Who owns the data?

Written By:
Content Copyright © 2009 Bloor. All Rights Reserved.
Also posted on: Accessibility

Before attempting to answer this question I’ll say why it is important: it’s important because if you don’t know who owns data then you don’t know who is responsible for it and you don’t know who is going to manage it or ensure that it is of good quality. So, who owns the data?

The short answer to that question is the business. It can’t be IT because they don’t understand it, so it must be the business. But who in the business? And there’s the rub. Who owns customer data? Finance, marketing, sales, the service department and probably others are all stakeholders but it’s a turf war when it comes to deciding who actually owns (or disowns if stakeholders are averse to taking responsibility) the data.

Moreover, this issue applies more widely than you might think. At a casual glance you might think that HR data, for example, is strictly owned by HR. But what about badge number, user IDs, passwords and so on—aren’t these owned by security, or maybe IT?

So, the bottom line is that the business can’t decide who owns the data. And assuming that you do need someone to be responsible for the data then you are left with a conundrum: there isn’t any structure in the organisation that supports ownership of data. And the only resolution of this issue is to create one: there needs to be a data ownership organisation that provides data governance in collaboration with the relevant business departments on the one hand and IT on the other.

This really isn’t new but there is a neat parallelism here in terms of governance (and my thanks to Kalido here for pointing this out): the business is responsible for process governance, IT for systems governance and this separate structure in the middle for data governance.

However, this isn’t the end of the story because there are couple of additional points. The first is that I said that nobody could decide who owns what data. That’s not strictly true: IT owns its own data. IT understands and owns SLA metrics, database performance management details and so forth. It also understands and owns its own processes. Therefore IT governance encapsulates both process and data governance as they pertain to IT itself and I don’t think that any separate structures are needed within IT unless the IT department is very large.

The second additional point is with respect to content. Here, the position is different. It is usually quite clear who owns web content, for example, because it is originated by a particular department. Does that mean that content governance should be treated separately from data governance? Well, it depends what we mean by content governance. If we mean the processes through which the content was created and is updated then that’s essentially no different from the business process ownership already mentioned. However, if we mean content quality checking (no broken hyperlinks, compliance with accessibility regulations, ensuring that indexes, tags and classification data are kept up-to-date and so on) which are the sorts of capabilities that Vamosa has recently introduced, then we are getting much closer to the sort of thing that data governance does. You could probably argue it either way but my inclination is to think that it would make sense to fold this into the data governance structure, in which case the more correct term would be information governance.