Two colleagues looking at data in touchpad while businessman giving explanations
By: Jessica Lockett
How can you address what you don’t know you have? No, this isn’t a trick question. The answer is simply that you cannot. To know and effectively address what data your organization has, you must take a few steps back and define, create and implement an overall data strategy.

What is a data strategy?

In short, a data strategy is a framework for how your organization acquires, stores, manages, shares and uses its data. It is the building block to comprehensively support data and risk management across an organization. Storing vast amounts of data without a defined strategy can bring increased security exposure and legal risks to your organization.

Does your organization have a defined data strategy?

A poll conducted during a past Canadian Corporate Counsel Association (CCCA) webinar on Data-driven decision making: Building a data strategy to attendees revealed that only 18 per cent of respondents had a defined data strategy for their organization, while 50 per cent did not and 33 per cent were unsure.
Of those 18 per cent who did have a defined data strategy, only eight per cent were confident that the plan was being adhered to across their organization. 46 per cent answered they were “somewhat confident” and the remaining 46 per cent had low confidence in their organization’s data strategy plan.
Though some might find these metrics jarring, they were not altogether surprising. In fact, we see this reality across the varied organizations that we support. Often, it isn’t until a “triggering event” occurs (such as a lawsuit or a data breach) that an organization will go into reactive mode and work backward by trying to establish a data strategy where one did not previously exist. However, working proactively rather than reactively to develop an effective data strategy can help save significant time and cost in the face of a triggering event. It may even help to prevent one in the first place!

Benefits of developing a data strategy

 There are several benefits that come with developing a data strategy. Within the legal context, an effective data strategy can allow for reduced discovery and review costs associated with a triggering event, reduced risk of accidental disclosure of protected information such as Personally Identifiable Information (PII) and enhanced security of confidential materials.
By integrating data mapping, data access rights and data storage management, a well-thought out data strategy can save your organization time, money and frustration all while maintaining its goodwill and reputation as a legally compliant and proactive organization.

What do you need to consider when creating a data strategy?

Before devising your organization’s own data strategy, consider the following questions:
 – What data does your organization have?
 – Is there PII? Is it Confidential? Is it privileged?
 – What are the risks associated with the various buckets of information your organization has?
 – Where does the data live?
 – Who can and who should access it?
 – What tools does your organization have to store and secure it?

Who will benefit from a data strategy?

 There are risks in every organization pertaining to data, whether it’s risk of a data breach, disclosure, or risk of not meeting legal discovery obligations. Strengthening defences via an effective data strategy is a fundamental way to minimize risks.
Within your organization, every division benefits: legal and compliance will gain an advantage from a risk perspective while IT will be able to ensure all the data is kept safe and available only to those who require access.
If you need help getting an effective data strategy in place, or even just want to know how to get started, get in touch with our team today!