In my experience with law firms, the conventional wisdom that you need to start with a data governance policy isn’t true. In this article I’m going to explain what a policy is, why you don’t need to have one, and what you do need to have instead.
Data governance policy
The data governance policy is one of those things that, if you google it, you’ll find loads and loads of wordy definitions for.
The simple definition is that a data governance policy is a set of rules that help safeguard data and establish standards for its access, use, and integrity. It guides your company’s decisions about data assets.
Another definition is that data governance policies establish roles and responsibilities for data that include access, disposal, storage, backup, and protection.
The policy is typically accompanied by standards, which provide more detailed rules for implementing the policy.
There are many guides and training courses out there that talk about the steps for developing solid data governance policies. Broadly, they all cover similar steps and will:
- Determine the senior leaders you trust or key stakeholders from most areas of the business.
- Set out the rules and expectations with the consequences for non-compliance.
- Figure out what new roles (data stewards etc.) are needed and how they will help implement the new practices.
Why your firm doesn’t need one
Most data governance guides start with ‘first write a policy’. The idea is that it will be easier to monitor and manage compliance with agreed standards by codifying the data rules (and the consequences of non-compliance) in a document. Data Governance Leads can then use this document to enforce compliance.
The nature of law firm internal structures makes getting a policy drafted, consulted on, and communicated a big challenge. It can become a painful, protracted, multi-year process as the policy has to be agreed to by both business services leaders and the partners.
There are a few reasons that new policies are challenging to achieve.
- Policies tend only to get created and published where there is a legislative or regulatory obligation to do so. While there are obligations around some elements of data governance, these are often already addressed in existing policies.
- When the firm already has robust data retention, privacy, security, and usage policies, it can be hard to persuade stakeholders that a new policy is necessary. Stakeholder perception that the content of the policy overlaps with what is already published can be hard to shake.
- Perfection really can be the enemy of the good. Lawyers (by training) focus on the meaning and intent of every word. Even a simple document can take many months of wordsmithing (and double in length) before all Partners, and other stakeholders are happy that it ‘says what it means.’
- Junior team members disengage with top-down policies. It’s not enough to publish a policy on the intranet and have some team meetings that explain what it says. After years of crafting the document, no one has the energy or appetite to tailor each team or role to adopt the policy.
A policy means the firm can spend a lot of effort for hard-fought change and little reward.
What you need to have instead
Iron Carrot favours a bottom-up approach to data governance that does away with the need to create, agree, and adopt policies and puts a greater emphasis on the structural and relational mechanisms as the focus for law firm data governance.
This collaborative methodology means it is more important to identify the right people to have conversations about data and create a structure that enables and supports them. You will already have people in your firm who perform the roles of data owner and data steward, they just don’t have these labels in their job titles yet.
A data owner is a person who makes decisions about the data. These decisions include requests to change data usage, make data quality improvements, and who is involved in managing that data. They also make decisions about solving issues that require resources (such as money, time, or people). These are all accountabilities, and their decisions are tactical.
A data steward knows what their data is supposed to represent, what it means, and what business rules are associated with the data. They are usually the first to hear about issues with their data and, after investigating the problem and identifying a solution, make recommendations to the data owner. These are all responsibilities, and their decisions are operational.
So, do I still write things down?
Just because there is no policy doesn’t mean that things don’t get written down! You will have role profiles setting out the expectations of the SMEs you find and terms of reference for the groups you create. You’ll just create things as they are needed rather than investing time and effort in a policy up front.
I’ve found that getting the SMEs at an operational level to collectively agree and write down best practices that they take responsibility for implementing is much more effective in achieving lasting change and improving data standards, quality, and compliance. Regular and structured communications and forum meetings are key to keeping these SMEs engaged and accountable for the actions to implement best practices. In all the law firms we have worked with, data steward mindset change has been achieved using a guided framework of conversations that become incrementally more challenging and collaborative over several months.
Benefits of the Iron Carrot approach
The benefits of a bottom-up approach to data governance in law firms include:
- Fostering collaboration and communication among team members.
- Encouraging operational subject matter experts to take responsibility for implementing best practices.
- Achieving lasting change in data standards, quality, and compliance.
This approach allows for more tailored and effective solutions, as it draws on the insights and experiences of those directly involved in data management, ultimately leading to improved data handling without the lengthy process of drafting formal policies.
While this involves the same effort, it achieves greater rewards. In the data governance framework implementations that we’ve been part of, starting with people and not policy has built grass-roots support and advocacy for data governance activities. This has led to meaningful and successful changes to operating procedures and improvements in the firm’s data quality within weeks – not months.
Innovative law firms have big goals for improving the client experience through data innovation.
Through our extensive law firm background, we have developed a unique data governance road-mapping approach to help law firm leaders launch the proper foundation for their data strategy.
If you want to chat confidentially about how Iron Carrot can help your firm with its Data Strategy and Data Governance initiatives, then send me a Direct Message via my Profile, or book a call via the Iron Carrot Limited website.