What is the role of a data custodian?
Providing a written description of each role, and personally conveying that role to an individual, will help that individual perform the role successfully. Formally assigning roles makes it easier for colleagues to approach an individual playing a particular role and ask for assistance. Show
For additional data steward related resources check out our resources blog post on the subject. If you need help in implementing data governance or data intelligence, remember that IData provides data governance services. A data governance solution like the Data Cookbook can help in successful implementation of data governance at an organization or a higher education institution as well as improving data quality. Feel free to . (image credit StockSnap_KPVOIKEPSG_DGRoles_BP #1095) Data Custodians Information Technology fulfills the role of data custodians. They are responsible for the security and availability of data. They oversee the systems used to collect, manage and provide access to institutional data. The primary responsibilities of a data custodian are:
To make sure data and information is maintained, there will often be a data custodian responsible for updating and preserving the data. Under the New Zealand Data and Information Management Principles, agency data custodians should implement recommended practices to support well managed data. The New Zealand Data and Information Management Principles were developed to ensure high quality management of the information the government holds on behalf of the public. Under the Well Managed principle, agencies, as the stewards of government-held data and information, must provide and require good practices which manage the data and information over their life-cycle, including catering for technological obsolescence and long-term preservation and access. A custodian would be responsible for making sure that their agency’s data was accessible and maintained, as guided by the Well Managed principle. They also act at the contact person for queries or requests about the data. It is recommended that a named contact point, telephone number or email address (ideally both) is listed in the metadata of your dataset: What metadata should I include with my dataset? There is no such thing as a one-size-fits-all data governance framework that works for all organizations. However, one idea applies universally, regardless of an organization’s scale or industry: having well-defined roles and ensuring that all stakeholders understand the overlaps and differences between those roles is crucial for the success of any data governance initiative. Let’s simplify your path through the data governance maze. Given how important data governance is, we will demystify the confusion surrounding the different roles central to data governance in this post. We will take a look at examples of how these roles may look in practice across varied organizations. And most importantly, we will examine why this information is so essential and why you should care. In this article, we will discuss: Why Does Data Governance Even Matter?First, let’s provide some context: Most people think that the phenomenon of data becoming a valuable resource for organizations (and being widely viewed in that light) as a relatively recent development. After all, the term “big data” was only coined in 2005. So, it is easy to forget that the implicit recognition of the value of data is at least as old as civilization itself, if not older. As early as 40,000 years ago, ancient tribes maintained “tally sticks” to store and analyze data about food and harvests in order to predict how long their supplies would last. Hammurabi is known to have collected detailed statistics about enemy troop movements and the strength of their forces, often refusing to deploy his troops without having this data. That said, indeed, the sheer scale of data that we are working with today dwarfs everything that came before by several orders of magnitude. Consider an example from the realm of medicine—specifically cancer. One of the most promising breakthroughs today in treating cancer is the ability to map the genomes of cancer cells to identify mutations and determine the most appropriate treatments. As Dr. Heath explains in her brilliant TEDx Talk, the entire genetic profile for a single cancer patient can amount to about one petabyte (a little over one billion megabytes) of data. To put this number in perspective, a typical photo you take on your phone is about six megabytes in size. To get to one petabyte worth of photos, you would need to take 178 million photos, or about 9,805 photos per day for the next 50 years. And that’s just the data for one patient. Annually, there are an estimated 19.3 million cases of cancer worldwide on which we collect data today. While data of this magnitude can be astonishing, an important detail to note is that data is only useful to the extent that it can be effectively managed such that professionals can store, access, and analyze it as necessary and do so in a manner that takes full advantage of the high processing speeds possible with modern technology. In other words, the method used to manage the data should not limit the data’s potential, which, in this example, presents literal life-or-death stakes.Is Your Organization’s Data an Asset or a Liability?Data may play a very different role in your organization than in the example above, but regardless of its specific purpose, most business executives now agree that data is among their organization’s most valuable resources and that it is important, if not essential, to business success. Even so, it remains relatively common for organizations to operate without good Data Governance practices. Organizations often have a lot of data, but it is not well documented or standardized, so they lack knowledge about the information they have. Or, even when they do know, they encounter barriers to finding or accessing the appropriate data when they need it (which is worse than not having the data in the first place because you pay the cost for data collection and storage but do not reap the benefits of it). Further, when organizations can find their data, they are often not entirely sure whether it is reliable enough to use. We have all laughed at anecdotes where an 85-year-old retiree receives promotional flyers inviting them to explore the back-to-college collection because the sender could not get their data right. However, things are not as amusing when the wrong person gets a traffic ticket or a summons to appear in court because of biased data. They are definitely not funny when they involve data exposure, especially of a private nature. For organizations in the modern regulatory environment, poor data governance can transform data into a severe liability, rather than an asset, exposing the business to crippling or severe privacy penalties. The moral of this story is that data can only be valuable when we know how to use it, manage it properly, and give it the respect it deserves. As an organization, adhering to this standard involves having a comprehensive and well-established protocol in place on how to manage data and, equally importantly, having a team of people who understand their specific roles and responsibilities in implementing these practices. Read More:The Three Key Roles in Data GovernanceIf you have researched data governance implementation in the past, you have surely already come across many roles, ranging from the mundane-sounding managers and librarians to the exotic “ambassadors” and “champions.” Here are the three most important roles that any organization needs to understand in the context of data governance:
What Is a Data Owner?A Data Owner is the person accountable for the classification, protection, use, and quality of one or more data sets within an organization. This responsibility involves activities including, but not limited to, ensuring that:
What Is a Data Steward?A Data Steward is a subject expert with a thorough understanding of a particular data set. The Data Steward is responsible for ensuring the classification, protection, use, and quality of that data, in line with the Data Governance standards set by the Data Owner. To understand the meaning of a Data Steward, remember that “subject expert” does not necessarily mean they come from an IT background. Depending on an organization’s data and business nature, a subject expert might have experience in business, operations, IT, or a project-specific function. Typically, the Data Owner appoints a Data Steward. Depending on the scale of an organization and its data, one or more Data Stewards may be appointed to assist the Data Owner in implementing the organization’s Data Governance policies.What Is the Role of a Data Steward?Data Stewards play a crucial part in ensuring that the data in their care is of high quality and is fit for use by all data stakeholders in the organization who are concerned with that set of data. Some organizations also describe this role as a “Data Quality Steward.”A good Data Steward must have the ability to see beyond silos and implement rules and processes for the data under their care. Although they do not own the data, they must thoroughly understand how that data needs to be documented, stored, and protected. As David Plotkin explains in his book, Data Stewardship: An Actionable Guide to Effective Data, there are four distinct types of Data Stewards:
What Is a Data Custodian?A Data Custodian is responsible for implementing and maintaining security controls for a given data set in order to meet the requirements specified by the Data Owner in the Data Governance Framework.The Differences Between Data Governance RolesRole titles are useful because they allow individuals both within and outside an organization to quickly get a sense of the role’s responsibilities. Unfortunately, because data can be quite abstract, there is a lot of confusion surrounding the titles of the different roles associated with Data Governance. Let’s uncomplicate it.Data Owner vs. Data StewardGiven that Data Stewards are appointed to assist a Data Owner in implementing the Data Governance policies, there is a fair bit of overlap between their profile descriptions.So What Is the Difference Between a Data Owner and a Data Steward?A Data Owner is accountable for Data Governance outcomes, whereas a Data Steward is responsible for the Data Governance tasks required to achieve those outcomes. In other words, the Data Owner role is results-focused, while the Data Steward role is task-focused. For instance, a Data Owner might be accountable for data excellence metrics, such as audit findings and quality scores. They may also be accountable for business metrics, like the impact of Data Governance on strategic goals — such as the quality of customer data and the effect it has on the success of a direct mail campaign for example. By contrast, a Data Steward might be responsible for ensuring that all items on a Data Governance checklist are implemented and that problems in implementation are prevented and/or resolved in a timely manner.Does Your Organization Need Both Data Owners and Data Stewards?Whether your organization needs both roles depends on the scale and scope of your Data Governance program. Large organizations most likely need both roles, while, in smaller businesses, the Data Owner and Data Steward can be one and the same person.Data Owner vs. Data CustodianA lot of people confuse Data Custodians with Data Owners. This misconception probably arises because Data Custodians are often the ones physically or directly handling the storage and security of a data set. But just because data is stored on a device controlled by someone does not make them the Data Owner. The data may be in their drawer, but that doesn’t make it theirs. A good way to think about this is in terms of money in a bank. When you deposit your money in a bank, just because the money is stored in the bank’s vault does not make the bank the owner of that money!So What Is the Difference Between a Data Owner and a Data Custodian?A Data Owner is an individual, usually in a senior business role, who is accountable for the classification, protection, use, and quality of one or more sets of data. A Data Custodian is typically someone in an IT role who is responsible for maintaining the storage and security infrastructure for one or more data sets in a manner that meets the requirements of the organization’s Data Governance policy. In small organizations where the roles of Data Owner and Data Steward may be held by a single individual, the Data Owner is likely to directly delegate day-to-day tasks (e.g. backups) to Data Custodians.Real-World Examples of Data Steward RolesTo understand how Data Stewardship plays out in practice, let’s look at a couple of real-world examples of these roles in different organizations.Data Stewardship in a Retail ChainA high-end retail chain lets customers participate in a sweepstake by dropping their business cards in the contest boxes located in each store. By providing their personal data and participating in the contest, customers consent to receive the chain’s promotional marketing emails. Starting from the bottom-up, in this scenario:
Data Stewardship in a Manufacturing BusinessIn a contract manufacturing company, the Production Manager is designated as the Data Owner for all production data. In turn, the Data Owner appoints several Data Stewards as follows:
Does It Really Matter What They Are Called?In some organizations, people still find themselves confused between role titles, despite having clear definitions in place for each Data Governance role and its respective responsibilities. There may even be resistance within an organization to some titles. In such cases, it may be more productive to change the role title to whatever people find less confusing and more acceptable. Ultimately, it doesn't really matter what each person on the Data Governance team is called — as long as there is clarity across the organization on what needs to be done and who is supposed to do it.Takeaways
How Satori Helps Data Owners, Data Stewards, & Data CustodiansSatori enables the “data masters” of an organization to enable access to data without requiring any help from IT or Data Engineering teams. In addition, they can each tag and describe their data sets, even when it is scattered across several data platforms. Further, Satori enables continuous sensitive data discovery so that these professionals know exactly when new sensitive data is introduced. Finally, Satori enables them to create security policies, including fine-grained security policies, without the need for implementation by data engineers. Read More:Learn More About Satori What is the difference between a data owner and a data custodian?Some examples of Data Owners include the Registrar and student data; the Treasurer and financial data; the VP of Human Resources and employee data. In most cases, the Data Custodian is not the Data Owner. A system administrator or Data Custodian is a person who has technical control over an information asset dataset.
What is the role of a Data Steward or data custodian in an organization?A data custodian ensures: Access to the data is authorized and controlled. Data stewards are identified for each data set. Technical processes sustain data integrity.
Who is the data custodian in a research?The data custodian is the agency that is the responsible agency in terms of the relevant legislation and who will approve the project proposal.
What are the three types of data ownership and their responsibilities?Often industry experts in Security and Data Governance texts will divide ownership up into three different subsets: ownership, stewardship and custodianship. I believe that this approach is left over from land use terminology and oversimplifies how we might understand data today.
|