ABSTRACT
This chapter introduces the concepts of data owner and custodian; their origins and their emergence; and the rights, duties, privileges, and responsibilities of each. It describes how to identify the data and the owner and to map one to the other. In time-sharing systems, access was similarly obvious. Most data was accessed and used only by its author and creator. Similarly, policy should make it explicit that custodians of data must protect it in accordance with the directions of the owner. At one level, the owner of institutional data is the institution itself. However, it is a fundamental characteristic of organizations that they assign their privileges and capabilities to individual members of the organization. Suppliers of data processing services and managers of computers and storage devices are typically custodians of application data and software processed or stored on their systems.
