional data.

This policy is organized into sections. The sections are: 1) Ownership, 2) Backups, 3) Locations, 4) Disposal, 5) Access and Confidentiality, 6) Training, 7) Data Stewardship & 8) Extraction and Reporting.


Institutional data is defined as data generated for and by Limestone University administrative units for the purpose of performing their duties and responsibilities. This includes data on any storage modality, location, or format. Data generated by faculty or students for the purposes of individual academic research will not be subject to this policy.



Institutional data is owned by the institution and essential to the fulfillment of the University’s mission. All institutional data, whether maintained in the central database or copied into other data systems, remain the property of the University and are governed by this policy statement. Individuals, academic and administrative units may have responsibilities for overseeing and managing subsets of Limestone’s data or databases, but no single person, academic or administrative unit within the institution “owns” that institutional data or the associated database.


  • At a minimum, all cloud systems and data are required to be backed up on a nightly (at least incremental or differential) basis.
  • At a minimum all on-premises systems and data are required to be backed up on a nightly (at least incremental or differential) basis.
  • At a minimum, all SIS (Student Information System) related systems will be included in the backup processes.
  • At a minimum, all confidential and sensitive data shall be encrypted on backup media.
  • Backup media catalog must be labeled and accounted for at all times.
  • Full backups shall be performed on at least a daily basis with backup media maintained on disk securely and readily accessible for at least one (1) month.
  • Recovery procedures must be tested at least every six (6) months to ensure that they are effective and that they can be completed within the time allotted in the operational procedures for recovery.
  • Backup and recovery documentation must be reviewed and updated at a minimum on an annual basis to account for new technology, business process changes, and migration of applications to alternative platforms.
  • Backups and archives will be treated with the same level of criticality and sensitivity as the data and applications stored on them.


Backups of any LU data whose loss would impact the operation or viability of the University will be positioned in multiple locations. In addition to one full backup located on premises, an additional backup will be taken off-site or written off-site to a secure location in a timely manner.

This includes data currently housed on local end-user machines. All essential data must be accessible by more than one individual.

Any backup media containing essential or sensitive data will be encrypted.

Data Disposal

Unneeded non-authoritative data (duplicate copies, outdated records, non-business-related files, test data) accumulate in operational locations need to be removed when no longer needed. Purging not only saves IT resources, but also avoids confusion and the possibility of compromising sensitive data in these sources that may not be as well protected as the authoritative masters.

Data destroyed in batch or bulk will only be disposed of by IT in consultation with the Data Governance Committee.

Access and Confidentiality

Access to University Administrative Data should be based on the business needs of the organization and should enhance the ability of the University to achieve its mission. Employees shall have access to the Administrative Data needed to perform their responsibilities. Individually identifiable data shall be available to the extent necessary to perform administrative tasks.

Personally Identifiable Information (PII) shall not be disseminated through non-secure media, including email. PII is defined as Full Legal Name, Social Security Number, Student ID Number, Driver's License, Credit card information, Passport information, Academic records, financial information, and medical records.

University IT will conduct an annual review of the access and roles assigned to end-users. This review is intended to update access and roles to match current business needs and employee responsibilities. When an individual is no longer associated with the University, their account access across all platforms will be revoked immediately.


Before an individual is permitted access to Administrative Data in any form, training in the use and attributes of the data, functional area data policies, and University policies regarding data is required. New employees who have not yet completed training will be granted read-only access to production environments until IT has been notified the training is complete. Read-only access to production environments and/or read-write access to play or training environments will be granted until the training completion notification is received by IT.

Each department is responsible for determining and delivering the required training and notifying IT the training is complete. This will ensure the training is specific to that area, adaptable, and worthwhile. Individuals currently employed by the University are not subject to this requirement.

Data Stewardship

Data Stewards are operational managers in a functional area with day-to-day responsibilities for managing business processes and establishing the business rules for the systems of record. They are responsible for maintaining the content of systems of record.

The Office of Institutional Research & Effectiveness in conjunction with the Data Governance Committee shall be responsible for developing definitions of commonly used terms and will define how University metrics are calculated. These definitions will be published for University consumption in the Limestone University Data Dictionary.

Extraction and Reporting

Extraction, manipulation, and reporting of administrative data must be done only for University business purposes, or subject to terms of use as otherwise approved by the University Cabinet. Personal use of Administrative Data, in any format and at any location, is prohibited.

Reports generated must be developed in accordance with the Limestone University Data Dictionary to ensure consistent and clear information is used in all areas of the University and accurately represents the University in external reporting.

Last Revision Date