An Open Letter to All Data Users

Management of Your Company
Your Company Name
Your Company’s Address

Today’s Date

Subject:  Open Letter to All Data Users

Dear Data Users,

This letter may come as a surprise to you. We do not mean to catch you off guard. In fact, nothing is changing. We, the management of your company, are doing well and we hope the same is true for you.

You may have heard about a new initiative that is underway at our company. The initiative is called Data Governance and, frankly, it has a few people concerned. Anything with the word “governance” in it is scary and reeks of being difficult. Governance is like government – and government for data – wow, that sounds pretty bad.

The truth is that we, as a company, are putting Data Governance in place and you should toss out the window any notion that it is as bad as it sounds. Let me explain …

Our company has data about you – our employees. We know where you live. We know how old you are, how much you make, your work schedule, your health insurance information… We know a lot about you. We have to have this information because we care about you and for you in many ways. We don’t share any of that information with anybody that should not see that data. There are laws and rules that we follow to assure that your information is protected. That, my friend, is a form of data governance.

We, as a company, have a lot of data about a lot of things and a lot of people – which we must protect. I can summarize data governance in terms of data protection with these simple statements:

You insist and trust that we protect your data.

The Government says that we must protect your data.

Senior Leadership says we will protect your data.

Data Governance is the way we protect data.

Now I have to tell you about your role in Data Governance. And… You DO play an important role. You use the data. Since you use the data, you have to protect it too.

We are NOT changing the rules associated with protecting sensitive data. The rules have been around a long time, they are changing all the time and, just so you know, we DID NOT make the rules. But, your role (as well as my role and everybody’s role) is to follow the rules and do so in an auditable way.

There are formal rules associated with how we access data through our computers and devices, print data and reports, store data physically and electronically, mail and transmit data, dispose of data, and even discuss sensitive data. We will be held formally responsible for knowing and following the rules.

This is why we are putting a formal Data Governance program in place. We can put our company at risk, our customers at risk, and you – our employees – at risk without even knowing it if we do not know the rules and protect data. Data Governance will assure you are educated on how to protect data.

The purpose of this letter is to let you know that our company is addressing this challenge head-on to make certain that every person in the company knows and follows the rules associated with protecting and handling sensitive data. As part of the program, we want to know any problems that are caused by following the newly communicated rules and if/when it interferes with you and your job. We will address every occurrence quickly, and procedurally make decisions about how we conduct business.

Please keep in mind that we have you – our employees – our customers, and our stakeholders in mind when we formalize how we protect sensitive data. In the future, we will be looking at ways to protect intellectual property in much the same way.

We have only scratched the surface of the ways that we, as a company, can gain value from our data and information resources. With the application of data governance, our company will stand above and protect data first. We will improve the quality of data and make the lives of that same group – our employees, our customers, and our stakeholders – better. Together we will build a more efficient, effective, and profitable company.

I am attaching a short graphic that you will be seeing posted in every work area.

Thank you for your support.

President’s Name
Your Company Name

seinersignage

Share

submit to reddit

About Robert S. Seiner

Robert S. (Bob) Seiner is the publisher of The Data Administration Newsletter (TDAN.com) – and has been since it was introduced in 1997 – providing valuable content for people that work in Information & Data Management and related fields. TDAN.com is known for its timely and relevant articles, columns and features from thought-leaders and practitioners. Seiner and TDAN.com were recognized by DAMA International for significant and demonstrable contributions to Information and Data Resource Management industries. Seiner is the President and Principal of KIK Consulting & Educational Services, a data and information management consultancy that he started in 2002, providing practical and cost-effective solutions in the disciplines of data governance, data stewardship, metadata management and data strategy. Seiner is a recognized industry thought-leader, has consulted with and educated many prominent organizations nationally and globally, and is known for his unique approach to implementing data governance. His book “Non-Invasive Data Governance: The Path of Least Resistance and Greatest Success” was published in late 2014. Seiner speaks often at the industry’s leading conferences and provides a monthly webinar series titled “Real-World Data Governance” with DATAVERSITY.

  • Richord1

    This reminds me of the cliche; “we’re from the government and we’re here to help you”.

    The statement:

    “Our company has data about you – our employees. We know where you live. We know how old you are, how much you make, your work schedule, your health insurance information… We know a lot about you. We have to have this information because we care about you and for you in many ways.”

    is both paternalistic and scary! I suspect that the senior management would not approve this. Reminding employees that they are being monitored is the last thing senior management would want to highlight.

    If data governance is focused on data privacy and security call it: “Data Privacy and Security Rules” that rather than “data governance”.

    Rather than a list of rules in the graphic have one statement:

    “BEWARE THE DATA YOU TOUCH”.

    And rather than wall posters which are typically ignored, flash up the above message in BIG BOLD font each time an employee logs into their computer.

    • Robert S. Seiner

      May be paternalistic and scary … but it is true. Your company has this information about you and they must protect it. I used that statement to make the point that you want them to protect your data … and that you must protect their data.

Top