What’s the difference between Information Governance and Data Governance?

Information Governance vs. Data Governance

A frequent question that comes up in stakeholder engagement is, “What’s the difference between information governance and data governance?” An equally frequent question is, “Why does our firm need both information governance and data governance?”

These are great questions because, from the perspective of someone who doesn’t work in these teams (or have experience in these disciplines), I can totally understand why there is confusion about the purpose of (and the benefits of having) both teams.

In this article, I’ll explain (at a super high level) what information governance and data governance are, why it is important for law firms to have both, and how they can work together to support a firm’s strategy.

What is Information Governance

Information Governance has its origins in the discipline of records management. Historically, this dealt with the creation, retention, storage, and eventual disposal of paper records. With the exponential increase in digital records and an increased regulatory burden, compliance with regulations by actively managing the record lifecycle became more than traditional records management best practices could handle.

Information governance evolved over the last 30 years to become a holistic, multi-disciplinary, approach to managing information. This includes Data Strategy, Governance Frameworks, Inventories and Categorisation, Data Classification and Retention. Data Quality Management, Access Control and Security, Metadata Management, Data Privacy and Compliance, Data Lifecycle Management, Training and Awareness, Monitoring and Auditing, and Continuous Improvement.

What is Data Governance

Data Governance is a collection of practices and processes which help to ensure the proper management of data assets within an organisation. It is the framework that enables conversations between the right people to improve the firm’s strategic data management.

Data governance has the right roles, accountabilities, and responsibilities to support the firm’s people to better manage the firm’s data, which contributes to delivering the firm’s strategic goals.

There are documents, standards, best practices, etc., which can also help, but fundamentally it is about the activities of people, mainly how they work together cross-functionally.

Similarities and differences

Data Governance includes concepts such as Data Ownership and Data Quality to help a firm gain better control over its data assets. Implementation includes methods, technologies, and behaviours around the proper management of data. It also deals with security and privacy, integrity, usability, integration, compliance, availability, roles and responsibilities, and overall management of a Firm’s internal and external data flows.

On paper, Data Governance overlaps extensively with the full definition of Information Governance. If we were taking a purely academic view, we might say that data governance is a subset of information governance.

In practice, Law Firm Information Governance teams usually have limited responsibility rather than holistic firmwide accountability. Their activities are focused on Data Privacy, Data Protection and Records Management. This includes processes like DPIAs and ROPAs.

Why do law firms have both

It is important to have both because data experts come in many forms. Remember that effective data (or information) governance requires collaboration across functions and practices, plus commitment from the firm’s leadership.

To successfully manage data as an asset and ?(compliantly) harness the power of a firm’s data, you need both the support of a data governance framework and the discipline of data/information lifecycle management.

It is this requirement for the combination of rules, roles and responsibilities, plus effective retention and classification that demonstrates the need for both teams.

The exact lines between the teams in terms of accountability and responsibility differ from firm to firm. But, in conjunction with Information Security and Data Protection teams, all areas of the wider Information Governance discipline are delivered effectively.

How do they work together?

There are (broadly) 2 organisation structures for law firms which have both a data governance and an information governance capability.

1. The Information Governance Teams is in the General Counsels Offices, and the senior person in that team is the Data Protection Officer. Data Governance is a CoE within the Information Governance Team
2. The Information Governance Team is in the Technology or Knowledge Management team. Data Governance is a Centre of Excellence (CoE) within a Business Intelligence or Central Data Office Team.

Looking at this from the data governance perspective, a fully functional data governance framework matrix includes all the other critical data stakeholders, such as Data Protection Officers, Information Governance Managers, Records Managers, Information Security Teams, and Enterprise Architects.?

The line management structure is irrelevant. It is these teams' knowledge of the firm and their specialist data roles that are invaluable to the success of the data governance framework and firm data strategy.

Information Governance Team members may be appointed as advisors to one of the groups or have a supporting role within the Data Governance Centre of Excellence.? ?Whichever approach a firm takes, you can make the most of their involvement by separating their participation from their day job. Information Governance team members' participation should be documented to avoid confusion about their roles, accountabilities, and responsibilities within the Data Governance space.

It is the combination of skills and capabilities which allows the successful delivery of a data strategy which supports the firm’s strategy. They are able to identify and define specific goals such as improving data quality, ensuring compliance, or enhancing decision-making. ?Both teams and other data stakeholders will help the firm continuously improve its data capture, use, reuse, and retention or deletion.

Conclusion

Information Governance and Data Governance disciplines are important for law firms to manage their data effectively. They enable the firm to comply with regulations and achieve the firm’s strategic goals. To do this, it's essential that these teams work together to provide a managed information and data lifecycle coupled with a strong governance framework.

How Iron Carrot can help

Innovative law firms have big goals for improving the client experience through data innovation.

Through our extensive law firm background, we have developed a unique data governance road-mapping approach to help law firm leaders launch the proper foundation for their data strategy.

If you want to chat confidentially about how Iron Carrot can help your firm with its Data Strategy and Data Governance initiatives, then send me a Direct Message via my Profile, or book a call via the Iron Carrot Limited website.

#datastrategy #datagovernance #legal #lawfirm #datadriven #dataenabled #informationgovernance