Mastering data sovereignty for business success

Technology

Caroline Carruthers at Carruthers and Jackson describes how data sovereignty can enable businesses and individuals to increase control over their data

Global data fluidity, advancements in digitalisation and the proliferation of data-driven technology, has sparked national and international conversations around who controls data and how it should be governed. As a result, many countries are developing laws and regulations to deal with the boundless nature of data.

Data sovereignty- the concept that information that has been generated, processed, converted and stored in binary digital form is subject to the laws of the country in which it was generated- has emerged as a response to this question. The principle asserts that nations should have the authority to regulate and control data within their borders, similar to how they govern other aspects of their territory to safeguard sensitive data and empower businesses and institutions.

The broad concept of data sovereignty is often intertwined with questions of legislation, governance, privacy, security and international business competition. As a result, the term is increasingly dominating the business agenda.

So, how can businesses incorporate data sovereignty into their strategies and ensure compliance while fostering innovation, and achieve long-term success?

Data as a strategic asset

Data should be considered one of the most vital assets a company can have because it provides the solid foundation on which everything can be built. As the world continues to become a digital, globally connected ecosystem, research has found that companies which are data-driven are 23x more likely to acquire customers, 6x more likely to retain those customers and 19x more likely to be profitable as a result.

Against a global backdrop where data generation is increasing from every avenue, building data sovereignty into business and data strategies is crucial for any organisation hoping to navigate the complex landscape of global data successfully.

Compliance without compromising innovation

Firstly, and most importantly, businesses must ensure they remain in line with data legislation as nations will demand data sovereignty compliance. Specifically, all personal data stored within the EU will be subject to the General Data Protection Regulation (GDPR), regardless of which country the data was originally gathered. The GDPR primarily aims to protect personal data and ensure the privacy of individuals by restricting the transfer of data to countries that don’t provide adequate levels of protection.

To ensure compliance, whenever exploring a new opportunity in a data team, regulatory considerations must be made first. Data leaders should be incredibly familiar with any regulation, and continually be asking themselves, ‘am I keeping customer information secure? Am I abiding by GDPR? Am I acting ethically?’

With that being said, don’t let the importance of data sovereignty and regulatory compliance insert fear into your team, or limit any new or creative ideas. I often have data leaders telling me they can’t do something because of GDPR, but actually, if you look closely and understand the legislation… you can still do an awful lot! We can’t let the bright-eyed creativity that first attracted data leaders to their role be overwhelmed by worries about data compliance.

Although the regulation side of data leadership is important, it doesn’t (and shouldn’t) have to define the role.

Keep data strategies dynamic

As legislation and ethics continue to evolve, it’s critical that a business’s data strategy is ‘alive’ and constantly undergoing regular review to remain flexible. A data strategy isn’t simply a tick-box exercise that reaches a clear “end point”, it needs to be constantly reviewed and tweaked.

This practice will also help businesses improve their data governance. Many see data governance as the need for a set of comprehensive rules that keep data within narrow and easily controllable confines. To me, those organisations with rigid data governance actually end up doing more harm to their data operations than good, with overbearing regulations that stifle creativity in the name of compliance.

Instead, governance, which should also be reviewed on a continuous basis, is about marking the outer boundaries of data operations and giving data leaders as much space as possible to innovate and develop their processes.

Strong data foundations

While ensuring regulatory compliance, businesses must also focus on having a strong, understandable data strategy that supports business growth.

Whenever data leaders come to me with questions, I always tell them to start with the basics: once you’ve got your data foundations right, you can worry less about compliance and more about the exciting innovations that data can unlock.

In order to become a more ‘data mature’ organisation, the first step a business has to take is to understand the purpose of data. Organisations will typically have a data strategy that outlines how they’ll use data, which may include a code of best practice. This simply isn’t enough. By defining the real purpose of data, organisations can go beyond the ordinary and really harness the potential of data-driven business transformation.

After the purpose is established, businesses need to focus on people, because, what really makes or breaks an organisation’s data strategy is the people using it every day. Ensuring existing employees understand what data can do for them is critical.

This needs to start at the top, with senior executives making data based decisions and promoting a corporate culture that treats data as an asset on a par with technology, finances or human resources. This promotes data literacy amongst all staff and allows an effective, organisation wide data strategy to be implemented.

A data strategy also needs rules and roles to unlock peak performance. At its most basic, the method by which data is extracted and used by a business should be determined by a clear set of best practices within an organised structure. That isn’t to say that it needs to be a rigid structure that puts people into predefined boxes, but rather one where roles and responsibilities are clear and agreed.

It’s also crucial businesses understand that to get the most out of their data, they need the right tools in place. This doesn’t mean jumping onto the latest IT trends, for example thinking every problem suddenly needs to be solved with Gen AI due to the ‘hype’ around the technology. For an organisation to get the most out of its assets, technology and organisation wide data need to work together to unlock the full potential of the different tools.

Endless possibilities

The capabilities of data are exciting at the best of times, but as recognition for its value increases and technologies advance, possibilities are becoming truly endless. To unlock this potential, businesses need to deploy strong data strategies, which are compliant, adaptable to changing regulation, but ultimately focused on innovation.

This can be achieved by fostering a culture of data literacy, ensuring organisation-wide understanding and commitment, and aligning people, processes, and tools effectively.

By balancing compliance with creativity and embracing continuous improvement, businesses can harness data’s full potential, driving growth and securing a competitive edge in the digital era.

Caroline Carruthers, is a data expert and CEO of Carruthers and Jackson, a global data consultancy that works with charities, public sector organisations, and banks, healthcare and technology organisations to support their data strategies. She is the co-author of Data Driven Business Transformation

Main image courtesy of iStockPhoto.com and Galeanu Mihai