The college application process can feel daunting to anyone, never mind sixteen- or seventeen-year-olds trying to balance their social lives, romance lives, and . . . oh yeah, high school grades. That’s why it’s important that you, their family, step in and partner with them through this life-changing process.

Here is a short list of Do’s and Don’ts that you, the family of a college-bound high school student, can follow to provide the support your student needs while ensuring that they stay in the driver’s seat.

DO set up a separate email account. You will be bombarded with admissions emails.  Do yourself and your student a favor and don’t share your daily email box with this influx of communications.  This can be a stress reducer too, allowing you and your student to compartmentalize the admissions process to a time and place that works.

But DON’T put it in your name.  This is a great time to help your student be more responsible and autonomous.  The email should be set up in his/her name.  This also shows prospective colleges that your student is capable and independent.

DO maintain a timeline. Applications deadlines are numerous and can sneak up without warning if you’re not careful. Plus, if your student wants to engage in activities such as college fairs, campus visits, or admissions interviews, the timing of these needs to be taken into consideration, as well. Therefore, developing a schedule to help your student stay on track can be immensely helpful.

But DON’T nag. If your student procrastinates or misses a deadline, they need to handle the consequences. After all, this is what will happen in real life; they might as well start learning now!

DO your homework. No matter how vividly you may remember your own college admissions process, times have changed. In order to be a useful resource and helping hand to your student, you need to research the latest processes and expectations in college admissions. (Including financial aid!)

But DON’T do everything for your student. This is their future at stake, not yours, so be sure to heed the boundary between helping and “taking over” the college application process.

DO discuss finances. And do this as frankly and early as possible. This way, your student knows what is realistic up front and won’t waste any time or energy researching colleges that, ultimately, they won’t be able to attend.

But DON’T let sticker price intimidate them. Believe it or not, financial aid might actually make a school with a higher sticker price less expensive than a competitor. Be realistic, but don’t discourage your student before you’ve done your own homework and have a sense of what is actually possible.

DO make time for campus visits. Nothing can give a student the feeling of being “at home” (or out of place) like an in-person visit to a school. Plus, these visits present valuable opportunities to learn more about the school beyond a static website or slow email correspondence. Therefore, encourage your student to visit at least a few campuses of schools they are considering, and arrange your schedule so that you can help make the visits happen.

But DON’T force your student to do anything they don’t want to do. If the impetus is not coming from them, they probably won’t get the same level of benefit out of the activity, whether it’s a campus visit, admissions interview, or applying to a school at all. Be supportive, be encouraging, but at the end of the day, let your student steer the process in whatever direction they decide is best.

Finally, DO let your student make their own decisions. Choosing a college is one of the first opportunities your student has to make adult choices, and they must live with the consequences of their choice. Therefore, step back and make sure the choice is theirs.

We live in a world full of data. Everything from our name and age to our food preferences is stored in a vault or in a cloud, on some sort of server somewhere, waiting to be retrieved and pinged across the world for reasons as simple as signing in to our email account or as complex as targeting us for a vacation advertisement.

Of course, agencies tasked with collecting this data are also expected to correctly store and manage access to it, and the more sensitive the information, the greater our expectations of privacy and security are. Yet the more data there is to handle, the more difficult it can be for agencies to maintain availability, quality, and privacy of our data.

These reasons—along with others—were what motivated the government to found PTAC: The Privacy Technical Assistance Center. This “center,” or online collection of resources, provides educational agencies and institutions with guidelines and training to develop a data governance program that ensures the privacy, confidentiality, and security of students’ data from pre-school through postsecondary education and into the workforce.

But wait a minute, what exactly is a data governance program?

At its essence, a data governance program is a set of rules and procedures that determine how data should be treated from the time it is acquired (when you fill out a form, register for an account, etc.), through its use (you use your email to log on to an online account, one company sells another company their mailing list, etc.), and culminating with its disposal (your record is deleted, your account is deactivated, etc.).

The benefits of developing a strong data governance program are fourfold. The data will be more accurate (meaning that it’s thorough and reflects reality). It will be more usable (better organized, more easily accessed). It will be timelier (available without delay). And finally—arguably most importantly—it will be more secure.

According to PTAC, there are four key steps to creating and maintaining a good data governance program. These “steps” are best framed as questions.

1. Who will be responsible for the program and for making decisions about its governance?
2. What are the rules and methods for managing the data?
3. How will these rules and methods be implemented?
4. Is the program a) doing what it is meant to do, and b) being followed by all stakeholders?

If you are able to adequately answer each of these questions, then your organization probably has a solid data governance program already in place. If not, PTAC provides a guide to the 10 components that you should follow to develop a comprehensive data governance program. These components are grouped into three overarching “themes”: a) rules of engagement, b) organizational bodies and individuals, and c) data governance processes.

A. Rules of engagement

First and foremost, a data governance program needs to fit with what the organization, as a whole, is trying to achieve. Likewise, it also needs to fall in line with what stakeholders expect from the organization. And finally, it must be reasonable—that is, the organization must have the resources necessary to put such a program in place, and then to sustain it. Therefore, here are PTAC’s six primary “rules of engagement”:

1. Mission and vision – what is the organization’s overall mission/vision, and how do the expectations of data governance play into that?
2. Goals, governance metrics, success measures, and funding strategies – what are the goals of the data governance program, how will they be tracked and measured, and how will the program be financially supported?
3. Data rules and definitions – what data is being collected, and how will different types of data (e.g., personally identifying data vs. anonymous data) be treated differently?
4. Decision rights – who is permitted to make a decision about what is done with the data?
5. Responsibilities and enforcement and compliance mechanisms – who is responsible for the implementation and success of the program, and how will its rules be enforced?
6. Security controls for risk management – what happens in the case of a data breach or data mismanagement?

B. Organizational bodies and individuals

Next, a data governance program must address who is “in charge”—i.e., who is responsible for making sure the program is implemented efficiently and effectively—as well as the rights and responsibilities of other involved parties. These are:

7. Data stakeholders – these include data owners and users, and their rights and/or responsibilities should be spelled out
8. A data governance body – this committee should include management and legal representatives, along with data system administrators, data providers, data managers, privacy/security experts, and data users
9. Data stewards – these are individuals who possess specific roles and responsibilities within the data governance program

C. Data governance processes

The final, tenth piece of the data governance program is a set of procedures for implementing and modifying the program. These procedures should specify a number of “how to’s”: how to implement the program, how to manage data over the long term, how to judge the program’s success, and how to handle cases when data quality or security is jeopardized. These “how to’s” fall into three main categories: proactive (setting standards prior to collecting any data), reactive (correcting any security policies in response to a data breach), and ongoing maintenance (regular operating procedures to keep the program intact and functioning smoothly).

If you work to incorporate these ten components into your data governance program, you will end up with a securer system that presents you with more accurate, timely, usable data. For more details, you can access resources from the US Department of Education here.