Data Governance for the NMSU system


In the conduct of its business, NMSU is entrusted with a lot of sensitive information and therefore required to comply with various data regulatory requirements such as FERPA, GLBA, FISMA, and other contractual agreements such as the Program Participation Agreement (PPA) with the U.S. Department of Education and grants & contracts.  A comprehensive data governance program helps to demonstrate compliance with these regulations, but more importantly enables NMSU’s executive management, faculty and staff to make data driven decision making on data that is easily accessible, reliable, properly protected, and of good quality.

Data Privacy Regulations Affecting NMSU’s Data:

  • FERPA (The Family Educational Rights and Privacy Act of 1974) – Student Data Privacy
  • GLBA (The Gramm-Leach-Bliley Act of 1999) – Customer (Student) Information Privacy
  • FISMA (The Federal Information Security Management Act of 2002) – Protection of Federal funded Information
  • HIPAA (The Health Insurance Portability and Accountability Act of 1996) – Medical Information
  • RFR (Red Flags Rule provision of the Fair and Accurate Credit Transactions Act of 2003) – Identity Theft Prevention Program
  • PCI DSS (The Payment Card Industry Data Security Standards) – Protection of Credit Card Information
  • EU GDPR (General Data Protection Regulation) – Protection of EU Citizens/Residents Information (EU students)
  • Privacy Act of 1974 and Higher Ed Act – Program Participation Agreement (PPA) with U.S. Department of Education

Data Governance:

According to a recent Data Governance Readiness Assessment by the U.S. Department of Education, establishing a comprehensive data governance program will help to ensure confidentiality, integrity, and availability of the data by reducing data security risks due to unauthorized access or misuse of data.

Data Governance aligns finely with Goal 4 of the NMSU LEADS 2025 Strategic Plan of building a robust NMSU system.  Thus, a data governance program will be established and sponsored by the Chancellor and President to ensure NMSU properly handles data across the system and obtains optimal value from both its information technology resources and data. Some of the core benefits of data governance will result in:

  • Enabling data-driven decision making
  • Data quality and reliability
  • Efficient and timely access to data
  • Protection of data according to its sensitivity
  • Balance between realizing benefits, optimizing risk levels, and resource.

NMSU is continuing the development and implementation of the data governance program for the NMSU system. Much progress has been made to date in establishing the foundation and framework of the program. To lead the implementation and deployment of the program, the next phase is being led by Ruth Johnston, Vice Chancellor and Strategic Chief Financial Officer, who is serving as the executive sponsor. The Data Governance Committee is chaired by Lenny Martinez, chief of staff, and Carlos Lobato serves as the NMSU system-wide champion of the program.

For more information contact:

Carlos S. Lobato
Interim Chief Information Security Officer
(575) 646-5902

Robert Doyle
Interim Chief Privacy Officer/IT Compliance Officer
(575) 646-5969

Print Friendly, PDF & Email