IT & Telecommunications Data & Analytics
Industries News Press Offices Companies Jobs Events Opinion People Multimedia My Biz

Industries

All industries Agriculture Automotive Construction & Engineering Education Energy & Mining Entrepreneurship ESG & Sustainability Finance Healthcare HR & Management ICT Legal Lifestyle Logistics & Transport Manufacturing Marketing & Media Property Retail Tourism & Travel

Special Sections

BizTrends Pendoring IMC Conference Loeries Women's Month Cannes Lions Orchids and Onions #StartupStory More Sections..

In the news

Oppo Irvine Partners Richfield Graduate Institute of Technology Topco Media ESET Pert Industrials Bluegrass DigitalEnquire about a company Biz Press Office
Agriculture
Automotive
Construction & Engineering
Education
Energy & Mining
Entrepreneurship
ESG & Sustainability
Finance
Healthcare
HR & Management
ICT
Legal
Lifestyle
Logistics & Transport
Manufacturing
Marketing & Media
Property
Retail
Tourism & Travel

News

Industries

Companies

Jobs

Events

People

Video

Audio

Galleries

My Biz

Ads & Rates

Submit content

My Account

Data & Analytics Opinion South Africa

Key features of a formidable data governance framework

By Cleo Becker
4 Mar 2019
4 Mar 2019
With each new information breach, data governance becomes an increasingly important point of focus for businesses.
Cleo Becker
Cleo Becker

It’s only a matter of time before the Protection of Personal Information Act (PoPI Act) becomes the next compliance issue for local businesses. Major data breaches are now a part of daily news and there’s little doubt this will place a spotlight on data protection legislation.

While we still don’t know exactly when PoPI will come into effect, we do know that companies will have just a year to comply once the commencement date is announced.

This is concerning, particularly when one considers how few companies were quick to comply with the General Data Protection Regulation (GDPR). We know, for instance, that just four months before the GDPR came into effect, only 35% of South African companies were working on a plan to comply with the GDPR.

Compliance is an increasingly tall order

It’s no surprise that businesses are battling to meet data compliance standards.

The volume of data they’re required to store and manage keeps increasing exponentially. In fact, the IDC estimates that by 2025, the world will create and replicate 163ZB of data – a tenfold increase on the amount of data created in 2016.

Added to this challenge is the growing number of complex data types. More and more unstructured data is being generated through platforms like social media, instant messaging, text, voice and video. The problem is that businesses simply don’t have the relevant technology to track, report and mine these data types.

Across the world, regulations are also evolving, making it even more difficult to be compliant, especially for global companies. The GDPR is a perfect example of this.

Establish the risks

Before your business can develop a policy framework, it first needs to have several important pillars in place.

This begins with assessing your business maturity in relation to information governance. It involves assessing your critical information assets and determining which hold the greatest risk as well as how those information assets are managed and stored. The kind of questions your business needs to answer include: What kind of information does it hold? Where does it store its information? Is this information stored electronically or manually? For how long is this information stored?

Is your organisation ready to comply with PoPI Act?
Is your organisation ready to comply with PoPI Act?

14 Feb 2019

Because your business has many different types of content, it’s naturally exposed to a wide range of different risks. As such, conducting a thorough content audit will help you determine your business’ vulnerability to risk. After you have conducted a content discovery exercise, your content audit should answer questions such as - which documents need to be preserved in secure archives?

Understand your legal obligations

The next step is to undertake a regulatory compliance review. It’s important to understand the legal obligations specific to your company when formulating a data governance programme. For example, often a business’ compliance requirements are dependent on its number of employees or its industry.

Multinational companies in particular are impacted by thousands of different regulations, needing to comply with everything from data protection legislation to local tax laws. It’s therefore hardly any wonder regulatory pressures are increasingly top of mind for many business executives.

Put together a core team

Before you can implement a data governance framework, you also need to establish an information governance team, ensuring the team includes representatives from across the business. It’s particularly important to involve senior representatives from areas of the business like compliance, security, legal and risk.

This core team will then be responsible for the implementation and success of the governance programme, driving various operational issues. This includes the development of a work schedule, creation of policy and strategy, as well as communication around and implementation of the solution.

Tech will get your policy off the ground

Once you’ve identified the weaknesses in your company’s data governance processes, you can start to develop a plan to mitigate these risks.

The use of technology to establish, automate and enforce the resulting policies will prove critical. Ultimately the right technology can greatly help reduce the burden of long-term data protection, preservation, management, and compliance with business and regulatory requirements. It can also help to deduplicate or compress the data, enabling it to be transferred to more cost-effective storage media.

Once you’ve established trust in your data, you can begin to foster innovation and growth. By employing data, IoT and analytics services, your business can begin to optimise its data and leverage it to achieve particular objectives.

But even more importantly, when new regulations like PoPI do come into effect, your business will be ready.

Read more: POPI, Protection of Personal Information, data governance, POPI Act, General Data Protection Regulation, GDPR
NextOptions

About Cleo Becker

Cleo Becker is Senior Regional Counsel, Emerging Markets, the Nordics & Israel at Hitachi Vantara

Related

Enforcement Notice issued to Dis-Chem due to contravention of PoPIA
Enforcement Notice issued to Dis-Chem due to contravention of PoPIA
4 Sep 2023
Image source: © Rungaroon taweeapiradeemunkohg –
Major trends impacting 2023 information and development planning
 27 Jan 2023
Tian Horn, Hyland account manager, Southern Africa. Source: Supplied
Keep personalisation from getting creepy - the 5 points of data rule
 25 Nov 2022
A digital world without cookies
A digital world without cookies
 6 Oct 2021
GDPR and PoPIA: Cost of non-compliance is hefty
GDPR and PoPIA: Cost of non-compliance is hefty
20 Sep 2021
Powerful e-marketing and PoPIA
Powerful e-marketing and PoPIA
15 Sep 2021
Digital brands are still built on trust
Digital brands are still built on trust
 10 Sep 2021
Businesses should see PoPIA as an opportunity to build customer trust
Businesses should see PoPIA as an opportunity to build customer trust
 9 Sep 2021
More industry news

Next
Let's do Biz