Use GDPR as a catalyst for building the process and data related foundation required to support digital transformation.

Judging from the number of headlines in magazines, blogs, conferences etc. with the words digital transformation, automation and disruption, those are concepts that private as well as public businesses concern themselves with.

Apart from the cultural and process related aspects, the basic element in any digital transformation is data; data from existing systems, external data and data from systems yet to be developed or acquired.

In larger organizations data from each system is traditionally utilized across organizational units. How data can and shall be used – and questions to where data is coming from – is subject to different views. This lack of common understanding creates a foundation for flawed decisions and noncompliance, and it complicates integration between systems. 

Not exactly boardroom blockbusters

In my opinion, the solution in the form of a data governance program is straightforward. But it has a history of being difficult to sell to the organization internally. Concepts such as technical and business metadata, data quality, information models and data ownership are not exactly boardroom blockbusters, resulting in lack of funding.

Data governance programs that have been deployed have failed on a number of occasions. Depending on who you ask, there are various causes for this. Lack of executive management support is the most classic – and applicable to many types of initiatives.

With non-existent success with, or complete absence of, data governance, it is only natural that many business are challenged when facing the requirements introduced by GDPR and only achieve limited success with digital transformation. 

So, is GDPR a Gift?

If the organization does not already have a sound data governance program, the answer is yes.

GDPR is a gift because it is the burning platform that emphasizes the need for establishing a data governance program. GDPR is not just a data management and governance exercise, but complying with GDPR will indeed be extremely difficult without a rooted data governance program.

It is assumed that the focus required from executive management is present since the consequences of non-compliance are fines of up to 4 % of the business’ global revenue (along with potential side effects such as negative publicity) – for each breach, that is.

GDPR as a catalyst for digital transformation

The purpose of data governance is to ensure visibility of data availability, applicability, integrity and security.

Data governance is not a fancy buzz word and is not on Gartner’s Hype Cycle. It has existed since the adoption of IT systems in the 1960s. While earlier initiatives were driven by IT with a technical focus, programs today are built on a structured approach, typically with a dedicated, facilitating team and a high degree of interdisciplinary involvement.

Specific value of data governance can present itself in different ways, the example discussed here being compliance with GDPR. Whether the objective with digital transformation is to automate processes in a service-oriented organization via RPA or automate physical production obviously depends on the organization in question.

Both examples require availability of applicable data with some level of integrity and, of course, wrapped in security. The point is this: Use GDPR as a catalyst for building the process and data related foundation required to support digital transformation.