Dun & Bradstreet
Data analysts looking at computer screen in office

eBook

New Data Privacy Laws Require Better Data Governance

A data governance program can help your company adjust to the proliferation of new data regulations.

The responsibilities related to obtaining, processing, managing, using, sharing, and safeguarding data are becoming ever more complex. New laws continue to pop up locally, regionally, and nationally in efforts to protect individual privacy. 

A few years ago, companies were struggling to achieve compliance with the EU’s General Data Protection Regulation (GDPR), new data privacy and security laws in China, and the California Consumer Privacy Act. More recently, the Digital Services Act and the Digital Markets Act came into effect in the EU. Other countries including India, Canada, and Australia have passed new data privacy laws or updated existing ones to make them more stringent. In the United States, at least eight individual states will adopt new privacy legislation between 2024 and 2026.

There’s never been a better time to review your enterprise data governance practices, or to implement a new enterprise data governance program, to ensure that your company can adjust and navigate through the proliferation of global data regulations. 

What Is Data Governance?

With more and more data being extracted every instant — through artificial intelligence (AI), machine learning (ML), and the internet of things (IoT) — it’s difficult for an organization (or the data users) to keep track. Data misuse happens, and organizations learn the hard way that they need to do more. 

Many organizations we talk to today struggle to:

  • Know what data they should collect
  • See where the data’s coming from and know if it’s trustworthy
  • Confidently make decisions to grow the business using data — without fear of the unknown
  • Understand when laws and regulations change at local, regional, and global scales
  • Know which data can or cannot be used for specific business cases in different regions
  • Create the teams necessary to build a solid governance foundation that scales and stays compliant — and to keep everything running smoothly within the organization

The need for stable, scalable data governance programs is here, and it’s growing.

How Do You Know You Need a Data Governance Program?

Companies realize they need to move faster to adjust and comply than what their internal teams can handle.

But the problem is, there are still a lot of people who don’t know how to use data; who don’t know how to sort it, clean it, and store it; and who don’t know what data to trust.

A good data governance program helps with all of this — instilling confidence in the data so it can be more confidently used to make business decisions.

What Makes a Good Data Governance Program?

There’s often the perception that data governance will result in increased bureaucracy, with little to no return on value.

A good data governance framework will start with the goals of the business — and consider the challenges of today. Then it would be used to attack those challenges head-on based on the business goals.

From there, the team — which should include a data steward — would manage the volume, variety, sourcing, security, and quality of data to solve for these business challenges and measure progress.

A common misconception of data governance is that it’s a “policing” function. It isn’t. In fact, it’s quite the opposite.

How Do You Build a Strong Data Governance Program?

Begin by looking at the culture.

  1. How does the company work?
  2. What are its challenges?

Before you start thinking about policies, spend time with different teams to understand what they do. Talk about what the regulations are or what the laws are in a particular locale or region. And together, come to agreement on the right policy for the company that doesn’t interfere with its ability to do business.

The big reward here is going down the path of finding the answers to questions on customer data, marketing data, transactional data, and other important data types. Finding the right strategy not only protects the company, but it unlocks much more value from the data the company owns.

Well-governed and well-understood data makes the difference when it comes to meeting business needs faster and with greater reliability of outcomes.

How Do You Measure the Progress of a Data Governance Program?

After defining policies and putting data stewards in place to action them, businesses need a way to measure its efficacy. This is where metrics come into play. 

One common methodology is called Goal-Question-Metric, or GQM. Here are the steps of the approach:

1. Goal: It always starts with a clear vision

The first step is to understand and agree on the data quality improvement goals for the company. What are you trying to achieve? Measurement for measurement’s sake is pointless until success is clearly defined and agreed upon.

2. Question: Determine what questions need to be answered based on your goals

What are the most important factors that contribute to this vision of success? What processes have an impact on these goals? How do you identify what to measure and continually optimize in each process, based on your goals?

3. Metric: Define the metrics that answer the questions

No program should attempt to measure everything. Instead, prioritize what’s important based on your goals. Impact on the business and measurement of quality are examples of what to track — and to use to prioritize data improvement plans.

A good metric is specific, clearly defined, and tied to a clear goal. Examples of common metrics data governance programs include are:

  • Improvement in data quality scores by percentage. This would measure the data in the following categories:
    • Accuracy
    • Completeness
    • Consistency
    • Timeliness
  • Adherence to data management standards and processes ensures the policies set forth in the company are followed, the correct levels of access are given to employees, and that these rules are clear, enforced, and followed.

  • Reduction in risk events. A risk event could be a financial loss caused by inaccurate reporting, or a penalty or fine due to noncompliance. If the number of these events are decreasing in the organization, it could be a sign that the governance efforts are effective.

We can help you learn how to gain deeper control over your data, understand where it’s sourced, and monitor and use the data successfully while staying compliant.

Dun & Bradstreet’s Master Data Solutions help companies make better data-driven decisions with a single source of truth.

Learn More

There are multiple Contact Forms popups in the page. Only one Contact Form popup could be present on single page. Please reconfigure Contact Forms and refresh the page.