Data Governance in Practice
In today’s complex healthcare environment, data governance is an emerging discipline with an evolving definition. The discipline embodies a convergence of data quality, management and policy, business process, and risk management. Through data governance, organizations are exercising control over the processes and methods used by their data stewards and custodians. It is important that data governance, management, and architecture be seen as more than an IT responsibility, but also as the responsibility of end users.
Data governance is a quality control discipline for assessing, managing, using, improving, monitoring, maintaining, and protecting organizational information. It is a system of decision rights and accountabilities for information-related processes, executed according to agreed-upon models which describe who can take what actions, using which methods, with what information, and under what circumstances.
In other words, data governance is a set of processes that ensures that important data assets are formally managed throughout the enterprise. It allows people to trust the data, and holds people accountable for any adverse event related to data quality. Governance is about putting people in charge of fixing and preventing data issues so that the enterprise can become more efficient.
Data governance also describes an evolutionary process for a company, altering the company’s way of thinking and setting up the processes to handle data so that it may be utilized by the entire organization. It’s about leveraging technology when necessary to help aid a process. When companies gain control of their data, they empower their people, set up processes, and get help from technology to do it. Goals may be defined at all levels of the enterprise and may aid in acceptance of processes by those who will use them. Some goals include:
- Increasing consistency and confidence in decision making
- Decreasing the risk of regulatory fines
- Improving data security
- Maximizing the income generation potential of data
- Designating accountability for information quality
- Improving planning by supervisory staff
- Minimizing or eliminating re-work
- Optimizing staff effectiveness
- Establishing process performance baselines to enable improvement efforts
These goals are realized by the implementation of data governance programs, or initiatives using change management techniques.
While data governance initiatives can be driven by a desire to improve data quality, they are more often driven by external regulations. Examples of these regulations include Sarbanes-Oxley, Basel I, Basel II, HIPAA, and a number of other data privacy regulations. To achieve compliance with these regulations, business processes and controls require formal management processes to govern data subject to regulations. Successful programs identify drivers meaningful to both supervisory and executive leadership.
The most common theme among the external regulations is the need to manage risk. These risks can be financial misstatement, inadvertent release of sensitive data, or poor data quality used to make key decisions. The proliferation of regulations and standards creates challenges for data governance professionals, particularly when multiple regulations overlap the data being managed. Organizations often launch data governance initiatives to address these challenges.
Understanding what data governance is not can help identify what it is. In particular, data governance is not:
- Change management
- Data cleansing or extract, transform and load data (ETL)
- Data warehousing
- Database design
Data governance applies to each of these disciplines or processes; however, it is not included in any of them.
Historically, data has been collected and managed at the individual department level for its own needs. Each department has developed procedures, formats, and terminology that fit its unique situation and preferences. Without the need for integration or exchange data, inconsistencies are harmless.
Today, however mission goals and legal mandates both require large organizations to report on their activities at the enterprise/organization level. This means that such organizations need to:
- Migrate data from legacy systems into new systems and formats
- Integrate and synchronize data from varied systems that use different formats, field names, and data characteristics
- Reconcile inconsistent or redundant terminology into a single data dictionary providing agreed upon definitions and properties for each element
- Report data in standard formats with standard interpretations
Data governance is a component of data management. It provides and enforces enterprise-wide data standards, common vocabulary, and reports and promotes the development and use of standardized data. It enables the organization to more easily integrate, synchronize and consolidate data from different departments, exchange data with other organizations in a common format, and communicate effectively through shared term and report formats. (Please see figure below for graphical representation)
The implementation of a data governance initiative may vary in scope as well as origin. Sometimes an executive mandate will arise to initiate an enterprise-wide effort. Other times, the mandate will be to create a pilot project or projects, limited in scope and objectives, aimed at either resolving existing issues or demonstrating value. The data governance initiative may originate lower down in the organization’s hierarchy, and will be deployed in a limited scope to demonstrate value to potential sponsors higher up in the organization. The initial scope of an implementation can vary greatly as well, from the review of a one-off IT system, to a cross-organization initiative.
With data governance, an organization can strategically focus on improving data quality, protecting sensitive data, promoting the efficient sharing of information, providing trusted business-critical data, and managing information throughout its lifecycle.
Data governance enables organizations to convert enterprise data into a strategic asset that can be used to create competitive advantage and drive economic value. It can improve financial performance, increase operational effectiveness and efficiency. and allow full compliance with regulatory requirements.
Rob Drewniak is vice president, strategic and advisory services, for Hayes Management Consulting.