Responsible Data Use in Higher Education
As the University of Arizona observes Data Privacy Week,Jan. 26 – 30, we have an opportunity to reflect on how data is collected, managed and used across the institution. In a university setting, data privacy extends beyond keeping information confidential; it centers on responsible data use, thoughtful design and trust.
According to Casey Miller, Data/Middleware Analyst with University Analytics & Institutional Research (UAIR), data privacy in higher education is about ensuring data is used appropriately and intentionally. “Data privacy in a university setting isn’t about keeping data secret,” Miller explained. “It’s more about using data responsibly, using data for its intended purpose, sharing data appropriately, and collecting only what we actually need.”
Universities manage a wide range of data types, including academic, administrative, research, and public-facing information. Miller noted that privacy considerations vary by context and user. “The same dataset could be highly sensitive for one user while perfectly appropriate for another.” For example, student-level data may require high access, while aggregated data from the same source may be suitable for reporting or public use. These distinctions are central to how data privacy is maintained within systems like UAccess Analytics and the Data Warehouse.
Responsible data stewardship plays a critical role in building trust across campus. Consistent processes for accessing data help ensure that information is protected and used as intended. “Having data used today be the same as tomorrow, with all users going through the same requirements for data access, including sign-offs from data stewards, keeps data safe and accessible only by those who need it,” Miller said. This consistency reduces the risk of unintended disclosure and reinforces confidence in institutional data.
That responsibility also extends beyond U.S. borders. International data use is shaped in part by the European Union’s General Data Protection Regulation (GDPR), which governs how personally identifiable information is collected, processed, and protected for individuals in the EU. Although the GDPR is an international regulation, its principles influence how universities like the University of Arizona approach privacy, access, and accountability when handling data related to global students, employees, and research partners. University Privacy, which focuses on the responsible handling of personal information and fostering an environment of trust and security, provides guidance on how U of A policies and practices align with GDPR expectations to protect students and employees. Learn more about University Privacy’s guidance on taking charge of your personal data in a recently published UAnnounce Memo.
Within UAccess Analytics, data is curated to support both accuracy and clarity. Users can work from pre-built dashboards or create their own reports using self-service analytics tools designed to reduce misinterpretation. Strong stewardship is also essential for external reporting, including submissions to organizations such as the Integrated Postsecondary Education Data System (IPEDS), the Arizona Board of Regents, and U.S. News & World Report. “Good stewardship of data is key to trust in the data,” Miller emphasized.
One lesser-known aspect of data privacy lies in how data systems are designed. “Data privacy isn’t just about data policy,” Miller said. “It’s also about data design – decisions around what data is collected, how systems are connected, and what level of detail is stored.” These design choices influence how data can be accessed, analyzed, and protected over time.
As the university observes Data Privacy Week, UAIR’s approach to data reminds us that privacy is built through everyday decisions, about design, access, and use, that shape trust in institutional information.