Skip to main content Skip to local navigation
Home » Data & Analytics Governance » Principles, Policies, and Standards

Principles, Policies, and Standards


Data PrincipleDescription
Institutional Perspective Data is treated as an institutional asset and managed through a service-focused framework.
UniquenessAll common concepts draw upon an authoritative source of data.
Common Vocabulary Data elements are defined using a common vocabulary. 
Access To enable them to provide outstanding service, employees can access data that is accurate, timely and appropriate to their roles. 
Privacy A Collection and Notice Strategy1 is required before obtaining, using, or sharing data. Data received is subject to clear rules around security, privacy, consent, and compliance with applicable laws. 
Limitation of Purpose Data is to be collected, shared and used only for specified and authorized purposes.  
Transparency Data is processed in a consistent, lawful, fair and transparent manner. 
Quality Data quality is optimized throughout the data life cycle. 
Security All data elements are protected in a manner that is appropriate to their use and commensurate with their sensitivity, whether stored in an enterprise system or a local repository.

1 Personal information provided to York University is collected under the authority of the York University Act, 1965. At all times this information will be protected in accordance with the Freedom of Information and Protection of Privacy Act (FIPPA).

Policies and Standards

Policies and standards on the data lifecycle.

Icon of a lock and a shield depicting information security.

Information Security Classification Standard
This standard establishes the classification categories to be used in accordance with the Information Security Classification Procedures and can be found here.