Mike Allen's Blog

Doing Smarter Things With IT

Analysing Data Ownership

Finding data ownership can be a really worthwhile task. There you are with the task of documenting a database, someone suggests that you google a few definitions and and do a bit of cut and paste. Then you decide to do something worthwhile, and determine who owns the data, this may cause a few sharp intakes of breath from those that think the IT department owns the data. If you want to attach a bit of methodology, think of applying a Zachman Framework to the data structure as a business model (don’t get too hung up on Zachman). Once you’ve started identifying ownership you can start thinking about dependencies, permissions, life-cycle’s and all sorts of other data goodness. That list of data owners will be useful for a number of roles, managers, analysts, testers etc. The structure may not be simple, you may find records with multiple owners and have to negotiate who is the master, and it’s a good idea to have a single master, for transactional data it may be you!

This is where the a governance model comes into play, IT can be the keeper of the metadata, assuming you have the luxury of an IT department else the responsibility falls to the data owner. The owner will have contributors and consumers and needs to be aware of who they are and what their rights are. Individual data items may be owned by customers, please consider confidentiality and privacy considerations. Useful information can be collected down to the individual data item, you may need to define some domain information for some data items, alternate names and scope.

Once all this information is is collected, or maybe even sooner, it is important to publish, and publish so that all stakeholders can access the information. Then when someone says “We need a new keyword for this!”, they can find the ownership and responsibilities of “keyword” and act accordingly. Database documentation, if you build it well, it will be adopted and maintained by the business as an asset.

A New Blog, a Fresh Start

In the beginning I was in love with WordPress and how simple it was. When I wanted to host my own blog, it got more complicated but it was bearable. I started using ASPX and C# a little, but I stuck with WordPress as there was no equivalent C# available. We used ScrewTurn an ASPX, C# product at work, I selected it, but then it was discontinued. Then I had a few issues with WordPress and I thought I’d look around and BlogEngine caught my eye, ASPX, C# Open Source, fresh and fast, what wasn’t there to love. Even better Open Live Writer became available on the Windows store, a match made in code,

So here we are with a fresh blog and a new blogging client, I’ve cleared out some old content and I’m ready to blog again.

Meanderings on Privacy

Privacy is often treated as a legal obligation for a business . Privacy is more than a legal obligation, it is at the heart of the relationship between the business and its customers. Confidentiality and the customer expectations of confidentiality must be aligned in order to build trust in customer relationships. Privacy policy is often regarded as a requirement to comply with government regulation rather than an aid to better customer relations.
Privacy requires thought about a business and its interaction with external entities. Let me pose a simple questions. Should the privacy policy of a website and the organisation that owns the website be the same policy? How does all of this relate to terms and conditions of use of a web site? Sorry that was another question that came to mind. What about web site cookies?
How should privacy policy be presented to external entities, individuals, Companies and Agencies? A summary statement would seem to be a good idea (please don’t include the words ‘we take your privacy seriously’, devalued from over-use), a good summary should incorporate your business approach to privacy, particularly important if you have many individual customers who have rights under the privacy act. Various parts of the policy can then address individuals, other businesses and agencies and areas that cross all of these such as data retention.
Another area that is often ignored is paper records, most businesses of any size acquire paper documents. If you are lucky you have retention and disposal policies for paper records, if not they should reflect your electronic standards. But that’s a whole other area; however it does need to be considered in your privacy statement.
Of course this is just my opinion, but next time you look at your privacy policy, just think, what is this doing for our business? have we looked at this recently?