Developing an organizational data strategy that aligns with your mission requires thinking about how different people and systems interact with data over its entire lifecycle.
View As List
View As Diagram
Collect
Data Lifecycle Decisions: Collection
Technology
- Are the data being collected passively or actively (through crowdsourcing, e.g.)?
- Are they being collected through structured mechanisms such as surveys or interviews?
- When do OS defaults need to be changed (location, ID numbers, etc.)?
Governance
- Are the sources of the data giving active consent to have their information gathered?
- What rights are contained within that consent?
- If information is being collected passively, what rights do people have to correct or remove their data?
-
Under what circumstances is Personally Identifiable Information (PII) collected?
Management
- Communicate and implement data ownership and confidentiality conditions
Analyze
Data Lifecycle Decisions: Analysis
Technology
- Where is the analysis done and how is it done?
- Will the raw data be shared for additional external analysis?
Governance
- If expertise will be required for analysis, how will this expertise be determined?
- Will the raw data be shared for additional external analysis?
Management
- How will analysis be shared?
Store
Data Lifecycle Decisions: Storage
Technology
- Where will data be stored – In the cloud? Onsite?
- What security/encryption protections are needed?
- With iterations of data, how often are the data stores updated?
- Are multiple datasets required for data protection/anonymization?
- Will they be stored separately?
Governance
- What types of data need to be redacted, anonymized, removed?
- Is encryption needed?
Management
- How will redactions/anonymization choices influence data use, validity, and sharing?
- How will these decisions be communicated during collection process?
Access
Data Lifecycle Decisions: Access and Sharing
Technology
- What security/firewall systems are necessary for providing external access to data?
Governance
- Will users have free access to raw data? To analysis?
- If there is a price how will it be determined and charged?
- Are there licenses needed?
- Will data be shared with full rights to manipulate and re-share?
- What liability protections are in place regarding external use/analysis
- Are data accessible all the time or only one-time?
Management
- Who will manage licensing process and monitor use/analysis/external use?
Secure
Data Lifecycle Decisions: Security
Technology
- How will data be protected – from what and where?
- What backup process will be used for which data sets?
Governance
- Are all data sets protected under same guidelines?
- When are exceptions made?
- What steps are in place in case of data breaches?
Management
- Determine protection level required and implement appropriate steps.
Destroy
Data Lifecycle Decisions: Destruction
Technology
- What systems are necessary to ensure data destruction?
Governance
- How do retention/destruction policies align with mission and perceived risks?
Management
- Implement necessary timelines for data destruction and communicate these as part of data collection/analysis process.
Information experts and specialists, like librarians, know a lot about managing information and data. Here’s a simplified version of the many steps involved in a professional process.
At each step in the lifecycle there are several layers of decisions and decision makers:
- Technology
- Governance (including communications)
- Management