Is your data putting your business at risk? According to a Deloitte survey, only 19% of organizations indicated that they have strong data governance policies designed to ensure accurate data, manage risks, and stay in compliance.

How an organization handles its data, right down to deciding what to collect, when to share, and how to protect it, is collectively known as data governance.

While mostly accepted as an important and necessary practice, some areas of data governance still raise eyebrows. There is an ethics component involved that can create some controversy. Let’s discuss the Here are the top 6 data governance myths that we are going to debunk: 

1. Data governance is only for big organizations
2. I've already set up data governance; I'm all set!
3. Data governance is meant to restrict data access
4. IT handles data governance
5. Data governance is too expensive or time-consuming
6. Data governance is about management controlling data access and Big-Brother type oversight

Myth #1: Data Governance is Only for Big Organizations 

Data governance helps improve the quality of data available to make decisions. There is no qualifier on the size of the company. If a clothing retailer is constantly struggling with inaccurate inventory data, they will overorder low-volume sales items and underorder higher-demand items, leaving them with bloated stock levels and unhappy customers.

The same scenario is true whether the retailer has five locations or 500 locations. The impact of poor data governance is felt on both ends of the spectrum; the only difference between small companies and enterprise-level organizations is the scale of the problem.

In fact, since strong data governance can help eliminate waste, small and medium-sized businesses can really benefit from outlining these policies now and implementing them as they grow.

Myth #2: I’ve Already Set Up Data Governance; I’m All Set!

Some businesses understand the importance of data governance policies, but they fail on the follow through. In fact, Deloitte’s survey revealed that about half (48%) of organizations take an ad hoc or poorly organized approach to managing data governance.

Data governance is most effective when the policies are continually reviewed and updated. Since technology and the use of data continues to evolve, it’s only appropriate that data governance policies outlining how an organization uses data also continue to evolve.

Myth #3: Data Governance is Meant to Restrict Data Access

Data governance covers a wide span of activities, including data collection, use, stewardship, and lifecycle management. In simple language, that means deciding when to collect data, who to collect it from, and what to do with it once the company has it.

It seems straightforward, but there is an ethics component in data governance that can stir up controversy between opposing viewpoints. For example, one hotly debated topic involves data ownership. When a company collects customer data on an individual–like their name, address, age, birthdate, or ID numbers–who owns that data? Some argue that the company that collected the data exclusively owns it and is free to use it, including by sharing it, as they see fit. 

Others, especially those covered under recent legislation like the European Union’s General Data Protection Regulation (GDPR), believe that ownership belongs to the individual as a fundamental human right and that companies that collect data are merely stewards of the information. 

While there are many cases where data governance policies support restricted access, the goal is to protect, ensure accuracy, and promote the appropriate use of data.

Myth #4: IT Handles Data Governance

As companies progress through digital transformation, the lines between IT and Operations, Sales, or Finance become less clear. Ultimately, that’s a good thing–our ability to share data in real-time and eliminate duplicated work benefits us all. 

But it also means that data governance is a ‘whole organization’ responsibility. It’s deeply intertwined with the people, processes, and technology that exist across the organization. 

According to McKinsey & Company, effective data governance policies begin with a centralized point of contact–like a Chief Technology Officer, and then spiderweb out to a data council that represents the needs of different data uses across the organization and further down to the individual roles where data is injected into the day-to-day operations. 

Myth #5: Data Governance is Too Expensive or Time-Consuming

The risks of poor data governance far outweigh the potential costs associated with reviewing and implementing appropriate policies across the organization. Data governance policies can help improve cybersecurity. For example, under the data governance umbrella, an organization might implement a data access control policy that defines user roles and responsibilities and identifies appropriate access authorization based on need. 

This policy might also include authentication and authorization measures to ensure that the policy is strictly enforced. This might look like requiring privileged users to use more complex passwords or a multifactor authentication that includes a biometric authentication–like a fingerprint scan. 

The added layers of security protecting how and when data is accessed improve the overall security of the network, protecting the company from costly cyber incidents and effectively lowering cybersecurity insurance premiums.

An organization might incur consultancy fees or added costs from implementation, but the investment in data governance is likely to yield cost savings across the organization.

Myth #6: Data Governance is about management controlling data access and Big-Brother type oversight

Regarding data governance, the lines are often blurred and confused with its relation to “government control”. In reality, data governance policies are typically determined by a committee, including representatives from the business teams impacted by the policies. Representatives could include executives, data management professionals, IT staffers, and even end-users who are familiar with the data domains within the organization.

The policies created by the committee may be restrictive by design due to regulatory needs based on the organization's industry (such as HIPPA, GDPR, CCPA, etc.). However, good data governance policies strive to build guardrails around data access and promote data literacy and data driven decisions rather than overseeing data usage.

The Bottom Line–Data Governance is Essential for Business Intelligence

It doesn’t matter whether your business has a single location with less than 50 employees or you are a global enterprise spanning multiple continents–data governance policies are an important foundation for your business intelligence. 

Data governance is often misunderstood. The truth is, with the right policies in place, organizations are actively working towards protecting their data and assuring quality in their business intelligence that will empower their organization. It’s not a thoughtless control mechanism or a money pit with no return on investment in sight. In fact, data governance is quickly becoming a necessity in the era of business intelligence.