Databases Reference
In-Depth Information
Data security refers to the processes that are used to ensure that data are
not only available to those who need it for servicing customers, but that such
data are private and include aspects of access controls and other measures
to ensure privacy and compliance. Data security requires that personal data
are protected through safekeeping, free from corruption and unauthorized
access. Many computer systems and databases used throughout the busi-
ness world, educational institutions, and healthcare facilities encompass
information containing names, addresses, telephone numbers, birthdates,
social security numbers, and other financial or personal health informa-
tion, depending on the agency or organization's mission. While these data
elements are essential components for the day-to-day operations, such data
can be used to harass, steal a person's identity, sell to the media, or simply
learn embarrassing information regarding the customer. Therefore, many
organizations choose to encrypt its data or use various layers of control
to protect the data used for business purposes. Even though organiza-
tions should consider privacy and data security as essential components of
doing business, the rationale behind adherence to these basic needs have
not always been based on altruism. Therefore, the state and federal govern-
ment have mandated several regulations that require compliance as part of
doing business.
Compliance with regulations is not an arbitrary concept and noncom-
pliance is not inconsequential. Regulatory compliance, in terms of insti-
tutional compliance, is the process to ensure that laws and regulations
that govern how business is conducted are followed. Throughout the data
governance discourse, techniques on improving compliance and mech-
anisms for doing so efficiently and effectively are deliberated. There are
ever-increasing regulations that can govern a single organization and each
must be adhered to while under not only internal scrutiny, but that of the
general public, shareholders, and governmental entities. As the needs for
compliance grow and the penalties associated with noncompliance also
increase, organizations are adding compliance officers to the staff and
relying on their expert guidance as internal policies and procedures are
created. These individuals are legally trained and experts in interpreting
the regulatory codes that impact the organization's business model. The
compliance officer's role is one of great importance within the data gover-
nance committee.
The data governance committee is focused primarily on defining and
understanding data as an asset and must develop policies and procedures
that not only align with the organization's mission, but with regulatory
Search WWH ::
Custom Search