Data governance for data privacy

Data governance for data privacy - series part 2

Every business journal has displayed hyperbolic headlines or similar that proclaims, “The Future Is Digital,” “Technology Has Taken Over Our Lives,” or “Data Is the New Oil.” All these grand statements seemed like exaggerations at the time, but Covid-19 has made these hyperboles a reality. Amazon and Instacart are our new neighborhood grocery stores; we sign onto Zoom or Skype when we crave social interactions or “go” to work.

Our world is almost entirely digital now. In some ways, this is every data citizen’s dream. People of all ages spend their entire days on computers, phones and digital devices. Because of this, we are generating data at unprecedented rates. Organizations are receiving floods of new data to leverage for analysis and insights.

The rises in data volume and velocity mean nothing if you don’t know how to use it properly. Many of the new headlines warn the public about the dangers the digital world places on our privacy. People are afraid that companies are tracking location data to ensure social distancing, sifting through medical data, and accessing our cameras. If a company uses data unethically and privacy is compromised, the public will know about it.  Few will miss a headline with all of our faces glued to the news with notifications popping up every hour.

Privacy concerns hinder the excitement over the downpour of data. Organizations may be concerned about negative press and potential fines from the enforcement of GDPR and CCPA. Data must sit in the right hands and it needs to be protected. Organizations need full visibility over their data, where it sits, who has access to it, and why it’s used. They need data governance. 

In these unprecedented times, data privacy is a concern in every industry in every corner of the world. No organization is immune. This is the time to accelerate a privacy strategy and put it into motion. To do so, organizations need a foundation that puts context, frameworks, and ownership around their data to make compliant data-driven decisions. They need data governance.

What does data governance do?

Data flows incessantly and in many ways, but nearly 60% of enterprise storage capacity is dedicated to accommodating copy data. Data doesn’t reside in just one place. It’s spread across an organization’s various databases, applications, and systems. This makes data difficult to find, understand, and trust.

Governance delivers the context, relationships, lineage, and access data citizens need to make decisions around data. It gives your data meaning. Data governance provides background on where data came from, how it’s used, and how trustworthy it is. Data governance puts processes around your data. For example, if you want the data to be used properly, you need to define the purposes for data usage and implement standards and guidelines. Similarly, if you want to be able to evaluate quality, you need procedures to ensure accuracy and resolve issues, such as false information and data duplication. Data governance is a way to make order out of the chaos brought by a data deluge.

Why is data governance important to data privacy?

To ensure data privacy compliance, you need to know everything about your data. You need to know where it is, why you have it, and how it’s used. And that’s data governance in a nutshell. Let’s consider this scenario: a consumer exercises his right to delete personal information under the CCPA — what questions do you need answers to?

  • How to fulfill the deletion request in 45 days if you don’t know where the data is?
  • Once you’ve found the data, is it an automated or manual process to access it?
  • How do you know who in the organization is using the data and why they’ve been using it?
  • What if you need to keep some of the data to perform transactions?
  • What if you need the data to detect and prevent fraud and other security incidents?
  • What if you’ve exchanged the customer’s data with third parties?

The list of questions and what ifs could be longer than Tolstoy’s War and Peace. But finding the answers doesn’t have to be as dry, confusing, and drawn out as the conversations from the college literature class you were forced into at one point in time. If you have a sufficient data governance foundation, you can answer these questions and respond to the consumer requests quickly. Data governance clarifies the responsibilities, polices, and processes around your data with frameworks and technology. With data governance, you can handle more of these requests and every challenge that comes as the CCPA evolves and new regulations pop up over time.

How should I get started?

Data privacy requires collaboration from every part of the business: from IT to finance, analysts to executives. Your data or data governance team may be strategically positioned to best build the foundation for your company’s privacy program. If you’re on that team, take ownership, lead the charge. Your work matters and benefits every part of your organization. Get the right people in the room because privacy compliance requires coordination and collaboration among multiple teams:

  • Partner with your privacy and compliance teams to know what regulatory requirements impact your organization
  • Get a better understanding of how your business analysts are using the data and what processes they have in place
  • Gain oversight of how data flows in and out of your organization including to third-party vendors

After assembling your core stakeholders and understanding how your organization relies on data, you’ll want to leverage data governance technology to centralize your data assets and information. Some capabilities and features you’ll want to prioritize are

  • Business glossary: a record of the meaning of the data, so all the variations of it can be distinguished and erroneous comparisons eliminated
  • Data quality: the condition of the data and its level of trustworthiness and adherence to policies
  • Roles and responsibilities: the organizational structure that determines who takes responsibility for the care and maintenance of the data
  • Consistent user interface: technology can be confusing, so make sure it’s easy to use and adopt for every part of the business, regardless of their background

Data privacy is important now more than ever, but it doesn’t need to be a scary endeavor. By building a solid foundation of data governance, you can implement a privacy program that can proactively address regulatory challenges today and scale to meet new standards, expectations, and jurisdictions as they emerge and evolve.

More stories like this one

blog EMEA BARC survey
Nov 17, 2020 - 4 min read

How to build a data culture

Read more
Arrow
Oct 30, 2020 - 4 min read

Data quality and data governance: where to begin?

Read more
Arrow
Oct 7, 2020 - 3 min read

How to comply with GDPR

Read more
Arrow