The quarterly publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/900970
39 WWW.ILTANET.ORG With the expanded use of social media and the increased proliferation of smart devices, data creation numbers have increased exponentially. IBM estimates that 2.5 quintillion bytes of data are created every day, with 90 percent of that data having been created in the last two years. With this rapid acceleration in data creation and advancements in lower-cost tools available to work with large datasets, we have entered a new era commonly referred to as big data. Data rules the day and the enterprise, but do we have the foundation to effectively govern all of this enterprise data? What Is Data Governance? Once data is created or obtained, who can access it? For what purposes can it be accessed? Where does it reside? Where should it reside? When can it be destroyed? Who makes these decisions, and how are they communicated to the rest of the enterprise? Traditional data governance models create a means of puing a structure around the people, policies and procedures necessary to manage ever-increasing amounts of data. Traditional models rely on a standard information life cycle in which data is created, used, maintained and disposed. All of those questions have to be asked and answered by someone at each stage in the life cycle. Governance models must identify a responsible party—a stakeholder. The stakeholders are then charged with certain responsibilities to ensure that the information is secure and managed as a business asset in compliance with all federal, state and local laws. The typical group of stakeholders includes Records and Information Management, Legal, Compliance, Risk, Information Technology and Information Security departments. These stakeholders' responsibilities are often carried out independently of one another. IT handles IT and information security-related issues such as data access and management. Legal counsel reviews and advises on laws and potential regulatory concerns. Records managers classify and maintain the records. Each group adopts its own sets of policies and procedures. Achieving Sustainable Data Governance FEATURES Aempts to bring these parties together in a collaborative manner are oen fraught with challenges over how to convene such a large group with different areas of knowledge and varying levels of ownership of the governance process. Although this is a well-established framework, those most affected by governance decisions are oen the least likely to even know it exists or understand how it impacts daily work. The good news is that data governance need not be complicated. Although traditional data governance primarily focuses on stakeholders, the most important data actor is the enterprise professional. Every day, the enterprise professional makes decisions regarding the creation, use, sharing and disposition of data. The goal is to create an environment in which these professionals feel empowered to execute their roles confidently in this data-saturated culture. The first question then becomes, are the professionals in the enterprise equipped with the knowledge to ensure that they are interacting with data in a responsible manner? Simply put, are we cultivating data stewards? Before we deal specifically with data stewards, let us step back and identify key questions that form the foundation of simplified data governance. Simplified Governance Equals Sustainable Governance You can create myriad frameworks and models, but data governance boils down to asking and answering six questions in three categories: » Who: Who decides what must be governed? Who creates the directives we must follow? Key players are defined by their natural roles in the organization. Management, subject-maer experts and the broader pool of enterprise professionals serve as the "who." Under the direction of leadership, the subject-maer experts (legal, IT, risk and compliance) decide what data must be governed and how the data must be governed. They then create directives that are clear enough for the enterprise professional to follow. Enterprise SHANNON HARMON Shannon Harmon is an Illinois and Tennessee licensed attorney. Her current public sector role includes counseling on IT matters, drafting, review and negotiation of contracts and buildout of the citywide information governance program. Contact her via LinkedIn at www. linkedin.com/in/onsjh. According to a University of California at Berkeley 2003 "How Much Information" report, researchers estimated that each of the 6.3 billion individuals in the world's population created approximately 800MB of information annually. Although traditional data governance primarily focuses on stakeholders, the most important data actor is the enterprise professional.