In the digital age, data has become a valuable asset that drives decision-making and fuels innovation across industries. As companies increasingly rely on data-driven strategies, the question of data ownership becomes a critical point of discussion. The two primary stakeholders involved in this debate are the IT department and the business stakeholders. Each group has a unique perspective and set of responsibilities when it comes to data, but who should hold the reins of data ownership? In many cases, we find data ownership is missing within organizations.
Cases where the data ownership battle arises:
In the Medical sector:
A hospital system suffers a data breach because sensitive patient information was not properly classified or secured. The absence of clear data ownership results in a lack of accountability for data security, leading to breaches that compromise patient confidentiality and violate regulations. This can result in hefty fines and loss of patient trust.
In the Financial sector:
Employees at an accounting company created millions of unauthorized bank and credit card accounts without customers' knowledge or consent. Poor data governance practices and a lack of clear data ownership allowed low-quality data and unethical practices to go unchecked. Such a scandal can result in significant financial penalties and settlements.
What do we mean by data ownership?
In the context of data governance, data ownership refers to the assignment of responsibility and accountability for specific data assets to individuals or teams within an organization. Data owners are typically responsible for ensuring the quality, integrity, security, and proper use of the data. They play a crucial role in data governance policies and procedures to manage data effectively throughout its lifecycle.
The age-old battle: Business vs IT
We find that in practice, establishing ownership around data proves to be a big challenge. Business stakeholders argue that IT should have ownership of data because they are the ones who manage, maintain, and cleanse the data. Their opinion is that data, in its raw form, may not be useful unless cleansed and transformed by IT teams. While IT emphasize that they manage and secure the data, but the ownership should fall under the responsibility of the business, as they the ones who generate, analyse, and leverage the data to drive value for the organization.
Although Data ownership is often a point of conflict between business and IT departments, it can be a point of connection under a governance model. Let’s delve deeper into the typical responsibilities and activities IT and business have in relation with data:
Business Stakeholders:
They are responsible of defining the data requirements and strategies. The Business determine which data is needed in a business process to ensure that the decision-making process is based on high-quality, well-maintained data.
Business stakeholders as the business owners set clear standards and polices to achieve a high level of data quality aiming for consistency and accuracy across all data sets. Data validation processes are implemented as well to confirm that all required standards are met.
Business owners are also responsible of ensuring that data practices adhere to relevant laws and industry regulations by implementing data governance policies.
By taking ownership of these responsibilities, business leaders can ensure that data governance practices not only comply with regulatory standards and mandates but also support the organization's strategic goals and enhance its competitive advantage.
IT Departments:
IT departments are the guardians of data infrastructure and play a vital role in ensuring data security, integrity, and accessibility including the implementation of access controls to protect against unauthorized access and data breaches. They are responsible for managing databases, implementing data governance policies, and maintaining data backups to prevent data loss and guarantee recoverability.
IT departments also ensure that the technical aspects of data management adhere to regulatory requirements. They supply technical solutions assisting in the successful implementation of data governance policies. They optimize systems and processes to enhance performance and aid in reaching organization’s needs efficiently.
The solution to end the battle:
While the perspectives of IT and business may appear divergent, a collaborative approach is essential to resolve the data ownership dilemma. Here are some strategies to establish peace:
Data Governance Framework:
Establish a well-defined data governance framework that involves both IT and business stakeholders. This framework should outline the roles and responsibilities of each department, ensuring that data is managed securely while being accessible for business needs.
Framework Design Principles:
Collaborative Development:
The framework should be developed with input from both IT and business units. This collaboration ensures that the framework is comprehensive and covers all aspects of data management, from security to accessibility.
Clarity in Data Ownership:
Clearly define data ownership within the organization. While IT might administer the infrastructure, business units should oversee specific datasets, responsible for their correct usage in business processes.
Flexibility and Scalability:
The framework must be flexible enough to accommodate the changing nature of data and technology. It should be scalable to handle increasing amounts of data and more complex regulatory requirements as the organization grows.
Data Literacy:
Promote open communication and provide data literacy training to business users, enabling them to handle data responsibly and make well-informed decisions.
Different Roles:
Data Owner role:
This role is typically assigned to senior-level management or department heads who have broad responsibility for specific sets of data within the organization. The Data Owner is responsible for the quality, integrity, and security of the data, and ensures that it is used appropriately across the organization to meet business objectives.
Data Steward role:
Appoint data stewards who will act as links between IT and Business. They can ensure that data is managed appropriately and used in compliance with the regulations and organizational policies.
Data Custodian role:
The IT department acts as the data custodian, responsible for the technical aspects of data storage, backup, and protection. They implement encryption, access controls, and monitor for any security breaches.
In conclusion, in the debate over data ownership, ultimately, ownership around data lies with business stakeholders, not IT. It is crucial to recognize the complementary roles played by both IT and business stakeholders. In the end, everyone wants what’s best for the organization. IT departments want to keep everything safe and well-maintained and business stakeholders want to provide prompt value using the data. Promoting collaboration among all departments will create a stable environment with the potential of growth capitalizing on the data assets.
Data Governance; the peacekeeper ending the tug-of-war:
In a Bank with a successful data governance implementation, the sales data might be owned by the Head of Sales. A data owner responsible for ensuring the data collected from various sales channels is accurate, timely, and secure. They work with Data Stewards to enforce data governance policies and organizational and governmental regulations and collaborate with Data Custodians to ensure the data is stored securely, backed up, protected, and monitored against any threats. Finally, as a result of this collaboration, data analysts can ensure the data is used effectively for business insights and strategy development.
As organizations navigate their way through their data journey, action must be made for them to keep up with the race. And by action, we mean it all starts with the development and implementation of a Data Governance Framework, establishing the role of Data Owners and elevating Data Literacy across the organization. Finally, the only winner of the data battle would be a growing successful organization.
Written by Abdulrahman Alrazaz Any questions? Feel free to reach out to abdulrahman.alrazaz@keyrus.com