You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Document Name: NCSA Data Retention Policy
Version: 0.2
Accountable: Adam Slagell
Authors: Adam Slagell
Approved:   

Scope

This data retention policy covers all systems operated by the Integrated Cyber-Infrastructure directorate at the NCSA. More specific system data retention policies and contracts/agreements can supplant this default policy. 

Data Types

There are 5 major types of data ICI is responsible for at NCSA: Staff, User, Project, Log, Temporary, & Business data. 

Staff Data

Staff data are information on systems operated by ICI which they are given by virtue of being a staff member or sponsored guest at the NCSA. Examples include AFS home directories, laptop/workstation backups, user space on the file server, personal spaces on the wiki, and list archives for lists that staff person owns.

User Data

User data are information on systems operated by ITI which are given by virtue of having an allocation on an NCSA operated system. Examples include home directories on HPCs, personal directories on storage services, and other storage that is given to users who are not necessarily sponsored guests or staff.

Project Data

Project data are information on systems operated by ITI which are shared by a project and should persist beyond any one person leaving that project. Examples include web server spaces in AFS, project spaces on HPCs or data services, group or project folders on the file server, project wiki spaces, and project email list archives.

Logs & Accounting Data

Logs and accounting data are metadata generated by systems operated by ICI to assist in the maintenance, operation, and accounting of those systems. These include system and network logs, allocation usage, security alerts, failure notices, and more.

Temporary Data

Temporary data can be generated or created by users in special folders for the express purpose of short term use. Examples include scratch spaces on HPCs, temporary and swap folders used by operating systems, and data staging areas used to transfer data to another system or person.

Business Data

Business data are financial, contract, personnel or other data required by the administrative staff at NCSA to do their daily job. This data may rest on endpoints managed by ICI, or ICI managed file servers, wikis, or backups. Business data sitting on non-NCSA University systems are not considered here.

Retention Policies

 

not a promise to clean up

retired systems

  • Log and accounting data
    • Logs 1 year, unless other superceded by project policy
    • Accounting & profile info forever
  • Staff data
    • 180 days after leave NCSA
    • May also have separate user data
  • User data
    • 90 days after no allocation or project affiliation
    • Does not imply account is active, may have to retrieve for them on request
  • Project data
    • 1 year after project expiration

Privacy

  • Respect UIUC policies
  • Logs are not protected unless, special policy
    • e.g., keystroke data
  • User data permission needed
  • Staff
    • No expectation of private data
    • Manager & HR together decides
  • Project data
    • PI has access

Exceptions

  • Who approves?
  • How is it tracked?

 

 

 

 

 

 

  • No labels