Data management examples
Data management takes strategies and turns them into action. Good data management does this in a clear and concise manner. It will also ensure data security and protection, especially considering the General Data Protection Regulations (GDPR) has put a greater spotlight on ensuring appropriate use of personal data.
If you do not already maintain a complete and accurate information asset register (this is a table of information relating to the important datasets that the Department is responsible for) then you need to. To start with it may look like this:
|Communications||Website webmaster requests||Database of requests submitted to the Horizon intranet team of requests for changes to the intranet||To help manage the work of the team and provide a record of changes to the intranet||Protect|
|Communications||Directory of business||Staff contact directory listing staff names, telephone numbers, email, roles and management structure||To allow staff to find and contact colleagues across the department||Protect|
Table adapted from HM Gov Information asset register
You will then want to expand it so it includes core information as to how data can be reused and how data can be protected.
- Protected elements?
- Single responsible person
- Existed sharing of the data
- Can the data be shared once processed?
In these areas we look to consider in more detail the data your organisation holds. This will include, for example:
- Personal information (now increasingly protected by GDPR (General Data Protection Regulations))
- What personal data exists
- Do you have rights to use this data
- Do you have the rights to process it further
- Consent - where is the data shared, and has this permission been received
- Can I de-personalise data to share it
- Is this data shareable in-line with the ODI spectrum
- How can I make this data “open data”
North Lanarkshire Council are one organisation who have embraced a clear and concise approach to all the data they hold. They categorise the data into only three types.
- Official Sensitive Data - is data that is sensitive either due to the personal information held within it or the commercially sensitive information held within it. This data is not for sharing, or for sharing with only set authorised groups. Official sensitive data is effectively a subset of the following type.
- Official Data - is recognised as a data type that can be accessed by anyone in the organisation without restriction.
- Open Data - is recognised as not having any sensitive nature and can be published as open data.
© University of Strathclyde