Information Governance in Analytics

In heavily regulated industries, local, national or federal regulations tend to govern the most interesting data that could feed valuable analytics insights. As these regulations and laws have matured and become more numerous over time, they ultimately define and control key information created and used in these regulated industries.

Regulated data can originate from applications (i.e. transactional data) or human actors (i.e. communications or know-your-client information in the case of banks) and can occur in the form of structured or unstructured data. However, across industries, this data shares two common threads:

1. It tends to be the most important, most interesting data in the enterprise.
2. It's generally covered by increasingly complex / stringent regulations.

Unique Scope vs. Universal Platforms

Companies in regulated industries must follow stringent government regulations which restrict everything from who can access that data to when and how it must be stored, where it must reside (data sovereignty) and when and how – even if – it can be modified or deleted. Failing to meet these regulations or provide adequate proof of compliance can result in fines, penalties, jail time, etc.

In contrast, to increase both the speed and the volume of analytics, most analytics environments focus on simplicity and ease of access. This presents a big problem on the horizon: contemporary analytics platforms have not factored data access control, data retention or data segregation into their design – yet these are all necessary for managing a regulated data environment in a compliant way.

Patchwork Solutions

Companies have tried to manage these competing priorities to get meaningful insights via a range of partial fixes, including:

Small, siloed data lakes that provide limited insight to carefully portioned data: This can fulfill requirements around who can access the data, data sovereignty and data segregation requirements. However, it falls short of achieving the full analytics potential of running large volumes of data from numerous sources.

Archived data duplicated into a separate Hadoop environment: This can meet retention and legal hold requirements by keeping the archive tightly controlled and the analytics environment free of controls. Unfortunately, it also results in data duplication and has raised concerns about access control and privacy requirements.

Hadoop distributions which include information governance like retention, access control, etc.: This can meet some requirements but significantly increases management complexity and potentially slows down the analytics environment. It also doesn’t cover jurisdictional issues of where data must reside and may not meet all data privacy and security requirements.

Unique Solutions for Unique Needs

To meet global regulations regarding retention, legal hold, access control, security, privacy, sovereignty, and more, organizations in heavily regulated industries require analytics solutions which provide a compliant environment with robust information governance. MNP works with clients to help them address these issues and develop actionable strategies that deliver business outcomes.

Tomorrow’s technology is shaping business today. To learn more about how MNP can help you improve your information governance initiatives, contact John Desborough, Director Consulting and Technology Solutions at [email protected].