Next-Generation Data Governance

By: Kimberly A. Houser & John W. Bagby The proliferation of sensors, electronic payments, click-stream data, location-tracking, biometric feeds, and smart home devices, creates an incredibly profitable market for both personal and non-personal data. It is also leading to an amplification of harm to those from or about whom the data is collected. Because federal law provides inadequate protection for data subjects, there are growing calls for organizations to implement data governance solutions. Unfortunately, in the U.S., the concept of data governance has not progressed beyond the management and monetization of data. Many organizations operate under an outdated paradigm which fails to consider the impact of data use on data subjects due to the proliferation of third-party service providers hawking their “check-the-box” data governance systems. As a result, American companies suffer from a lack of trust and are hindered in their international operations due to the higher data protection requirements of foreign regulators. After discussing the pitfalls of the traditional view of data governance and the limitations of suggested models, we propose a set of ten principles based on the Medical Code of Ethics. This framework, first encompassed in the Hippocratic Oath, has been evolving for over one thousand years