How Strong Is Your Data Governance?

By: Margaret Harrist

While 2014 appeared to be the Year of the Data Breach, 2015 - 2016 could shape up to be the Year of the Personal Data Governance Scandal. Even if you never suffer a third-party data breach, you may find yourself inadvertently misusing data unless you get your data governance policies under control.

Why? Because your business is quickly becoming a big data business in one way or another. Yet many organizations have become far more focused on collecting and storing data than they have been at deciding who can access it, how they can use it, and under what circumstances. And even companies that don’t yet have the technology or business processes in place to analyze and use customer information are more likely to hold on to data that they might not have retained the past.

This is occurring because big data technologies enable businesses to combine and leverage a wider range of data stores than ever before—including data that previously wasn’t considered relevant or useful. Now they might combine data from a variety of sources, commingling data in unprecedented ways to gain new insights into customers, the market, internal operations, and more. For example, retailers might combine customers’ purchase histories, social media posts, and loyalty program activities to provide personalized offers to customers via mobile devices when they walk by that store in the mall.

But have you considered whether you have the right to use personal information collected for one purpose in a new and different way? In Europe, for example, “personal information can only be processed if the subject has given permission, and not if it is used in a way that consumers could not have anticipated. It should also be accurate, up-to-date, and not kept for any longer than necessary,” noted Mark Say in a recent Financial Times article. Meanwhile, President Barack Obama this week proposed a new digital “privacy bill of rights.”

So while millions of people willingly offer personal information to use free social platforms, enter online contests, get discounts, or gain access to information, companies that take in this information need to ensure they have data governance policies and data security technologies in place to address the ever-growing web of data regulations that governments around the world are implementing.

In the Financial Times article, European Data Protection Supervisor Peter Huntinx said, “If big data operators want to be successful, they should invest in good privacy and data protection, preferably at the design stage of their projects.”

Paul Sonderegger, big data strategist at Oracle, agrees. “Many executives think of data like an ATM receipt. It’s not money. It just tells you about money. But in a big data world full of algorithm-driven products, services, and ways of working, data has its own intrinsic value, on par with money. Raising the stakes even higher, its value is derived from the money customers deposited with the company. Firms should guard it accordingly.”