|Knowledge Integrity||Column Archive/Who Owns Data?|
Who Owns Data?- Published in DM Review March 2003
In the business environment, ownership of a "business area" or a management group connotes both possession as well as responsibility. Therefore, what do we mean when we talk about the importance of data ownership? The answer revolves around three intertwined notions: value, responsibility and psychology.
Information has value, even though the "business mechanics" of information valuation are a bit fuzzy. (I've never seen a company's data systems show up on a list of assets.) Clearly, however, the concept of ownership is somehow related to the value one derives from that data. In environments where there is shared data ownership, how does the degree of ownership relate to the value derived, as well as the responsibility for managing that same information? Presumably, the degree of ownership may be related to more mundane aspects of the system, such as who initially created the database or what silo currently manages the system; but at the core, the degree of ownership (and by corollary, the degree of responsibility) is driven by the value that each interested party derives from the use of that information.
This leads into the notion of responsibility of data ownership, which describes the control of information as an asset, including not just the ability to access, create, modify, package, derive benefit from, sell or remove data, but also the right to assign these access privileges to others. The responsibilities of data ownership include:
Definition of Data: The data owner is responsible for understanding what information is brought into a system, assigning meanings to data collections and constructing and modifying data models.
Access and Security Management: In a system that contains sensitive data, whether it is confidential information, human resource data, corporate intelligence, etc., it is necessary to define a security and authorization policy and to provide for its enforcement.
Support the User Community: This includes granting access rights, providing documentation, training, maintaining service level agreements (SLAs), measuring system performance and scaling or rebalancing resources to support negotiated SLAs.
Data Packaging and Delivery: This include data preparation, packaging and formatting, and data delivery.
Data Quality: This includes determining and setting user data quality expectations, instituting gauges and measurements of the levels of data quality and providing reports on the conformance to data quality. This also includes defining data quality policies for all data that flows into the system and any data cleansing, standardization or other preparation for user applications.
Management of Business Rules: All data processing operations have business rules. Whether these rules are embedded in application code, abstracted into a rules format or just documented separately from their implementation, the data owner is also responsible for managing business rules.
Management of Meta Data: Managing meta data involves the data definitions, names, data types, data domains, constraints, applications, database tables, reference repositories and dependence rules associated with different tables and databases, users, access rights, etc.
Standards Management: The owner is responsible for making sure that all relevant data sets conform to their standard form, as well as negotiating standards on behalf of the users.
Finally, there is the notion of psychology. Data ownership is buoyed by an individual's aversion to accepting blame for failure versus a desire for claiming success. Data ownership is complicated because of "turf" and "fear." In many organizations, the control of the flow of information is regarded, as are many other forms of control, as a means of job security. Being in charge of creating, packaging and distributing the report naturally leads one to the conception of owning the data that makes up the report. Alternatively, there exists the fear that any closer scrutiny of what goes on within one's organization will reveal that what appeared to be stellar work all along is actually mediocre or worse, which then leads to potentially spurious ownership claims as a means for covering (hiding?) incompetence. Of course, this is a prime example of conflict within the enterprise what is good for the individual is terrible for the organization, and vice versa.
In terms of claiming success, there are different ownership paradigms that are used to claim data ownership. Some of the data ownership paradigms include:
Creator: The party that creates or generates the data owns the data, representing a speculative investment in creating information as a prelude to recognizing value from that information in the future.
Consumer: The party that uses data owns that data. This is a relatively broad ownership spectrum, covering all aspects of data acquisition.
Compiler: This is the entity that selects and compiles information from different information sources for some particular audience, such as a news archive and retrieval company.
Enterprise: In larger corporate information technology organizations, there is a notion that all data that enters the enterprise, or is created within the enterprise, is completely owned by the enterprise. In effect, the company makes use of all input and generated data as fuel for its ongoing data processing needs; therefore, the value derived from the information resides with the organization as a whole.
Funder: In this paradigm, the user that commissions the data creation claims ownership. There are two parties involved one who pays for the creation of data and another that actually creates the data. The patron claims ownership because the work is being done on his or her behalf.
Decoder: In environments where information is "locked" inside particular encoded formats, the party that can unlock the information becomes an owner of that information (e.g., those that decode DNA sequences to isolate specific genes own the information).
Packager: The packager paradigm focuses on the party that collects information for a particular use and adds value through formatting the information for a particular market or set of consumers.
Reader as Owner: This is an interesting paradigm in that it implies that the value of any data that can be read is subsumed by the reader; therefore, the reader gains value through adding that information to an information repository.
The Subject as Owner: This paradigm revolves around the subject data ownership issues, such as personal privacy or image copyrights. The subject of the data claims ownership of that data, mostly in reaction to another party claiming ownership of the same data.
Purchaser/Licenser as Owner: Similar to the funder paradigm, the individual or organization that buys or licenses data may stake a claim to ownership.
The concept of data ownership is quite complicated, yet establishing roles and responsibilities associated with exploiting information value completely revolves around the ownership issue. One of the most interesting descriptions of data ownership comes from one of my colleagues, Sid Adelman. In reference to the quality of data, Sid advises that the data owner is the one who can determine just how clean the data needs to be and has the authority to prioritize the cleansing effort.