Posted: 21 Oct. 2021 3 min. read

Data Ownership: What’s in a Name?

Ownership (n): the exclusive right to use, possess, and dispose of property.

Who is a Data Owner?

When implementing data governance at an organisation, one of the critical questions is “who should be a Data Owner?”. Typically, a Data Owner is a strategic decision-maker — in contrast with Data Stewards, who often operationalise policies and manage the data day-to-day. 

Data governance often involves a cultural shift towards a position where data is being shared and used to create value across the entire organisation.  As role titles can be emotive and must work for your organisation’s structure, culture and ways of working, this article explores the role of a Data Owner and whether the concept of ‘ownership’ fits with the various interests that are at play within a data set.

What should the owner do?

While the Data Owner for any given data set may change through its lifecycle, the definition above suggests that the ‘owner’ has sole responsibility and exclusive rights to the data set. In your organisation, data sets may have multiple users that process the data for different purposes. Take ‘customer’ data for example; it may be owned by an individual within the customer service (or similar) function, but that data may have originated from a marketing touchpoint through to the sales function and ultimately on to the operations and finance functions.

When making decisions on the dataset, the Data Owner should consider the interest of all data users. However, appointing a single individual as ‘the owner’ may lead to negative behaviours such as applying a siloed approach, or a focus on a subset of data rather than considering the breadth of need from all functions. This can result in poorer data quality or minimal metadata to support certain fields that are not a priority for the owner personally. You should watch out for these behaviours as they can inhibit the availability and flow of data, leading to inconsistent reporting, missed opportunities and decisions made based on inaccurate data.

What about the customer?

In addition to the interests and usage requirements across different functions within your organisation, for customer data, it is also important to consider the interests of the data subject (i.e. the individual whose data is being processed). Legally, they should be viewed as the ultimate ‘owner’ of their own personal data. This right is enshrined in law with the implementation of the EU General Data Protection Regulation (GDPR) in 2018 and has since been broadly mirrored globally. GDPR introduced additional rights and control around data to individuals. The data subject can raise a request to be sent a record of what personal data is held on them, how it is being used and for what purpose. In addition, individuals can raise a request to have their data deleted.

As such, in this example there should – at the very least – be a sense of ‘joint ownership’, with the individual being responsible for providing accurate and up-to-date information and the organisation responsible for protecting the most up-to-date data once it comes under their control.

Does the role work for you?

While there are multiple interests at play within a dataset, there should be a consistent desire across all stakeholders to protect, maintain and process data in a way that maximises its value whilst acting transparently and ethically, and complies with relevant laws and regulations.

As with many components of data governance, there is no simple ‘one size fits all’. Decisions such as the role title, role descriptions and roll-out plan can have a significant impact on the buy in and culture shifts that become the foundation of your data governance framework. So that leaves us with the question, do the titles and descriptions in your organisation fit with the behaviours that you want to embed?

Sign up for the latest updates

Key contacts

Emily Durn

Emily Durn

Senior Manager

Emily leads the Information Management Team for Corporate and Public Sector in Deloitte’s Data Risk & Analytics team. She helps organisations to establish governance, controls and organisational structure to treat data as a corporate asset, both by mitigating risks and driving value. Emily is an Information Management professional with over 15 years of experience.

Hannah Mackenzie

Hannah Mackenzie

Consultant

Hannah is a Consultant in the Information Management Team for Corporate and Public Sector in Deloitte’s Data Risk & Analytics team. She is actively focused on supporting the Data Governance capability, with experience working with organisations to assess and improve their data governance maturity. Hannah's academic background includes a First Class Honours in BSc Geography from the University of Nottingham with work experience ranging across Media, government and public sector.