Data Governance and Security
About DAISEY
The University of Kansas Center for Public Partnerships and Research (CPPR) is working with early childhood system partners to build upon existing efforts and infrastructure to ensure Kansas can effectively coordinate, improve, and track outcomes for infants and toddlers across the state. To this end, CPPR developed Data Application and Integration Solution for the Early Years (DAISEY), a web-based shared measurement tool used by early childhood system partners and funders. DAISEY consolidates data for the purpose of centralized data storage and single-source reporting. DAISEY provides the capacity to fulfill funder reporting requirements and provides access to data for reporting and analysis to improve practice and services to children and families.
Security Policies and Procedures
CPPR recognizes the sensitive nature of data in DAISEY, as well as the trust partners place in CPPR to protect that information. As a result there are extensive policies and procedures that govern all aspects of DAISEY operations. University of Kansas Information Technology (KU IT) has extensive policies and procedures relevant to DAISEY, most notably the Data Classification and Handling Policy , Data Classification Procedures Guide, and the Security Policy. In addition, the Center for Public Partnerships and Research established the Data Management and Security Policies and Procedures Manual, and the DAISEY Policy and Procedures Manual to bolster KU IT’s safeguards.
Data Governance Documentation
In addition to established policies and procedures, CPPR works with its partners to implement data governance documentation that ensures protections and safeguards for DAISEY information at all levels.
Terms of Use: between our partner and their grantees, this document establishes what data will go into DAISEY, how it will be used, and how it will be protected.
Memorandum of Agreement: between grantees in a data sharing community, this document outlines terms regarding how shared data is used and protected.
User Confidentiality and Data Security Agreements: signed by DAISEY users, this document requires their commitment to protect data and follow DAISEY use regulations.
Because there are a variety of organizations using DAISEY, CPPR also provides support to determine appropriate avenues for documentation of client consent for data entry and data sharing in DAISEY.
Technical Specifications
DAISEY is hosted on two single use virtual servers. The servers address HIPAA Security Rule requirements for the protection of Protected Health Information (PHI). The system has the necessary safeguards in place for administrative, technical, and physical security of data to ensure the proper handling, access, storage, and recovery of PHI.
Electronic access to the system is controlled via SSH keys which encrypts information in transit. DAISEY systems are physically located in the Secure Data Center within KU’s Price Computing facility. Access to equipment is controlled and monitored by staff 24/7.
If you have questions about DAISEY data governance and security or would like to request documentation referred to above, please email daiseyadmin@ku.edu.