/
SOP04-RM04: Project Closure and Data Disposition
Document toolboxDocument toolbox

SOP04-RM04: Project Closure and Data Disposition

Owned by Lisa Pasquale
Dec 31, 2024
10 min read

Revision Date: 2024.12.31

Table of Contents

I. Description 1

II. Objectives 1

III. Scope 1

IV. Definitions & Acronyms 2

V. Project Closure and Data Disposition 2

VI. Associated Documents and Resources 8

VII. Revision History 9

I. Description

This Reliable Method outlines the Governance processes used to finalize a project and ensure proper data disposition.

II. Objectives

Understand the steps involved in sunsetting a project and ensuring proper data disposition. which includes: 

  • Change access to Data in Synapse

  • Data Disposition Discussion with Data Contributor

  • Data Disposition Plan Confirmed by Data Contributor

  • Data Confirmation by Data Contributor

  • Proceed with Data Disposition Plan - Data Migration and/or Data Removal 

  • Closure of the Data Ingress/Egress Agreement

  • Update Internal Program Governance Documentation

III. Scope

The procedures in this document apply to Privacy and Data Protection Analysts working on an active project that is ending and requires formal closure and proper data disposition.

IV. Definitions & Acronyms

  • Amazon Web Services (AWS) S3 Bucket - A cloud computing platform storage container for digital files/data which allows the owner to control access to these files. 

  • Data Disposition - The process of managing and determining the final state or handling of data, particularly at the end of its lifecycle, by deciding when and how data is retained, archived, or deleted based on factors such as its value, relevance, and legal or regulatory requirements.

  • Data Disposition View - A tool, such as a Synapse fileview or materialized view (if data spans multiple projects), .csv file, or R or Python script that enumerates synIDs, which is created by Sage to allow a Data Contributor to easily view and confirm their contributed data for data migration and/or removal from Synapse.

  • Data Ingress/Egress Agreement - A formal contract between Sage and external party/ies that outlines the terms and conditions under which data is allowed to enter or be imported into Synapse and the intentions, responsibilities, and roles of each party.

  • Data Migration - A Data Disposition option which involves the retention and relocation of the Data Contributor’s data on Synapse

V. Project Closure and Data Disposition

  1. Change access to data in Synapse: Revise settings to ensure that shared data is no longer accessible across teams and remains available only to the respective Data Contributor’s Synapse Team. For programs in which data is being shared across different Data Contributor teams, the Synapse Sharing Settings must be updated to end shared access to data if deemed necessary by the terms of data ingress/egress agreement. These updates can occur before, on, or after the program's official end date, as determined by various parties, such as the data contributor, program funder(s), and Sage. The updates are made by the Sage Privacy and Data Protection Analyst with approval from the Sage Lead PI. 

  2. Data Disposition Discussion with Data Contributor: The Sage project team coordinates a conversation with the Data Contributor/ Lead PI to determine their plans for the future of their data and to review the timeline for project closure. If the Data Disposition Plan is pre-determined by the Data Ingress/Egress Agreement, then skip ahead to step 4.
    This is an example of a presentation deck created for a Data Disposition meeting. NOTE: For the purpose of this RM we assume that the Sage Team includes a PI, a Project Manager, a Privacy and Data Protection Analyst, and a Data Manager. When a Project Manager is not assigned by Sage, the Privacy and Data Protection Analyst assumes the responsibilities of the Project Manager as described in this RM. 

    1. Sage Project Manager schedules meetings with each Data Contributor / Lead PI Team. Meeting attendees include from Sage Team - the Lead PI, Project Manager, and Privacy and Data Protection Analyst; from the Data Contributor Team - the Data Contributor / Lead PI and Data Manager; and from funding source - the Program Coordinator (may be optional). 

      1. If the Sage Project Manager does not receive a response from the Data Contributor Team to schedule this meeting, then the Sage Project Manager provides the Data Contributor Team access to the meeting materials outlining the options for Data Disposition and requests their chosen Data Disposition option by a prescribed date. This is an example of a presentation deck created for a Data Disposition meeting

    2. At the scheduled meeting, the Sage Project Manager will present a “Project Closure” deck outlining the Data Disposition options, discuss the Data Contributor / Lead PI’s needs, confirm their chosen Data Disposition option, and review the timeline for project closure. The Synapse Data Disposition options include:

      1. Data Migration: Retain data on Synapse through the Synapse Plans (Basic Hosting Plan, Self-Managed Plan, or Data Coordination Plan) depending on data size and scope of desired services.

      2. Data Removal: Remove data from Synapse. NOTE: Removing data from the Synapse platform renders it inaccessible by all non-Sage Synapse users. 

  3. Data Disposition Plan Confirmed by Data Contributor: Sage obtains documented confirmation of the Data Contributor / Lead PI’s chosen option for Data Disposition. The Sage Project Manager will email the Data Contributor to either confirm the decision for Data Disposition as discussed at the meeting or to acknowledge receipt of their decision if instead communicated to Sage via email. In all circumstances, Sage Privacy and Data Protection Analyst creates a PDF of the email and archives this communication in Sage’s internal project documentation as the record of their decision.

    1. If the Data Contributor / Lead PI’s Data Decision includes a Self-Managed or Data Coordination Plan, then Sage provides a quote and works with the Data Contributor to execute a new Agreement with Sage and establish the data access and use conditions to apply to the data.

    2. A Data Disposition decision confirmed by the Data Contributor / Lead PI is preferred, but there are situations in which this decision may come to Sage from the Data Contributor’s Data Manager or other trusted Data Contributor team member. If not included in the email thread, Sage Project Manager should reply to the thread including the Data Contributor / Lead PI for visibility. 

    3. In rare situations, a Data Disposition decision may come from one Data Contributor / Lead PI on behalf of another Data Contributor / Lead PI and is ONLY acceptable if the contributing PI is copied on the email thread or if the Sage Project Manager replies the thread including the Data Contributor / Lead PI for visibility..

    4. If Sage is unable to obtain a Data Disposition decision from a Data Contributor / Lead PI or Institution after sending a minimum of three email reminders requesting their chosen Data Disposition option, then the Sage Project Manager emails the Data Contributor informing them of Sage’s next steps: to revoke the Data Contributor and their Team’s access to their data in Synapse on a prescribed date and to sequester their contributed data for removal from Synapse by a prescribed date. 

  4. Data Confirmation by Data Contributor: The Sage Project Team works with the Data Contributor / Lead PI and Data Manager to identify the data for Data Disposition, Sage creates a Data Disposition View of contributed data, and the Data Contributor reviews and confirms the data to prepare for Data Migration and/or removal from Synapse. 

    1. Sage Data Manager generates a Data Disposition View of the files contributed by Data Contributor. 

    2. Sage Project Manager sends email to the Data Contributor with a link to the Data Disposition View and requests that the Data Contributor review and confirm that the Data Disposition View shows all of the Contributor’s data. 

    3. Once confirmed, the Privacy and Data Protection Analyst creates a PDF of email and archives this communication in Sage’s internal project documentation as a record of the Data Contributor’s confirmation of data for Data Disposition. 

  5. Proceed with Data Disposition Plan: Unless otherwise arranged, execute the Data Disposition Plan on or after the official program end date, as captured in Steps 2 and 3. The Sage Project Team initiates the process, which may involve option A, option B, or a combination of these:

    1. Data Migration in Synapse: Assist the Data Contributor / Lead PI with the retention of their data on Synapse through a Synapse Plan. If the Data Contributor selects a Sage-supported plan, a new Data Ingress Agreement must be executed and Data Access Conditions must be established prior to starting the procedure outlined in this section. 
      To facilitate Data Migration in Synapse, the Sage Project Team will:

      1. Contact the Data Contributor to address the following: 

        1. Desired name of the new private Synapse Project

        2. Synapse Username(s) of the Manager(s) for the new Synapse Team. This will be the individual(s) responsible for managing Synapse users, roles, and access to the private project.

        3. Synapse User Name(s) for the Synapse Project Administrator. This will be the individual(s) assuming authority to control and assign data action permissions (“view”, “edit”, “download”, and “delete”), maintain folder and table structure, and publish wikis for the private Project. This may be the same person as the Synapse Team Manager(s). 

        4. Determine desired date of Data Migration.

      2. Using this information from the Data Contributor, create a new Synapse Project. 

      3. Create a new Synapse Team with the Data Contributor / Lead PI as Team membership approver. 

      4. Add the new Team to the Project’s Sharing Settings. 

      5. Add Sage ACT as an "Administrator" on the Project. 

      6. Move the data identified for retention into the new Synapse Project. 

        1. The migrated data retains click-wraps and Managed ARs, if those click-wraps and Managed ARs are no longer required, follow the process for removing these Managed ARs which includes filing an Privacy, Security & Compliance Office (PSCO) Help Center ticket for informational audit purposes. Managed ARs are retired, not deleted, and instead assigned to a dummy entity. 

        2. Remove ACT as “Administrator” on the Project.

      7. If migrating to a Sage-supported plan: 

        1. Retain ACT as “Administrator” on the Synapse Project. 

        2. Provide governance support as negotiated. 

      8. Once the chosen Synapse Plan is in place then: 

        1. If any of the Data Contributor’s remaining data has been designated by the Data Contributor for removal from Synapse, then proceed to 4b below to proceed with “Data Removal from Synapse”. 

        2. If all of the Data Contributor’s data is being retained on Synapse, then proceed to Step 6. 

    2. Data Removal from Synapse: Before proceeding, the Sage Project Team and the Data Contributor must understand the following about Data Removal: 
      Removing data from the Synapse platform renders it inaccessible by all non-Sage Synapse users. All reference links to removed data will no longer be valid. Reference links within datasets, tables and materialized views will resolve to ‘not found’ and Digital Object Identifiers (DOIs) will point to a page with a ‘not found’ message. Fileviews will no longer display deleted files. Removing data from the Synapse platform renders it inaccessible by all non-Sage Synapse users and remains only accessible by Sage IT personnel.

      Removal of Data from Synapse leads to eventual deletion from the Synapse Amazon Web Services (AWS) S3 Bucket if/when deemed necessary by Sage. Unless special circumstances dictate otherwise, to facilitate Data Removal from Synapse, the Sage Project Team will follow the default Data Removal process: 

      1. Privacy and Data Protection Analyst creates a Jira ticket in the“Privacy, Security & Compliance Office (PSCO) Help Center” and assigns the ticket to the Sage Lead PI for approval. If the project has its own Jira queue (example: 1kD Project Dashboard) the PSCO ticket can be linked to an associated ticket in the Project’s Jira for tracking purposes. The PSCO Help Center ticket must include the following information: 

        1. Date the data removal request was submitted to Sage

        2. Name and role of the person who submitted request to Sage

        3. Attachment of, or link to, the documented request and confirmation of the Data Disposition View (usually an email) 

        4. Project synID as reference and the Folder(s) or File(s) synID of the data to be removed from Synapse:

          1. Project SynId removes an entire project.

          2. Folder SynId removes a folder and its contents. 

          3. File SynId removes individual files. 

        5. Tag Sage Lead PI to request formal approval for Data Removal. If there are governance concerns, the Sage Chief Privacy and Compliance Officer may be tagged on the ticket. 

      2. After the Sage Lead PI reviews the ticket and grants approval for data removal, the Privacy and Data Protection Analyst will “delete” the specified data from Synapse using the SynIDs provided in the ticket.

        1. If deletion issues arise that require programmatic tools (e.g., removing a large set of SynIDs), the Privacy and Data Protection Analyst may assign the task to the Sage Project Manager, who will coordinate with a Sage Engineer for support. Once the programmatic data removal is complete, the Sage Project Manager will return the ticket to the Privacy and Data Protection Analyst for finalization.

      3. Once the data has been removed from Synapse, the Privacy and Data Protection Analyst records data removal in the ticket and then changes the ticket status to “Closed”.

      4. If appropriate, the Privacy and Data Protection Analyst sends a confirmation email to the Data Contributor or Lead PI to notify them of the data’s removal from Synapse. The analyst then saves a PDF copy of the email and archives it in Sage’s internal project documentation as a record of the data removal confirmation. This is a template confirmation email: 

Greetings [name],

I am writing to inform you that the [Project or Program name] files which you confirmed in the Data Disposition View [add link to view] have now been successfully removed from Synapse. If you have any questions or concerns, please let us know. We look forward to future opportunities to work with you and sincerely wish you all the best.

[name]

[title]

  1. Closure of the Data Ingress/Egress Agreement: The Privacy and Data Protection Analyst sends the Notice of Closure email to Lead PI, Signatory, and Contract Persons included in execution of the Data Ingress/Egress Agreement.

    1. Prepare a Notice of Closure email for the Data Ingress/Egress Agreement between Sage and the Data Contributor. This email will include the original execution date of the Data Ingress/Egress Agreement. This is a template for a Data Ingress/Egress - Notice of Closure

    2. Send Notice of Closure email to Lead PI, Signatory, and Contract Persons included in execution of the Data Ingress/Egress Agreement. Attach a copy of the executed Data Ingress/Egress Agreement

    3. Once sent, save a PDF copy of the Notice of Closure email in Sage’s internal project documentation. 

  1. Update Internal Program Governance Documentation: The Privacy and Data Protection Analyst updates Sage’s internal program governance documentation to reflect actions taken in this “Project Closure and Offboarding Process”. 

    1. Update related documentation in Synapse

      1. Program Landing Page

      2. Access Requirements List

    2. Update related documentation in Google Drive and sharing settings

      1. Data Ingress/Egress Agreement Tracking - Update with agreement stage status

      2. List of Authorized Individuals - Update with access status changes and dates

VI. Associated Documents and Resources

VII. Revision History

Version #, Date

Description

V1, 2024.12.31

New Document