Crucibles of creativity: The future of university libraries
Q&A with Dr Nick Barratt, Director of Senate House Library Firstly, could you explain how have university libraries changed […]
The first step to designing a new data governance structure – or to improving current procedures – is to undertake a proper audit of all information in the business. How much information being kept should be kept? What is Redundant Outdated or Trivial? How much is just data “noise” in an overflowing database that slows down reports? What is the quality of the information at your fingertips? Understanding your assets is the first step to planning how to both mine and protect them.
The very basis of a good data and information policy lies in knowing whether a document should be designated as a record.
This one decision, often made out of the sight of the CEO, sets the tone for everything that follows.
Having clear and consistent guidelines to help staff classify a record is crucial. If manually declaring records. Classifying every bit of information as a record would be expensive and unnecessary. Filtering out the junk – the “data noise” – makes a company more efficient.
Training staff at every level in how to avoid data breaches – and understanding the threats – leads to good data governance. It is estimated that 80 percent of data breaches stem from human error. There will be soon be fines of up to four percent of global turnover for breaching data regulations – and strict guidelines on reporting breaches quickly. Who will be in charge of reporting in your business?
Training in how to classify and value data is vital too; and not only for senior management. It could be somebody very junior who touches information first. Have clear procedures in place for structured records (those stored in a database) and unstructured (information stored locally).
Don’t be afraid to assign ownership of data to individual senior managers in departments that handle records and information; building a strategy and structure for data governance in which responsibilities are clear is vital. There may be too much data in your business for one person to handle every type of information.
Old data policies were often written when there was no social media and when legislation lagged behind technology, so they need to be updated regularly. As data regulation evolves it is vital people in the business take responsibility for keeping pace with it. This may be the CEO, CIO, an information architect, individual managers or even an outsourced company, but it is a vital role. Staying ahead of the game protects companies from breaches and turns information into assets.