Data governance gone bad… and how to get it right!
Nov 6, 2014
Earlier this week, a large Dutch insurance company got itself into the national headlines after mixing up sensitive customer data. By mistake, over 2,500 participants in a large-scale medical research received an e-mail with information that was intended for other participants.
“In creating and handling the data, we made a mistake. This way we accidentally coupled the wrong information to the e-mail addresses of the research participants”.
According to the insurance company, this was a “human error’’, and not an error in the organization’s system, which was tested extensively. The company regrets the incident, “especially because we value careful handling of data to a great extent”. A special telephone number has been issued by the insurance company to answer the questions of all the victims of the course of events. An expensive matter!
But how do we get this right? How can we reduce or even prevent human error in managing the data in our organizations?
First, organizations need to be aware of the importance of information. As John Ladley states:
“The 21st century business features information as fuel” (2010, Making EIM Work for Business)
If information is subject to improper treatment, your organization is at risk! Fuel can be volatile. Fuel can explode. Although organizations are often stocked with valuable data, managing data as if it was fuel is still an underexposed discipline. Data Management is all about managing data as an asset. It is a broad discipline that supports the development and use of data throughout the enterprise.
So how can we get ahead and start treating our data in better ways, as to prevent a data explosion? The answer can be found in the prevention of large scale disasters: set up a protocol! In data management, this protocol is called Data Governance.
In this blog, we will elaborate on and stress the importance of Data Governance. As the figure on the left below illustrates, data governance is an integral aspect of data management, dealing with technical issues such as database operations management or business issues such as data quality management.
Data Governance at the center of Data Management
Functional perspective upon Data Management
Source: DAMA Data Management Body of Knowledge (DMBOK)
Data Governance
The DAMA Data Management Body Of Knowledge (DMBOK) defines Data Governance as “The exercise of authority and control (planning, monitoring and enforcement) over the management of data assets”. Data Governance is a system of decision rights and accountabilities for information-related processes, executed according to agreed-upon models which describe who can take what actions with what information, and when, under what circumstances, using what methods. Governed data is data that is trusted and understood and for which someone is accountable; for both the data itself and for addressing issues about data.
According to Ladley, Data Governance is not a function performed by those who manage information. This means there must always be a separation of duties between those who manage and those who govern.
The Data Governance “area” identifies required controls, policies, and processes, and develops rules. Information managers (essentially everyone else) adhere to the rules. (John Ladley, 2012-11-07, Data Governance: How to Design, Deploy and Sustain an Effective Data Governance Program; Elsevier Science)
Ideally, data governance should lead to ‘governed’ data, which is basically data that is trusted and understood. For example: rules for creation and usage of data elements ensure that data is stored and found in one place. The case we introduced at the start of this blog, illustrates that ‘governed data’ is still a challenge!
Principles, policy and standards
On top of this ‘rules spectrum’, we see principles. We know principles from other disciplines such as Enterprise Architecture. Principles are statements of philosophy, similar to “the bill of rights”. In Data Management, principles are at the heart of effective governance. Principles can be translated to policy. In fact, the real essence of policy is that it is a codification of principles. Standards are a type of policy, or even a characteristic of a particular policy, such as data naming standards or data quality standards. Standards are important to governance, as they set the rules for enforceable processes.
Data stewardship
Data Stewardship is an approach to Data Governance that formalizes accountability for managing information resources on behalf of others and for the best interests of the organization. Deploying data stewards in your organizations is essential for successful data governance, as explained by Analise Polsky.
Where should I start?
Accepting the definition of information as fuel and an asset means you agree to track it. Inventory it. Assign rigid and at times unmerciful accountability for its accuracy and use.
For data professionals, we propose a pragmatic, incremental three-step approach:
By using the BiZZdesign Data Management Maturity Scan, organizations can get a proper assessment of the maturity of their Data Management capability. Here, we combine both the (earlier introduced) data management disciplines and functional perspectives upon data management to provide organizations with valuable insights in the ‘data challenges’ they are currently facing.
