I recently heard from a longtime colleague in the world of open source software. She is heading up an open standards initiative at IEEE, the international standards body for engineering, computing, and technology information. She invited me to lead a “data governance” project. In our conversation (after I said “of course”) we talked a bit more about the meaning of the term. It got interesting very quickly.
Here is the thing. The term continues to be used in diverse, potentially conflicting ways. It is only getting more challenging for anyone to know what you mean, what I mean, when saying data governance.
For the CIO, it is an umbrella term for functions that have largely been considered at the back-end, at or close to data stores. Privacy professionals use data governance to describe compliance-oriented factors such as fairness and transparency, purpose limitation and storage minimization. EU-based organizations face added opportunity and potential confusion as the Data Governance Act, related to data sharing, goes into effect during the summer of 2023.
I already have a sense of where I need to go with this project but will seek outside perspectives along the way. In a nutshell, global organizations, especially those with operations in the EU, increasingly require a seamless approach to managing sensitive data about individuals. We get there by describing the container as a framework. The Data Governance Framework. I will write more on the subject in the coming months but it seems to me there is a harmonizing principle — earning the trust and confidence of all stakeholders in the offering, especially individuals who are subjects of the data.