October 29, 2020 By Inderpal Bhandari 4 min read

Data governance is a central consideration for Chief Data Officers. With today’s increasingly complex privacy regulations, the stakes have never been higher. 

At IBM’s recent CDO Summit, we discussed the accelerating challenges surrounding this topic, and in turn, I shared IBM’s approach to building a holistic data governance framework.

Data Governance is finding the right balance between data monetization and risk reduction

CDOs are primarily charged with three things: boosting the top line, improving the bottom line, and reducing risk. Data governance is how you go about accomplishing them. Within that, there’s a whole slew of activities related to meeting complex and regionally specific regulatory requirements. Still, I tell my peers that if you keep those top three things in mind, data governance begins to make sense.

A good data governance framework enables you to move forward while at the same time managing risk at an acceptable level. The goal is to keep the flow going so that the data can be used to drive value. Whether it be innovation for new products, insights around processes, or reducing cycle time, it’s all about being able to keep that flow going sufficiently so you attain your targets while minimizing risk.

As privacy regulations grow in scope and complexity, AI-infused automation is key

Eventually it’s all about speed: speed to insight, speed to action, speed to value. That’s what translates to your bottom line improving or your top line growing. To keep pace, you need to make privacy and security decisions in real time. That takes automation.

That’s the strategy we’ve embarked on at IBM, and it has been tremendously helpful – enabling us to scale rapidly to address new regulations by having an end-to-end flow that is supported intensively by automated processes and artificial intelligence.

Essentially, privacy regulation boils down to one thing: making sure that you’re able to safeguard the Personally Identifiable (PI) data that you’re collecting. At IBM, our ace in the hole is artificial intelligence (AI) because we are already infusing AI into every business process. In addition, we already have a central data & AI platform across the company. We started leveraging it for privacy – building a governance framework to deliver actionable information in real time while ensuring regulatory compliance.

Hybrid Cloud adds flexibility

The other key technical aspect that we’re prioritizing at IBM is our hybrid cloud framework.

A hybrid cloud environment is giving us increased flexibility with regard to regulatory compliance through a mix of pre-defined policies and run-time automation, coupled with AI.

Traditionally, regulatory compliance has been handled by looking at ten different regulations, taking the one that’s most restrictive, and standardizing for that. With our AI-infused hybrid cloud approach, we are able to configure aspects of data processing to appropriately access and process data in compliance with all these different regulations simultaneously.

For example, access control can be determined not only by the role of the user but also by policies implemented at run time that align to regulations. Consider a data scientist who logs in from the U.S. and accesses certain sets of data. Later, if that same person with the same role logs in from a different country, they may not have the same access. These types of real-time decisions are critical to privacy regulation compliance.

An informed workforce brings it home

Another important aspect of data governance is having a culture that prioritizes data privacy and security. This is especially critical when analytics and AI enter the picture, and you are creating new, derived data. You don’t know going in what you’re going to create.

There’s a famous retail example where somebody was taking prenatal vitamins and the data inferred that the person was pregnant. That’s a perfect example of starting off with a grocery list and ending up with new data that’s highly sensitive and that you shouldn’t be using. To address this, you must prepare your workforce that is doing the analytics.

The coaching I like to give our people is if you come across an insight like that – where you can identify personal information about someone and you’re about to take action — pause and think about the implications. If it was your wife, your daughter, your mother, your husband, your son, your father, whose personal information is revealed, would you act? And if there is any doubt, don’t do it.  You have to bring that aspect of a human value into the equation.

In order to ensure that you are handling derived data the same way as you would the other data with regard to the privacy regulations, an informed and empowered workforce is critical.

It comes down to trust

In today’s world — with increasing intensity around cybercrime, cyberattacks, data theft, ransomware, and more — customers have to be able to trust the companies they work with.

For IBM, trust is imperative. That’s why we’re building a holistic data governance framework: to foster confidence in our processes and people.

Further, that’s why we share our strategy. We are eager to allow our clients and stakeholders to take advantage of our experience in about as complex an environment as you could get. We’re a 100+-year-old company with a lot of legacy.  We’re far flung globally.  We have lots of business units with products that are very different from each other. As we create this automated “secure by design” governance framework, it becomes a good reference point for our clients and stakeholders.

The road to data governance is not smooth or straight. If you put in too many speed bumps, you’re not going to boost growth. You might not even be able to improve the bottom line. If you put too few, you increase risk. The fact is, these things are all very difficult. At IBM, we are finding our way, tackling the twists and turns through the power of AI-powered automation in the hybrid cloud.

More than 100 professionals gathered online for the IBM Chief Data Officer Summit: Data Privacy and Governance

Thought leaders including Allen Crane, AVP and Head of Information Management at USAA; Rajan Mehta, EVP and Chief Product and technology Officer at the WWE, Christina Montgomery, VP and Chief Privacy Officer at IBM, and Inderpal Bhandari, Global Chief Data Officer of IBM shared their insights and best practices.

Watch the replay and register for our upcoming IBM CDO Summits here.

More from Analytics

How data stores and governance impact your AI initiatives

6 min read - Organizations with a firm grasp on how, where, and when to use artificial intelligence (AI) can take advantage of any number of AI-based capabilities such as: Content generation Task automation Code creation Large-scale classification Summarization of dense and/or complex documents Information extraction IT security optimization Be it healthcare, hospitality, finance, or manufacturing, the beneficial use cases of AI are virtually limitless in every industry. But the implementation of AI is only one piece of the puzzle. The tasks behind efficient,…

IBM and ESPN use AI models built with watsonx to transform fantasy football data into insight

4 min read - If you play fantasy football, you are no stranger to data-driven decision-making. Every week during football season, an estimated 60 million Americans pore over player statistics, point projections and trade proposals, looking for those elusive insights to guide their roster decisions and lead them to victory. But numbers only tell half the story. For the past seven years, ESPN has worked closely with IBM to help tell the whole tale. And this year, ESPN Fantasy Football is using AI models…

Data science vs data analytics: Unpacking the differences

5 min read - Though you may encounter the terms “data science” and “data analytics” being used interchangeably in conversations or online, they refer to two distinctly different concepts. Data science is an area of expertise that combines many disciplines such as mathematics, computer science, software engineering and statistics. It focuses on data collection and management of large-scale structured and unstructured data for various academic and business applications. Meanwhile, data analytics is the act of examining datasets to extract value and find answers to…

Financial planning & budgeting: Navigating the Budgeting Paradox

5 min read - Budgeting, an essential pillar of financial planning for organizations, often presents a unique dilemma known as the “Budgeting Paradox.” Ideally, a budget should give the most accurate and timely idea of anticipated revenues and expenses. However, the traditional budgeting process, in its pursuit of precision and consensus, can take several months. By the time the budget is finalized and approved, it might already be outdated.In today's rapid pace of change and unpredictability, the conventional budgeting process is coming under scrutiny.It's…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters