The NCAA now recommends that schools establish who owns data from performance technologies, where and how it is stored, who has authority to access it, and how it is permitted to be used.
Beyond ownership, schools are now expected to develop a written plan covering how athlete performance data will be managed and protected, how decisions around new technologies will be made, and how the programme will approach continuous improvement.
For athletic departments currently using STATSports Sonra Cloud, these recommendations describe functionality that has been standard for years now. For those evaluating their options, the timing is worth paying attention to.
Data Governance Isn’t a New Problem, But It Is A New Priority.
The NCAA’s guidance reflects something performance staff in elite sport already know: athlete data is sensitive, and the way it’s handled matters. Who can see it, where it lives, how it moves between departments, and how long it’s retained are no longer questions programmes can leave unanswered.
The new NCAA guidance signals increased attention to data privacy and transparency around how performance data is collected and used, bringing greater accountability and structure to technology decisions for athletic departments.
Sonra Cloud was designed around exactly these requirements. Every element the NCAA is now asking programmes to formalise — ownership, access control, security, consistency — is already embedded in how the platform works.
Security Built to an Auditable Standard
Sonra Cloud operates under ISO 27001 compliance, maintained through regular penetration testing. For compliance officers and legal teams now working through a formal technology review against the NCAA’s new written plan requirement, that certification is a meaningful, auditable baseline — not a marketing claim.
Data is calculated and stored centrally on Sonra Cloud, with no need to export, edit, or reformat before reporting.
Every user across a programme works from the same reporting templates, which removes the inconsistency risk that comes with decentralised, manually managed data.
Tiered user access levels give institutions precise control. Athletic directors, sports scientists, head coaches, medical staff, and S&C coaches can each be assigned read-only or read-and-edit permissions based on their role. The right people see the right data. Nobody else does.
A Platform Structure That Mirrors How NCAA Programmes Actually Operate
One of the more practical challenges in collegiate athletics is managing athlete data across multiple sports, squads, year groups, and disciplines — often across entirely different coaching and medical staff.
Sonra Cloud’s architecture was built for exactly this. A single program can manage multi teams within one environment.
Players move between squads without duplication of profiles, meaning longitudinal data follows the athlete across their entire collegiate career.
For programmes managing rosters across football, soccer, lacrosse, or any other sport, the Federation Structure extends that logic further — giving programme-wide administrators full visibility while club-level staff retain control within their own environment.
This isn’t just structural tidiness. It directly addresses what the NCAA is now asking: that programmes know where their data lives, who can access it, and how it flows within and between departments.
What It Looks Like in Practice
The Sonra Web App, included as part of Sonra Cloud, gives authorised users access to performance data on any device, through a secure browser-based URL.
Drill Management, Player Management, and Reporting are all accessible based on user permissions — meaning a head coach can pull a session summary on a tablet in the coaches’ box, while a sports scientist reviews the same session in detail back at the facility.
There’s no manual upload step. There’s no version control issue. Everyone is working from the same live data set, with the platform handling calculations automatically.
Trusted at the Highest Level
Arsenal’s Head of Sports Science and Performance, Tom Allen, cited the platform’s LITE User access feature specifically — a permission level that allows staff across performance, medical, and technical departments to view data without making manual changes to it. Controlled access, applied across an entire organisation.
The same principle is what the NCAA’s guidance is asking collegiate programmes to implement. Sonra Cloud already delivers it.
Already Proven Across Collegiate Sport
STATSports works with some of the most demanding collegiate programmes in the country — including TCU, the University of Florida, Syracuse, and LSU — across football, basketball, soccer, and lacrosse.
These programmes chose STATSports and Sonra Cloud because they needed a platform that could operate at scale, protect sensitive athlete data, and give multi-disciplinary staff structured, role-appropriate access to performance insights.
The NCAA’s new recommendations don’t create a new problem; rather, they simply formalise one that forward-thinking programmes have already solved.
Ready to Build Your Programme’s Technology Plan?
If your athletic department is now working through the process of building a written performance technology plan, the questions the NCAA is asking you to answer are: who owns your data, where is it stored, who can access it, and how is it protected?
With Sonra Cloud, those answers are already built in.
Share article
