Data management in organizations is often a nightmare. Without structured data governance, we are close to anarchy, with a multiplier effect on the problems: missing data, unavailable, duplicated, incoherent, non-conformed, etc.
In the nineties, the Information and Privacy Commission of Ontario developed the concept of “Privacy by Design.” Its principle is to take into consideration the requirements on personal data from the beginning of a project. Within this frame, the main requirements are those defined by external regulations (e.g., CNIL, GDPR).
Personal data are only a part of the data that are used within an organization. For any data type, the organization must define simple rules, applicable to all, and which must be taken into consideration from the start of a project: a “data governance by design.”
Those rules enable, for example, to answer the following questions:
- What are my rights/my duties as a consumer of that data?
- Are the data defined anywhere? What are the associated rules?
- Do I have to anonymize the personal data? And for which processes?
- Who should I contact in case of a data issue? Who is the data owner?
- What are the data management tools to use? What data repositories (MDM) to use?
- What are the data exchange formats/agreements to use?
Considering those rules from the start of a project is both an accelerator and a key success factor for the transformation to a data-driven organization.