Policy Glossary

Data Owner

Person who creates the data or has authority over the group who created the data; Designated person/position authorized access to specific data per policy (e.g., health records); Designated person/position authorized to approve access to data (e.g., treatment/Security Threat Group records); Designated person/position authorized to release data (e.g., Public Disclosure Unit, Communications Director); Designated person/position ensuring compliance with policies and applicable regulations (e.g., human resources, investigations).

Data owners do not typically include persons enabling/supporting access to data, acting as a custodian for data, or maintaining an Information Technology (IT) system (e.g., IT technicians, administrative assistants).