Regulations & Data Governance: 6 Keys to Developing an Effective Plan

The bad news: Critics think you have too much data – and they want to turn your “big data” into “medium data.”

The good news: Your data governance plan could be the most important weapon in maintaining how much data you have, along with how you control it all.

Limited Competition

Some analysts and regulators claim if companies are allowed to amass all the data they can, they’ll threaten or eliminate competition in an open market. Rivals who don’t or can’t gather data like big companies will lose ground because they can’t develop competitive products quickly or effectively.

Proponents of more regulation also say current antitrust laws can’t cut the mustard. Existing regulations focus mostly on prices to prevent companies with the most power from limiting products and charging more. But big data has changed that game. Data gives companies competitive advantages regulators aren’t even privy to yet.

From another angle, some proponents say more regulations will protect consumers because companies will continue to gather personal data, putting consumers at a significant risk of privacy breaches.

What’s Not the Problem

Opponents say it’s hogwash. Possessing data doesn’t add up to an advantage. In fact, one study found little evidence that companies with more data than others in their industry had any real advantage with product development.

Why? Companies already collect and sell vast amounts of data. It’s easier than ever for companies and individuals to gather, store, analyze – and unload, if they want – data at little to no cost. Google, Twitter and Facebook alone offer analytic tools for their vast array of data. For a price, they’ll help any company gather, analyze and act on specific data points.

As far as privacy goes, opponents of regulating more data say consumers and the Federal Trade Commission (FTC) will drive this trend. Consumers are already willing to share large amounts of personal data for free services they want, and they will object when its misused. That’s where the FTC has come in, handling misuse on a case-by-case basis.

What You Can Do

Effective data governance will help build the best case against more regulations. Companies that gather, store and use data securely and responsibly prove to the doubters that self-regulation is effective enough.

Here are six best practices to protect your data from threats:

  1. Know what you need to protect. Not every bit of information is worthy of protection under your data governance plan. But it’s vital to closely protect customer data, including transaction and account records, profiles, Social Security numbers and payment information, company proprietary information (such as financial records), trade secrets and marketing plans, and employee records.
  2. Keep it safe at all points of entry and movement. Monitor sensitive data where it’s gathered and handled on servers, in the cloud, on mobile devices, in email and on any other channels.
  3. Encrypt and alert. The most important information should be encrypted at rest and in transit. Create alerts for when anyone attempts to touch that data.
  4. Limit access. It’s equally important to require credentials to access data and cut access as soon as its security is compromised.
  5. Set, communicate and enforce privacy policies. Create policies that govern the kind of data employees must share, and can access and control. Most of these guidelines will fall under your human resources policies, so you’ll want employees to read and sign off on them when they’re hired. Also, review and get updated signatures annually. As far as privacy policies that affect customers and their data, put those on your website, and invite customers to review them via an email or snail mail message each year.
  6. Prepare for loss. Employees and contractors need to know how to report suspected data loss or breaches immediately. Have a special team trained and ready to respond quickly to 1) contain and prevent more harm; 2) notify employees, customers and stakeholders; 3) handle any legal obligations, such as regulatory notifications; and 4) improve safeguards.

Selecting The Right BI Vendor:
The Ultimate Guide

Choosing a BI vendor is all about finding the right fit. Our exclusive report will walk you through the process and help you select the perfect solution.Download Now

Speak Your Mind