The Framework and Regulations for Data Protection
Data governance is being adopted into many different business organizations as a way to maintain the quality of the data being produced and to ensure that it is being produced within the right guidelines and structures of corporate policy. It is an asset that proves the quality of the information produced and keep the companies holding the information in compliance with established regulations.
Data governance is the rules and regulations that are in place to monitor the use of information and the rights of the information for the controlling parties. It is meant to be a secure set of policies that provide structure for the use of the data and provide sound parameters for what can be considered the misuse of that data.
The History of governance
This originated in the early 2000’s, after the collapse of several of the larger companies through financial mismanagement. These companies included Adelphia and Enron. It forced other companies to review their own use of data and for the United States government to enact strict laws to keep corporate entities ethically in line with the investments of private and business accounts. These companies helped create the Sarbanes-Oxley Act of 2002 in which companies are required by Federal law to provide accurate financial information to their investors and have the documentation to prove their balanced accounting.
Governance vs. Management
Governance of data is not data management. Data management is the monitoring of the data assets through the development of a development of management and protocols. Governance is the framework for data management in that is provides the controls for how the data is accessed and who is allowed to have access to it. The difference is in the controls. Governance of the data is the why and who is allowed to touch the data and data management is the where they are allowed to access and how.
The framework for this concept is different between all companies depending upon the levels of information being handled and what that information is, but all have the following structure in which their rules are built off of:
• Defined rules for who is allowed to access the data and why they have access to it. These barriers the data prevent people from accessing materials that they should not have access to and defines who should have access to the information such as a banking executive having access to personal banking information for their own client portfolios.
• Defined boundaries for those people who can access private account information. This allows for the banking executive to have access to account information, but only those accounts they are authorized to access.
• Violation Policies are also placed on each structure that is created to when breaches are discovered they can be fixed and blocked from further problems. This prevents violations from continuing and a system of enforcement is established to prevent continued unauthorized access and punish the repeat violators.
The data governance framework is to be extended as needed for particular companies and businesses through every company has some form of this policy in effect.
Data security and control are some of the top concerns of business in today’s world. It is paramount as more computers and companies are connected through business and commerce. This is a modern problem and one that will continue to develop and shape as the world changes. Improvements are occurring on a daily basis as the framework of each business is better understood and the holes in their security systems are tightened.
