Job Board for Data Governance & Management in the Education Sector

A Comprehensive Tool for Defining Essential Roles in Education Data Governance

Enhancing accountability, compliance, privacy, and security for improved quality and equity in learning systems

Data governance is crucial for responsible and effective management of education data. It establishes policies, standards, and practices to ensure data quality, security, privacy, and compliance with laws. Moreover, it safeguards learners’ rights, enhances education system efficiency, and maintains the integrity of data for informed decision-making.

This job board, created by the Broadband Commission Working Group on Data for Learning, provides a framework of roles and responsibilities across different levels of education data governance. It helps stakeholders self-reflect on their data governance structures, identify gaps, and promote transparent and ethical data use. The tool supports discussions, sparks investments in data skills and resources, and contributes to safe and equitable data-driven education.

The job board outlines roles at micro, meso, and macro levels of education data governance, providing guidance on skills and competencies needed. These roles are not specific to any country but serve as reference points. The tool fosters discussions, aids stakeholders in self-assessment, and encourages compliance with data protection and ethical considerations to enhance data-driven decision-making and educational outcomes.

Explore the Tool

Macro level

Responsibilities related to the design and management of data infrastructure and security policies at centralized level and/or a dedicated data governance team or steering committee

Chief Information Officer, Education Sector (CIO)
Chief Data Officer, Education Sector (CDO)
Chief Information Security Officer, Education Sector (CISO-ED)
Learning technologies specialist
Data Privacy and Protection Officer (DPPO)

Meso level

Responsibilities at regional levels of public administration and education management

Regional IT
Regional Data
Regional Data Privacy and Protection Officer

Micro level

School-level and community-level responsibilities needed to responsibly unlock the potential of purposeful data use to improve the educational experiences

School Leaders
School IT and Cyber Security Officer
  1.  According to Article 35(1) of the GDPR, it is the task of the controller, not the DPPO, to carry out, when necessary, a data protection impact assessment. Article 39(1) (c) tasks the DPPO with the duty to provide advice where requested as regards the [DPIA] and monitor its performance.
  2. According to Article 39(1)(d) and (e) of the GDPR, the DPPO should “cooperate with the supervisory authority” and “act as a contact point for the supervisory authority on issues relating to processing, including the prior consultation referred to in Article 36, and to consult, where appropriate, with regard to any other matter. 
  3. Article 29 of the Guidelines on Data Protection Officers published by the EDPB notes that understanding of data security in general (not specific to data security on the cloud) is one of the professional qualities that the DPPO should have. 
  4. The micro-level competencies, especially for teachers, students, and school leaders, were predominantly sourced from Vuorikari (2022) DigComp 2.2, The Digital Competence Framework for Citizens and its subsequent analysis by Kivinen et al. (2022), ßDigital Information Literacy Guide.