“Everything we do in the digital realm—from surfing the Web to sending an e-mail to conducting a credit card transaction to, yes, making a phone call—creates a data trail. And if that trail exists, chances are someone is using it…or will be soon enough.”
Douglas Rushkoff, author of Throwing Rocks at the Google Bus
I was recently talking to a renowned archivist and professor at the Université de Moncton in Canada and we had a lively discussion on data governance in growing companies and the importance of the triangle made up of people, process, and technology.
What does data governance mean and why is it becoming more and more important?
Data governance is a process to ensure data meets precise standards and business rules as it is entered into a system. Data governance enables businesses to exert control over the management of data assets. This process encompasses the people, process, and technology that is required to ensure that data is fit for its intended purpose.1
There are dozens of regulations in place to protect consumer data and privacy. Some of the more common include: HIPAA, PCI DSS (Payment Card Industry Data Security Standard), and the California Consumer Privacy Act. The latest example is GDPR. When that went into effect last year, I remember reading the notice from the European Union General Data Protection Regulation organization, “This regulation will fundamentally reshape the way data is handled across every sector, from healthcare to banking and beyond.”2
What seems to be happening is more regulation and more headaches for companies who need to keep up with all the compliance mandates. To achieve this, many organizations are required to have formal data management processes in place to govern their data throughout its lifecycle.
Microsoft®, as a well-known example, has created its Azure Compliance Manager where Microsoft specialists work to structurally collect and organize data in a way that respects major regulations. The goal is that their larger customers can rely on the Microsoft framework to assist with their data governance.
But what about small- to mid-sized businesses who may not be able to afford an extensive data governance system? In Part 2 of this blog series I’ll answer that question and look ahead to Part 3 where I’ll examine how the Yooz AP automation platform simplifies data governance for many of these companies using consistent reporting of financial data.
Until then, let’s go back to the beginning of this blog and start with the people, processes, and technologies for a holistic approach to data governance.
People: Define who in your organization will be responsible for the data assets—the data owners. This team will be accountable for the quality of the data and support data quality and compliance activities and initiatives company-wide.
Process: First, understand what regulations your organization needs to comply with and build your data governance processes around those requirements. Include how data will be stored, moved, changed, accessed, and secured. Put in place control, audit, and monitoring processes—especially important for compliance in highly- regulated industries. This is where frameworks are critical.
Technology: Leverage solutions that will help you achieve your governance initiatives. Examples include technology that allow you to enforce business rules, monitoring and reporting software, and data quality solutions.