Internal Access to MnDOT-Owned Public Data
MnDOT Policy #DM007
Effective Date: December 23, 2019
View/print signed policy (pdf)
Please go to the MnDOT Org Chart to find specific contact information: Org Chart.
Responsible Senior Officer: Deputy Commissioner/Chief Administrative Officer
Policy Owner: Chair, Data Domain Stewards (DDS) Group
Policy Contact: Information Governance and BDC Coordinator
This policy provides the criteria governing MnDOT employee access to public, read-only data residing in MnDOT's Common Data Environment (CDE). MnDOT-owned data in the CDE that are classified as public and have been optimized for consumption shall be available to MnDOT employees who request access.
This policy does not govern:
- Write access to transactional applications; shared drive folder permissions; and any onboarding or off-boarding processes that have traditionally been implemented through the Access Authority role
- Access to not public data
- Access to public data that are not final or have not been optimized for consumption (see fig. 1.1)
- Access to non-MnDOT-owned data and systems, including enterprise systems owned by other state agencies (e.g., SWIFT and SEMA4)
Users of CDE data are encouraged to consult subject matter experts—either the Application Coordinator or Subject Area Steward—for guidance on the interpretation and proper use of data. Employees who use data from MnDOT's CDE are responsible for following the standards for publication of any derived data, reports or analytics.
Data from MnDOT's transactional systems are routinely published to a central repository for query and analysis. This policy clarifies the rules and standardizes the process for MnDOT employees to access public, MnDOT-owned read-only data, residing in MnDOT's CDE, and serves to ensure that these public data are readily available to MnDOT employees without the employees having to obtain permission from the owners or stewards of the individual source applications.
All MnDOT employees must comply with MnDOT policies.
Common Data Environment (CDE)
A common digital space for collecting and sharing data that has been loaded from transactional source systems. Similar to a data warehouse or data lake, a CDE is a central repository from which users can access a range of data from multiple sources for query and analysis.
The categorization of government data to distinguish public data from not public (such as private, confidential nonpublic, or protected nonpublic) data. (See fig. 1.2.)
A store of data from a variety of operational sources, made available to end-users (data consumers) for query and analysis. Warehoused data are read-only.
All data collected, created, received, maintained or disseminated by any government entity regardless of its physical form, storage media, or conditions of use (See Minn. Stat. §13.02 Subd. 7).
MnDOT data are government data.
Not Public Data
Not public data are data that are private, confidential, nonpublic or protected nonpublic. Examples of not public data include:
- Attorney-client privileged information
- Certain personal data about individuals
- Bid escrow documents
- Cost estimates before the project is awarded
- Overhead data of companies
- Property evaluation data
Final data that are structured or that have been re-structured to improve efficiency of retrieval and processing.
All government data collected, created, received, maintained or disseminated by a government entity shall be public unless classified by statute, or temporary classification pursuant to Minn. Stat. §13.06, or federal law, as nonpublic or protected nonpublic, or with respect to data on individuals, as private or confidential.
A descriptor for both a type of data and a type of data access:
- Read-only data may be read or viewed but not changed.
- Read-only access permits the viewing of existing, read-only data but does not confer rights to create, update or delete data.
Data residing in or loaded directly from their operational (source) applications without having been processed or de-normalized (transformed). Transactional, or operational, data are live data in their native software systems and subject to write access by authorized system users. Transactional data are routinely copied (loaded) to warehouse environments for read-only consumption.
Permission to write, or make changes, to data in an electronic system. This type of access is sometimes described by the acronym "CRUD," which stands for Create, Read, Update and Delete.
- Request access to public MnDOT-owned data by submitting an IT Service Request.
MNIT @ DOT Database Group
- Implement, or fulfill requests for, access to public data in the CDE by any MnDOT employee. The mechanism to fulfill requests is creation of a common access method (role ) for all MnDOT-owned final public data in the warehouse/CDE.
MnDOT's Responsibility Authority and Data Practices Compliance Official (DPCO)
- Responsible for final decisions about the classification of any MnDOT data elements. To contact Data Practices email DataPractices.DOT@state.mn.us.
Policy Owner (Chair, Data Domain Stewards (DDS) Group)
- Review policy every two years to ensure policy remains up-to-date
- Ensure training associated with policy remains current
- Work with Policy Coordinator to revise policy, as needed
- Communicate new policies as well as revisions, reviews, and retirements to stakeholders
- About MnDOT's Data Warehouse on iHUB
- Business Data Catalog (BDC)
- Data Practices on iHUB
- Guidelines for Determining Data Classification
- MnDOT's Policy Website
|Public Data||Not Public Data|
|Data on individuals||Accessible by anyone||Private - not public but accessible to data subject
Confidential - not public and inaccessible to data subject
|Data not on individuals||Accessible by anyone||Nonpublic - not public but accessible to any subject of that data
Protected Nonpublic - both not public and not accessible to data subject
December 23, 2019
This policy's next scheduled review is due November 2021.