Tag: data governance GDPR

Categories
erwin Expert Blog

Data Governance Tools: What Are They? Are They Optional?

Data governance tools used to occupy a niche in an organization’s tech stack, but those days are gone.

The rise of data-driven business and the complexities that come with it ushered in a soft mandate for data governance and data governance tools.

Data governance refers to the strategic and ongoing efforts by an organization to ensure that data is discoverable and its quality is good. It is also used to make data more easily understood and secure.

The technology that makes end-to-end data governance possible includes data cataloging, data literacy, business process modeling, enterprise architecture and data modeling.

Research indicates business leaders recognize the need for data governance tools. In fact, 98 percent of participants in erwin’s “2018 State of Data Governance Report” consider data governance either “important” or “critically important” to their organizations.

Over the years, organizations have faced a number of challenges pointing to the need for data governance tools, including:

  • the increasing volume, variety and velocity of data (the “three Vs”)
  • the potential revenue that well-governed data can drive
  • the employees and systems responsible for data, diversifying (or, data democratization)

Additionally, the unprecedented industry disruption of such data-driven companies as Airbnb, Netflix and Uber demonstrates the benefits of well-governed data.

Such examples were persuasive and pervasive, leading to the rise of data governance adoption.

Data Governance Tools

Data Governance Tools for Regulatory Compliance

In recent years, hard mandates for data governance also have increased.

In the United States, the Health Insurance Portability and Accountability Act (HIPAA) requires organizations in the healthcare space to protect the privacy and security of certain health information.

Other highly regulated industries, like financial services, also face strict data privacy mandates, including those from the Basel Committee on Banking Supervision (BCBS) and the Financial Industry Regulatory Authority (FINRA).

Now new, industry-agnostic regulations such as the General Data Protection Regulation (GDPR) and the forthcoming California Consumer Protection Act (CCPA) leave little room for data-driven businesses to operate without data governance.

So it’s not surprising that the “2018 State of Data Governance Report” revealed regulatory compliance to be the leading driver in data governance adoption.

Data Governance Tools and Data Ethics

Customer trust/satisfaction is also a key driver for data governance. Given the landscape of modern business – in which data breaches make big and lasting news – this this is also not a surprise.

Fines levied against both Facebook and Google earlier this year are a reminder that regulators are serious, and the fines can be serious also.

But even without penalties from regulatory bodies, the cost of poor data governance is still huge.

IBM’s annual “Cost of a Data Breach” report found that the biggest cost of a data breach to an organization is a loss of business. It also found that, on average, a data breach can cost a business a staggering $3.9 million.

And perhaps more worrisome is that those figures are increasing. Costs have risen by 12 percent during the last five years.

It’s not just breaches. The prominence of data-related stories in the news is leading more and more people to be skeptical of how their personal data is handled.

Because of this, organizations with good data governance can make data ethics part of their brand. Some organizations are even beginning to hire “data ethicists” – employees dedicated to overseeing data ethics.

As the use cases for data-driven tech, such as AI, grow, you can expect the calls for ethical data practices to grow too.

Data Governance Tools Aren’t Optional

Considering the revenue potential, regulatory mandates and data-conscious consumers, a comprehensive data governance practice supported by robust data governance tools should no longer be seen as optional.

But what’s the best way to set up and sustain a data governance program?

Data Governance 1.0 was an isolated domain, managed by IT so it largely disconnected from the wider enterprise.

As data and the responsibilities for discovering, understanding and using it for strategic decision-making have become more democratized, a new approach for IT and business collaboration has taken hold.

Data Governance 2.0, as defined by Forrester, is as “an agile approach to data governance focused on just enough controls for managing risk, which enables broader and more insightful use of data required by the evolving needs of an expanding business ecosystem.”

At erwin, we believe in this approach and have incorporated it into what we refer to as the erwin Enterprise Data Governance Experience – or the erwin EDGE, for short.

The erwin EDGE empowers organizations with visibility and control over their data, both at rest and in motion.

It enables enterprises to plan and document how they will discover and understand their data within context, track its physical existence and lineage, and maximize its security, quality and value. It also helps organizations operationalize these steps.

Therefore the speed and quality of the data pipeline increases. Of course, metadata management is at the heart of any data governance initiative.

Gartner Magic Quadrant Metadata Management

Categories
erwin Expert Blog

Google’s Record GDPR Fine: Avoiding This Fate with Data Governance

The General Data Protection Regulation (GDPR) made its first real impact as Google’s record GDPR fine dominated news cycles.

Historically, fines had peaked at six figures with the U.K.’s Information Commissioner’s Office (ICO) fines of 500,000 pounds ($650,000 USD) against both Facebook and Equifax for their data protection breaches.

Experts predicted an uptick in GDPR enforcement in 2019, and Google’s recent record GDPR fine has brought that to fruition. France’s data privacy enforcement agency hit the tech giant with a $57 million penalty – more than 80 times the steepest ICO fine.

If it can happen to Google, no organization is safe. Many in fact still lag in the GDPR compliance department. Cisco’s 2019 Data Privacy Benchmark Study reveals that only 59 percent of organizations are meeting “all or most” of GDPR’s requirements.

So many more GDPR violations are likely to come to light. And even organizations that are currently compliant can’t afford to let their data governance standards slip.

Data Governance for GDPR

Google’s record GDPR fine makes the rationale for better data governance clear enough. However, the Cisco report offers even more insight into the value of achieving and maintaining compliance.

Organizations with GDPR-compliant security measures are not only less likely to suffer a breach (74 percent vs. 89 percent), but the breaches suffered are less costly too, with fewer records affected.

However, applying such GDPR-compliant provisions can’t be done on a whim; organizations must expand their data governance practices to include compliance.

GDPR White Paper

A robust data governance initiative provides a comprehensive picture of an organization’s systems and the units of data contained or used within them. This understanding encompasses not only the original instance of a data unit but also its lineage and how it has been handled and processed across an organization’s ecosystem.

With this information, organizations can apply the relevant degrees of security where necessary, ensuring expansive and efficient protection from external (i.e., breaches) and internal (i.e., mismanaged permissions) data security threats.

Although data security cannot be wholly guaranteed, these measures can help identify and contain breaches to minimize the fallout.

Looking at Google’s Record GDPR Fine as An Opportunity

The tertiary benefits of GDPR compliance include greater agility and innovation and better data discovery and management. So arguably, the “tertiary” benefits of data governance should take center stage.

While once exploited by such innovators as Amazon and Netflix, data optimization and governance is now on everyone’s radar.

So organization’s need another competitive differentiator.

An enterprise data governance experience (EDGE) provides just that.

THE REGULATORY RATIONALE FOR INTEGRATING DATA MANAGEMENT & DATA GOVERNANCE

This approach unifies data management and data governance, ensuring that the data landscape, policies, procedures and metrics stem from a central source of truth so data can be trusted at any point throughout its enterprise journey.

With an EDGE, the Any2 (any data from anywhere) data management philosophy applies – whether structured or unstructured, in the cloud or on premise. An organization’s data preparation (data mapping), enterprise modeling (business, enterprise and data) and data governance practices all draw from a single metadata repository.

In fact, metadata from a multitude of enterprise systems can be harvested and cataloged automatically. And with intelligent data discovery, sensitive data can be tagged and governed automatically as well – think GDPR as well as HIPAA, BCBS and CCPA.

Organizations without an EDGE can still achieve regulatory compliance, but data silos and the associated bottlenecks are unavoidable without integration and automation – not to mention longer timeframes and higher costs.

To get an “edge” on your competition, consider the erwin EDGE platform for greater control over and value from your data assets.

Data preparation/mapping is a great starting point and a key component of the software portfolio. Join us for a weekly demo.

Automate Data Mapping

Categories
erwin Expert Blog

Top 7 Data Governance Blog Posts of 2018

The driving factors behind data governance adoption vary.

Whether implemented as preventative measures (risk management and regulation) or proactive endeavors (value creation and ROI), the benefits of a data governance initiative is becoming more apparent.

Historically most organizations have approached data governance in isolation and from the former category. But as data’s value to the enterprise has grown, so has the need for a holistic, collaborative means of discovering, understanding and governing data.

So with the impetus of the General Data Protection Regulation (GDPR) and the opportunities presented by data-driven transformation, many organizations are re-evaluating their data management and data governance practices.

With that in mind, we’ve compiled a list of the very best, best-practice blog posts from the erwin Experts in 2018.

Defining data governance: DG Drivers

Defining Data Governance

www.erwin.com/blog/defining-data-governance/

Data governance’s importance has become more widely understood. But for a long time, the discipline was marred with a poor reputation owed to consistent false starts, dogged implementations and underwhelming ROI.

The evolution from Data Governance 1.0 to Data Governance 2.0 has helped shake past perceptions, introducing a collaborative approach. But to ensure the collaborative take on data governance is implemented properly, an organization must settle on a common definition.

The Top 6 Benefits of Data Governance

www.erwin.com/blog/top-6-benefits-of-data-governance/

GDPR went into effect for businesses trading with the European Union, including hefty fines for noncompliance with its data collection, storage and usage standards.

But it’s important for organizations to understand that the benefits of data governance extend beyond just GDPR or compliance with any other internal or external regulations.

Data Governance Readiness: The Five Pillars

www.erwin.com/blog/data-governance-readiness/

GDPR had organizations scrambling to implement data governance initiatives by the effective date, but many still lag behind.

Enforcement and fines will increase in 2019, so an understanding of the five pillars of data governance readiness are essential: initiative sponsorship, organizational support, allocation of team resources, enterprise data management methodology and delivery capability.

Data Governance and GDPR: How the Most Comprehensive Data Regulation in the World Will Affect Your Business

www.erwin.com/blog/data-governance-and-gdpr/

Speaking of GDPR enforcement, this post breaks down how the regulation affects business.

From rules regarding active consent, data processing and the tricky “right to be forgotten” to required procedures for notifying afflicted parties of a data breach and documenting compliance, GDPR introduces a lot of complexity.

The Top Five Data Governance Use Cases and Drivers

www.erwin.com/blog/data-governance-use-cases/

An erwin-UBM study conducted in late 2017 sought to determine the biggest drivers for data governance.

In addition to compliance, top drivers turned out to be improving customer satisfaction, reputation management, analytics and Big Data.

Data Governance 2.0 for Financial Services

www.erwin.com/blog/data-governance-2-0-financial-services/

Organizations operating within the financial services industry were arguably the most prepared for GDPR, given its history. However, the huge Equifax data breach was a stark reminder that organizations still have work to do.

As well as an analysis of data governance for regulatory compliance in financial services, this article examines the value data governance can bring to these organizations – up to $30 billion could be on the table.

Understanding and Justifying Data Governance 2.0

www.erwin.com/blog/justifying-data-governance/

For some organizations, the biggest hurdle in implementing a new data governance initiative or strengthening an existing one is support from business leaders. Its value can be hard to demonstrate to those who don’t work directly with data and metadata on a daily basis.

This article examines this data governance roadblock and others in addition to advice on how to overcome them.

 

Automate Data Mapping

Categories
erwin Expert Blog

The Top 6 Benefits of Data Governance

It’s important we recognize the data governance benefits (DG) beyond General Data Protection Regulation (GDPR) compliance.

Data governance is mandatory for GDPR, so the incentive in implementing it before the May 2018 deadline is clear. However, the timeline’s pressures could also be viewed as somewhat of a double-edged sword.

On the one hand, introducing a mandate shines a spotlight on a practice many businesses have neglected. A First San Francisco Partners (FSFP) study found that only 47.9% of respondents have a DG program in place.

We are beginning to see the shift, though. The FSFP study also found that 29% of businesses are in the early stages of a DG roll-out, with an additional 19% at the research and planning stage.

The sword’s other edge is that much of this swing is reactionary, encouraged by the fast-approaching GDPR deadline.

By introducing a mandate for data governance on a timeline, many businesses will be tempted to do the bare minimum just to meet the standards for compliance.

Unfortunately, that means the following data governance benefits will be left on the table.

Data Governance

Data Governance Benefits

Better Decision-Making

One of the key benefits of data governance is better decision-making. This applies to both the decision-making process, as well as the decisions themselves.

Well-governed data is more discoverable, making it easier for the relevant parties to find useful insights. It also means decisions will be based on the right data, ensuring greater accuracy and trust.

Operational Efficiency

Data is incredibly valuable in the age of data-driven business. Therefore, it should be treated as the asset it is.

Consider a manufacturing business’ physical assets, for example. Well-run manufacturing businesses ensure their production-line machinery undergoes regular inspections, maintenance and upgrades so the line operates smoothly with limited down-time.

The same approach should apply to data.

Improved Data Understanding and Lineage

Data governance is about understanding what your data is and where it is stored. When implemented well, data governance provides a comprehensive view of all data assets.

It also provides greater accountability. By assigning permissions, it is far easier to determine who’s responsible for specific data.

Greater Data Quality

As data governance aids in discoverability, businesses with effective data governance programs also benefit from improved data quality. Although technically two separate initiatives, some of their goals overlap.

These include, but are not limited to, the standardization of data and its consistency. One way to clearly differentiate the two programs is to consider the questions posed by each field.

Data quality wants to know how useful and complete data is, whereas data governance wants to know where the data is and who is responsible for it.

Data governance improves data quality, because answering the latter makes it easier to tackle the former.

Regulatory Compliance

As mentioned in the introduction, if you haven’t yet adopted a data governance program, compliance is perhaps the best reason to do so. Hefty fines with an upper limit of €20 million or 4% or annual global turnover – whichever is greater – are nothing to baulk at.

That said, GDPR fines are only incentivising something you should already be keen to do. Data-driven businesses that aren’t enjoying the aforementioned benefits are fundamentally stifling their own performance.

It could even be argued that to be truly data-driven, data governance is a must.

Increased Revenue

Driving revenue should, in fact, be higher on the DG benefit list. However, it’s positioned here because the aforementioned benefits cumulatively influence it.

All the benefits of data governance addressed above help businesses make better, faster decisions with more certainty.

It means that less costly errors – in the form of false starts and even data breaches – are made. It means that you spend less money by managing risk, and closing the most vulnerable holes in your business’ security, instead of more money retrospectively, dealing with PR and financial fallout.

What You Need to Do

Considering the benefits and their accumulative real-term value , data-driven organizations can’t afford to leave data governance to IT alone. This is why Data Governance 1.0 has ultimately failed.

But even now, 23% of businesses in the FSFP study said information technology leads their data governance efforts.

In the current climate, this mind-set is inherently flawed. We’ve reached a new business age in which data is considered more valuable than oil. Yet many businesses are still reluctant in treating data with the same care as their physical assets.

This needs to change. If data is indeed this valuable, we need to treat data governance as a strategic initiative.

Data Governance 2.0 involves the entire enterprise, including department heads and C-level executives, who stand to benefit from data insights gained throughout the process.

For more data governance best practices and useful statistics, download our resource: Data Governance Is Everyone’s Business.

Subscribe to the erwin Expert Blog

Once you submit the trial request form, an erwin representative will be in touch to verify your request and help you start data modeling.