Data Custodian

An individual or entity responsible for the technical implementation and administration of data security controls and safeguards. Data custodians typically handle day-to-day data management tasks like backup, recovery, storage management, access provisioning, and security monitoring. Unlike data owners (who make policy decisions about data use) or data controllers (who determine processing purposes), custodians focus on the operational aspects of protecting and maintaining data. In IT terms, database administrators, system administrators, and cloud storage managers often serve as data custodians. For privacy compliance, custodians implement security measures required by controllers, enforce access controls, monitor for unauthorized access, respond to security incidents, and maintain audit logs. Clear delineation between data owners, custodians, and users helps establish accountability. Custodians should receive appropriate training, understand privacy requirements, and have defined responsibilities in organizational policies.