Your browser does not support JavaScript!
ODGA Header Logo Image

Chief Data Officer
Ken Pfeil

Commonwealth Data Trust

The Commonwealth Data Trust, implemented by the Office of Data Governance and Analytics, is a safe, secure, and legally compliant information sharing environment that establishes consistent requirements for trust members through a standardized data sharing agreement process. The data trust provides a scalable alternative to multiple “point-to-point” sharing, promotes trust among its members through common rules for data security, privacy, and confidentiality and reduces technical costs by onboarding to a single environment using standard National Information Exchange Model (NIEM) protocols. The Data Trust will ensure and support data discovery and analytics for agencies and organizations across the Commonwealth of Virginia. 

The Data Governance Framework supports the execution of the Commonwealth Data Trust through strategic oversight by the Executive Data Board and operational oversight by the Data Governance Council.

Data Trust Member Agreement

This establishes the relationship between the data provider and the trustee (ODGA). This agreement is used for organizations contributing data into the data trust. Signing this agreement doesn't mean the entity gets access to trust member-contributed data.

View Document

Data Trust Member Agreement Amendment Form

This document is used when a data provider needs to amend their data trust agreement to include new data, new constraints, or any other changes to the trust agreement exhibits.

View Document

Data Trust User Agreement

This describes the relationship between the trust and recipients of trust member-contributed restricted-use data. This agreement is primarily for organizations that have projects that need access to restricted-use trust data.

View Document

Data Trust User Agreement Amendment Form

This document is used when a user needs to amend their agreement to include new data, new constraints, or any other changes.

View Document

Data Trust Individual User Non-Disclosure Agreement

This document lays out the roles and responsibilities individuals have with regard to using and safeguarding restricted-use trust data. Every team member on a data trust user project must have a signed NDA on file in order to access trust resources (no exceptions).

View Document

Dataset Readiness Review

This document is used as a guideline for the onboarding of data into the Commonwealth Data Trust.

View Document

Data Security Tiers




0 – Public Information

No PII. Data may be aggregated to hide personal information. No harm in sharing.

  • Basic infrastructure security. 
  • No encryption or access approvals needed.

1 – Public PII

Public PII – Generally available information like name, address, phone number.  Aggregated PII or PHI data with non-public information in the data set.

  • Encrypt data set. 
  • No column level encryption or masking
  • Data Steward approval for access required.

2 – Protected PII

SSN, Date of birth, medical information etc.

  • Encrypt data set. 
  • Column level encryption or masking on Protected PII fields. 
  • Data Steward and Data Governance approval required for access. 
  • Written justification required for access from other agencies.

3 – Governor’s Working Papers

Special projects for the Governor’s office with or without PII or PHI.  Project data not subject to FOIA - § 2.2-3705.7.

  • Encrypt data set. 
  • If Protected PII, encrypt or mask columns.
  • Only Governor’s office or authorized Agency can request and approve access

4 – Classified

Highly confidential. Substantial harm

  • Not to be shared with ODGA

Virginia Data Roles and Definitions

Data Owner: The data owner in an organization is anyone who originally created or acquired the raw data, and/or anyone who retains the rights to approve sharing or other actions, can make access control decisions (or restrictions), and can approve memorandums of agreement on data use.

Data Steward: Data stewards carry out data owner requirements, translate them into meaningful requirements, and act as subject matter experts on the data and its utility for business use. Where data owners have decision rights, stewards protect those rights and convey them across the enterprise. Data stewards bridge the gap between different data stakeholders, so they need excellent communication skills in order to translate between data owners, platform developers, and data users. 

Data Curator: Data curators are responsible for the ongoing documentation of contextual metadata about key data assets according to standard operating procedures and consistent terms of reference. When data is well-curated, it contains appropriate contextual metadata that allows a dataset to be discoverable for uses other than its original use. This can help avoid duplication of effort. Good curation also enables better data analytics by allowing data scientists to gauge the reliability of a dataset and identify gaps in data for possible additional collection or articulation of caveats and margins of error. Finally, well-curated data assets are more easily measured, more easily tracked for regulatory compliance, and more easily accounted for in disaster recovery plans.

Data Custodian: A data custodian is a particular type of data steward. In some organizations, a data custodian is referred to as a technical data steward. The role of the data custodian is closer to the IT side of the house than the mission side, and typically covers tasks such as information flow, operation of APIs, and articulating technical data requirements to platform development teams.


Special Benefit to Executive Branch Agency Commonwealth Data Trust Members

The Virginia Office of Data Governance and Analytics (ODGA) is proud to offer Dataversity training to Executive Branch agency Commonwealth Data Trust members. ODGA will provide a Dataversity scholarship that will provide unlimited classes for a limited time! Commonwealth Data Trust members will need to contact the ODGA team for their scholarship.

Data Trust Members