Data Governance: Be at peace with regulations
At the beginning of this millennium, data is the new trump card. No company can ignore the fact that it is a crucial strategic asset – whether it be global business data, specific to all structures (accounting, finance, customer data, etc.) or data specific to business areas (processes, technical diagrams, etc.). As Big Data becomes more widespread, this strategic asset must meet ever-increasing regulatory requirements for its security and use, which is a prerequisite for responsible and compliant data management. A guarantee offered by Data Governance.
What is data mapping?
In order to be used properly, data must conform to specific standards:
- on the one hand, legislation established by the authorities to regulate the collection, processing and use of data;
- on the other hand, the standards specific to the company and its various businesses, with the aim of maintaining a high level of quality for the data circulating internally.
The two issues are closely linked: to adopt national and international regulations, the company must adapt its own standards. In France, the CNIL, in particular, ensures that the individual freedom of the user is respected, allows Internet users to demand the modification or deletion of information, obliges structures to declare their use of the data and to identify by name the person responsible for overall management. At the European level, the General Data Protection Regulation (GDPR), which will apply in May 2018, will affect all companies that collect, store and process data. Other sector-specific regulations (in banking or insurance, for example) require major changes internally.
These few examples give an idea of the problem: in terms of regulatory compliance, changes must be constant rather than ad hoc. It must be done in anticipation rather than waiting for enforcement or even until it is too late.
The virtues of Data Governance
The problem, therefore, is not the identification of the data on entry, but its traceability and the conformity of its use at each stage of its circulation in the company. The risk is an unauthorized use, an insufficient level of security or possible internal deterioration, and the loss of user confidence at the end of the chain – due to non-compliance with regulations. Data Governance helps to secure and equip them to deal with this problem, this risk.
Without being exhaustive, a Data Governance policy allows the company to:
- the definition of the regulatory framework around each piece of data;
- the definition of rules for securing, storing and preserving data;
- the authorized operating framework;
- the traceability of internal data use.
Data Governance ensures that companies treat data assets in accordance with the rules – those of the legislator, as well as those that apply internally – at every stage of their lifecycle. It ensures traceability of data throughout its life cycle. And it also initiates a process of evolution within the company, aimed at offering each employee the same tools and knowledge to access and use data efficiently. As long as the success factors are taken into account – involving all employees, opening up to knowledge sharing, establishing a culture of good data management – Data Governance enables companies to respond to the requirements of regulators and to the growing concerns expressed by users. It also gives them the chance to stay one step ahead of future regulations.