Your SlideShare is downloading. ×
Guide dogs
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Guide dogs

971
views

Published on


0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
971
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
5
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Data Governance at Guide DogsPresented by: Jane Huntington - Data Manager Maria Novell - Head of Individual Giving
  • 2. Introducing…Data Governance Why.. How.. Who.. Where are we.. Where next.. 2
  • 3. Data Governance Definition 3
  • 4. Why?Data Governance 4
  • 5. .  Fast growing and multiple fundraising, campaigning and marketing programmes;  Service user information, HR systems, finance systems, fundraising CRM and operations systems;  Multiple office locations; How does Guide Dogs ensure its data is being dealt with in a compliant and comprehensive way across the organisation?  Data Governance will set policy that the organisation will follow as it establishes architectures, implements best practices, and addresses requirements.  Governance can be considered the overall process of making this work. 5
  • 6.  we need to do more than manage data; we need a governance system that sets the rules of engagement for management activities 6
  • 7.  New CEO Guide Dogs Change Programme 7
  • 8.  New CIO  IT Strategy 8
  • 9. Results from Data Discovery Exercise 9
  • 10. Some issues: Over 30 data collection points maintained in 3 or more Guide Dogs central systems People Data managed separately in at least 6 systems – Individuals on more than one system not recognised as such Overall quality of Guide Dogs data unknown Security needed tightening in some systems 10
  • 11. Other areas to consider… Policies and procedures Compliance Culture of awareness Information and principles 11
  • 12. How?Data Governance Board 12
  • 13. May 2011First Data Governance Board meeting held 13
  • 14. Terms of ReferenceThe Governance Board will: Identify and Allocate or Resolve Issues Agree High Level Definitions, for, eventually, all data elements Agree Criteria for Acceptable Data Quality Review Results of Data Quality Monitoring Manage Stakeholder Care and Communications Agree Data Security Requirements i.e. the roles that should have access rights to data, becoming the ultimate ‘sign off’ for access requests (delegated for Business as Usual) Ensure and Monitor Compliance with Legislation - Confirm the data sensitive to legislation (e.g. Data Protection Act, Records Retention or Payment Card Industry Data Security Standards) and agree how it is managed 14
  • 15. DGB Meetings Agenda Working groups Presentations, feedback and sign off Data related activities (to do list!) 15
  • 16. Issue Recommended Resolution Decision Made / Priority Complex Target Issue Description Impact Owner Status Nbr Action(s) Required (H,M,L) (H,M,L) Date1 General Check if there are real requirements, if so investigate reasons for not We will actively Pockets of spreadsheets exist (e.g. Uncontrolled data held outside adding to core systems. If the hunt down breeding centre) because: of systems has potential functionality is not available plan the occurences in - Data is not trusted1.2 Spreadsheets security, DPA and records provision by including requirements in Finance, H M JC Ongoing - Required functionality apparently does retention exposure. Accuracy enhancements or new systems, if not Operations, not exist is also suspect use training and or persuasion! Clean Fundraising, HR and - End user doesn’t trust security and add data to the appropriate External Comms data store2 Data Quality No data quality audit however, in GDI data changes applied are audited as a Investigate current, Define Quality measures and result of triggers on most tables, Fetch has identify gaps, cross Guide Dogs cannot rely on the introduce data audits to measure date and who changed (and sometimes functional2.1 Audit accuracy of data as there is no quality and introduce a link to H M JC In progress created) on all tables, some have history requirements and reliable way of measuring it. individuals appraisal. Include as an to show what it was changed from. There measures for objective in new job specs is no apparent sanction over poor data reporting entry. Data4 Protection Subject Access Requests are still being held on a spreadsheet (accessed by NG and JF). There was an initial request to get this Lack of security, backup Subject Access information stored on Ascent, however Investigate the best place for this Outstandin4.7 routines etc make this data L M NG Request because of the effort and the number of data and migrate it g vulnerable requests that are submitted in a year (around 10-20), a recommendation was made for users to continue to use the spreadsheet. DPA Breaches How should we classify and report on DPA Review current criteria, enhance as Outstandin4.9 Regulatory exposure M M NG Reporting breaches necessary and update reports g Personal Details are emailed to and from Finance - Payroll summary from HR to Finance for Emailed sign off Regulatory and reputational Replace each type of mail with a Allocate and4.10 M L Personal Data - Supplier (Employee Expenses) Bank exposure more secure option prioritise Details confimed back to supplier - Bank Details Changes sent from HR to Finance to update SAGE Records5 Retention 16
  • 17. Who?Data Governance Board 17
  • 18.  Chief Information Officer Data Protection Officer Head of Legal Safeguarding Manager Business users – all areas; Finance, HR, Fundraising, Marketing, Operations Information Systems Database Managers 18
  • 19. Where we are now… Data Governance Boad 19
  • 20. Complete On-going OutstandingCompliance Subject Data Access Audit Requests DPA Training Record Data Retention Breach Management Procedure PCI Volunteering Compliance 20
  • 21. Where next?Data Governance Board 21
  • 22.  Introduction of Data day Planning to run the ICO Think! Privacy campaign Suppressions Management Debating the day to day management of each of the data governance elements New streamlined board structure 22
  • 23. Where do you start? Data Governance Board 23
  • 24.  Dama – UK Chapter http://www.damauk.org/ Audit your existing processes Be clear about what and why Identify your risks and challenges Prioritise 24
  • 25. Thank you… 25