Databases Reference
In-Depth Information
And, finally: Where does the IT department it into all of this? IT should
be tasked with using all available technologies to implement and enforce
the policies (policy compliance) set forth by the executive sponsors and
regulatory agencies. The business side of an organization in conjunction
with IT also should be responsible for defining the data dictionary and
standards through the use of data governance subcommittees that report
back to the larger data governance committee. IT is responsible for the
actual implementation of the data dictionary within the relational data-
base management system.
If each of the aforementioned parameters are considered when deter-
mining the requisite stakeholders for ensuring compliance, a model for
data governance can be constructed using an interorganizational group,
with each member holding various responsibilities for data governance
and privacy and security.
TableĀ 6.1
depicts four scenarios for executive
sponsorship. In each scenario, a different group member within the data
governance committee assumes responsibility for the data based on the
type of data. This structure offers a solution to the dilemma detailed above
by reassigning primary responsibility for privacy, compliance, data integ-
rity, and quality based on the data type and the user of the data.
In this model, we will assume that the organization has a clear financial
hierarchy, includes clinical care, and has a strong research component.
This may be a hospital, a medical school, or another healthcare organiza-
tion with research interests. Within scenario 1, the primary focus of the
data will be financial data used for business intelligence and overall orga-
nizational management. In this model, the CEO/CFO hold the primary
responsibility for the data; the CMO/CMIO/COO also have a high level of
responsibility for the data, its integrity, and quality based on the clinical
care aspects of the organization; the PIs of the organization have little
responsibility and will serve an ancillary role within the data governance
committee; and IT will serve as the implementation arm of the committee.
In scenario 2, the focus of the data is research driven. Despite the research
nature, the CEO/CFO should still maintain a high level of responsibility
followed by the CMO/CFO, and overall research compliance rests with the
Institutional Review Board (IRB), which may not be represented within
the organization's data governance structure. In the absence of IRB mem-
bership within the committee, the IT/Compliance member will serve as a
liaison and provide advisory functionality within this scenario.
In scenario 3, IT/Compliance is considered the executive sponsor for the
data. An example of such data would be an IT asset management system.
Search WWH ::
Custom Search