What is data governance?

Season 1 Episode 1

Welcome to the Law Firm Data Governance podcast. The data governance companion for law firm leaders who want to know more about implementing and improving data governance. 

Each week I’ll help you with your law firm data governance initiative by sharing something I’ve learned in my 20+ years of working with information and data in law firms.

In this first episode of Season 1, Begin at the Beginning, I’ll be answering the best first question: What is data governance? 

I’ll explain:

  • what data governance is, 
  • why having a data governance definition is essential, and 
  • what data governance isn’t.


Law Firm Data Governance Podcast

  • Do you want learn more about the podcast?
  • Are you curious about what’s coming up in future seasons?
  • Do you want to listen to the latest episode?

Answers to these questions and more can be found on the podcast page.

Episode Transcript

Welcome to the law firm Data Governance Podcast, the Data Governance Companion for law firm Leaders who want to know more about implementing and improving data governance.

Each week I’ll help you with your law firm’s data governance initiative are sharing something that I’ve learned in my 20 plus years of working with information and data in law firms.

This is the first episode of season one. “Begin at the beginning”. In this episode, I’ll be answering the best first question. “What is data governance?”

I’ll explain what data governance is, what data governance isn’t, and why having a data governance definition is essential.

So let’s start with what is data governance.

I think of data governance as a collection of practices, rules, standards and processes that help to ensure the proper management of data assets within an organisation.

This proper management ensures that high quality data exists throughout the complete lifecycle of that data. Data governance often includes concepts such as data ownership and data quality to help a firm gain better control over its data.

An implementation can include methods, technologies and behaviours around the proper management of that data. Data governance can deal with the security, privacy, integrity, usability, integration, compliance and availability of data. It also deals with roles, responsibilities and overall management of the firm’s internal and external data flow.

Data governance identifies and treats with equal importance people who have ownership and accountability and who have stewardship and responsibility.

Processes, so how and when data moves through its lifecycle, and technology, so how and which systems are used and what for, and middleware and all those technical things.

More broadly, data governance is an overarching strategy for firms to ensure that the data they use is clean, accurate, usable and secure. So if that’s what data governance is, what is data governance not?

Well, it’s not data privacy. Data privacy deals with the proper handling of data, focusing on compliance and data protection regulations. Data privacy considers how data should be collected, stored, managed, and shared with third parties, as well as compliance with applicable privacy laws like the California Consumer Privacy Act or European General Data Protection Regulation.

It’s the data protection officer or general counsel who has that as a problem.

Data governance is also not data security. Data security means protecting digital data, that’s your databases, from destructive forces and the unwanted actions of unauthorised users.

That means things like cyberattacks or data breaches, and data security is your chief information security officer’s problem. They’re often referred to by the acronym CISO.

Data retention is also not data governance. Data retention defines persistent data and records management policies for meeting the legal business data archival requirements.

That’s usually the record management team’s problem. And finally, data governance is also not a piece of software. Yes, there are plenty of tools and technologies in the market.

Which can help you manage and monitor some of your data governance activities.

But unless you already have the people and processes, you’ll still have to build your data governance foundation by putting those in place before you can leverage that technology.

So why do we need a definition?

Well, we’ve heard about what data governance is, and we’ve heard about what data governance isn’t. But before doing anything, it’s essential to have a common understanding of the subject.

The literal words data and governance are so open to interpretation, either separately or combined into a phrase. By having a simple definition, you can be sure that the term is commonly understood and the meaning is clear to all the stakeholders who engage with it.

It’s also going to stop people Googling it.

There are so many definitions on the Internet, but it’s hard to know which one applies, especially which one applies to a law firm, and most of these definitions are long and confusing too. The Iron Carrot definition sets out what data governance is and more importantly, what it’s not.

It says simply data governance is a framework that enables conversations between the right people to improve the firm strategic data management.

So if data governance has the right roles, accountabilities and responsibilities to support the firms people to manage better the firms data which contributes to delivering the firm strategic goals, and there are documents like standards and best practices that can also help, but fundamentally it’s about the activities of people, mainly how they work together cross functionally.

You can see how we got to our definition of data governance being the framework that enables conversations.

We’ve covered a lot of information in this episode, so to summarise with the answers to the three questions that we started with…

What is data governance? Well, data governance is the framework that enables conversations between the right people to improve the firms strategic data management.

What data governance isn’t? It’s not a piece of software, it’s not data privacy, it’s not data security, and it’s not data retention.

Why is having a data governance definition essential?

Since data governance is about supporting and empowering people to change how they manage data for the ultimate benefit of the firm, the best way we can help and support them is by sharing a common definition so that everyone understands what we’re doing.

If you have questions or want some help with data governance, you can contact me on the IronCarrot.com website.

Next time, we’ll begin at the beginning by finding out why data governance differs from data management.