Although data is the foundation on which many organisational strategies are built today, data governance strategies have not received the attention they deserve within many organisations.
So says Yolanda Smit, regional (Gauteng) director at PBT Group, adding that given that the Protection of Personal Information Act (POPI) is set to come into effect sometime within 2018, being aware of data protection regulations will be a high priority on many corporate agendas over the months to come.
"While some of the hesitation around data compliancy has revolved around the difficulties in adhering to the regulatory framework, the reality is that once compliance underpins the data strategy of a business, it becomes easier for the business to manage the data and assists in ensuring that any future initiatives fall within legal parameters. Getting this right however, means going back to basics."
She says although most businesses will have a well-established and defined data strategy and foundation in place, these foundations need ongoing investment, particularly from a technology perspective, as new technology evolves. "However, given these regulatory requirements impacting such strategies, decision-makers need to ensure they adhere to legislation and regulations before they identify and implement any new technologies enabling more efficient analysis of corporate data."
According to her, this means that organisations need to re-look their existing data foundation platforms with data security and governance concerns in mind, and implement these at a foundational level. "It is only when this focus is taken, can a business truly harness the power of data to make business decisions that not only add real value and benefit to the organisation, but that are in line with regulatory requirements."
Although a good first step in the compliance process, it should be noted that data governance and Acts such as POPI are a continuous compliance legislation, says Smit. Ensuring compliance is not a once-off exercise achieved when all the right boxes are 'ticked'. With this in mind, she suggests that organisations should consider employing an information officer.
"By appointing a person in this role, and clearly defining his or her role and responsibility, the process of compliance at a data foundational stage can be an easier task and of course, compliance can then be ensured."
The challenges associated with compliance around data are well documented, and ignoring these realities will merely place businesses at further risk, which could result in severe repercussions.
"However, if businesses proactively address such requirements now, they are likely to gain a leading advantage, which could actually be turned into a competitive edge - as compliance will instil trust with clients, staff and other stakeholders alike," she concludes.
Share