The wait was perhaps longer than we anticipated, but last year we finally saw the ICO implement the full extent of the new fines administrable under GDPR. Twice in fact – and in a 48-hour window. To any who had not yet appreciated the repercussions of mishandling or inappropriately using data, this was a very big wake-up call.
No small task
With penalties of this magnitude awaiting those who fall foul of data protection regulation, heavy is the head that bears the data crown. However, recent research has found that there is a lot of uncertainty surrounding who should take responsibility for data in an organisation. Over the past three years, the report found that CEO’s have had variable ownership of data, and brand-new job titles have arisen in the interim [The Fourth Industrial Revolution Report 2019].
In fact, in 2017 CEO’s had no direct responsibility for data, and the onus was largely on Chief Data Officers (66%). This peaked in 2018 after GDPR was introduced and responsibility jumped dramatically to 15%. Conversely, 2019 saw responsibility drop to just 9%.
Data a company-wide asset
Data used to be a subset of marketing and/or IT and many tensions arose because of that. It is now central to organisations and needs to sit alongside these disciplines as well as many others such as operations, HR and finance. The value of the data on customers, performance, staff, suppliers and so on means that the real owner of data now is the CEO and therefore having one person report in who is managing the control of the company’s data is essential.
The responsibility has noticeably shifted over the last two years between a number of C-suite roles, including Chief Data Officer, Chief Information officer, CMO, CFO and the newest addition – Chief Privacy Officer (CPO). This begs the question – is this a result of experimentation and trial and error, or merely panicked finger pointing (‘well, that’s your job’)?
More than a third of companies (39%) believe the responsibility of the CDO is setting the data strategy within their firm and owning its results, while 60% believe that this accountability sits with other C-suite executives, or argue that it does not sit with a single role, according to NewVantage.
Horses for courses
It may be that the assignment of this responsibility comes down to a judgement call – namely that the nature of a company and the way in which it uses data will influence who takes charge. This makes a lot of sense. Depending on a company’s corporate objectives and strategy, data will be used in differing ways to reflect this. For example, putting a CMO in charge of data may result in a greater focus on ensuring that data is fit for marketing purposes.
In any case, the good news is that data has become a responsibility that sits at board level – this would have been unthinkable even 10 years ago. It is encouraging (and necessary) that it now gets the attention it deserves, and GDPR has had a huge impact on this.
In 2012, just 12% of Fortune 1000 companies had a CDO. By 2018, 67.9% of surveyed firms reported having a CDO. [Big Data and AI Executive Survey 2019, NewVantage Partners]
Rise of the CDO
In terms of skillsets and responsibilities opinions differ as to what falls within the CDO’s remit. Many believe they should come from a technology background, others a business background, and some think that both are beneficial. There is also the question of how much data governance responsibility a CDO should have. In a recent Gartner survey, two thirds of CDO’s asked said they were responsible for everything from data quality, governance and management to information strategy, data science and business analytics. [Third Gartner CDO Survey — How Chief Data Officers Are Driving Business Impact, 2017]
Above all though, most agree that a CDO should be an agent for change within a business – especially within the first few months of appointment. Liaising and communicating with multiple stakeholders to ensure that appropriate data is made available and securing buy-in from the board to leverage a company’s data as a strategic asset.
No matter who
As the data available to businesses grows and its uses become more versatile and sophisticated – the role of the CDO (or whoever has the responsibility of data management) will only grow in importance. The ‘who’ is ultimately less important, so long as the data is appropriately managed in accordance with data regulations and in alignment with business requirements.
Research points to the benefits of companies that have someone dedicated to managing data. According to a study conducted by KPMG in 2018, businesses that have a CDO are twice as likely to have a clear digital strategy. And two-thirds of such firms say they are outperforming rivals in market share and data-driven innovation. [The Chief Data Officer playbook: Creating a game plan to sharpen your digital edge, IBM, 2016]
Data is such a vital tool for businesses to operate at their optimum capacity. Manage it well and see your company go from strength to strength. Manage it poorly and not only will your competitors thrive, but the downside risk of fines and brand exposure could be enormous.