Data Governance: Building Trust Between Consumers and Brands


Share on LinkedIn

Each time we go online, we leave behind a trail of digital information. As consumers, we demand convenient, uninterrupted customer journeys from our favorite websites and apps, yet we are increasingly concerned about how our personal information is used by the companies we interact with. It’s a delicate balance for brands and consumers.

When it comes to safeguarding the information we share online, 77% of Americans place the responsibility on the businesses requesting it. Although consumers recognize sharing personal information online opens the door to threats, they expect businesses to mitigate the risks.

Brands can build long-term consumer trust by implementing sound policies and practices that consistently protect customer interests. This is the essence of data governance.

What is data governance?

Data governance is the process of regulating the availability, integrity, and security of an organization’s data, based on both internal data standards and external privacy regulations. It is important for data governance programs to provide effective, reliable, and privacy-compliant data.

Data governance is not a one-size-fits all concept. Every company has a slightly different variation of data governance and method for how they organize their company around it. For example, some companies take a technical approach and focus on metadata management or data lineage tools. Others take a business orientated approach and focus on writing policies and creating oversight committees.

At the heart of it, data governance serves as a dedicated framework to ensure the right people, processes, policies, and technologies are in place so data within a business is discoverable and anyone who handles it (data stewards) upholds the proper procedures.

Data governance, privacy, and compliance

Establishing data guidelines and cataloging data typically falls into three categories: compliance, privacy, and data governance. You could say they represent three legs of a data protection stool, each working together within an organization, each playing a vital role to build trust with customers.

Compliance ensures adherence to laws and regulations, a hot topic currently among marketers. While most in our industry are familiar the California Consumer Privacy Act of 2018 (CCPA) – the foundational consumer privacy regulation in the U.S. – the law is expanding in 2023 under the new California Privacy Rights Act (CPRA).

Several new state-level consumer privacy bills will go into effect in 2023, in Colorado, Connecticut, and Utah. Compliance teams face major challenges navigating the patchwork of inconsistent state laws and privacy bills. While a federal privacy bill appears to have strong support, it will take time to pass such sweeping legislation.

In terms of data breaches, the costs to businesses averaged $3.86 million in 2020. Privacy efforts work to secure consumer data and avoid catastrophic breaches that damage brand reputation. Protecting consumer rights and consumer information is key. Businesses need to modify their privacy programs and ensure new operations are in place to meet upcoming requirements.

Data governance threads compliance and privacy efforts by ensuring data is managed across all business units and that data policies are not only in place but are implemented and the rules are followed.

Data governance’s integration of traditional data functions can often take place behind the scenes. It’s important to emphasize, however, that data governance is its own specialty and requires attention and resources. Businesses should not look to existing staff to implement data governance as side project. This will not work. To build a data governance program that scales and supports future needs, companies need dedicated teams.

Data governance for brands and consumers

During the past few years marketers of major life purchases have seen an explosion of online shopping. Consumers are buying insurance, mortgages, and even higher education loans online. Marketing tools to reach consumers with personalized offers have become more sophisticated. Since big purchases require consumers share sensitive personal information, companies must have safety measures in place to meet growing data privacy needs.

Ideally, data governance programs consider the consumer at every stage of the data lifecycle and look beyond how data benefits the business. Data is powerful. Businesses must consider what they should do with it, and not simply what they can do with it.

Along with regulatory requirements, as companies contemplate data use cases, a good question to ask is ‘how would I feel if the data in question belonged to my grandparents?’ Understanding that 81% of consumers feel they have lost control over their personal data once it’s shared, it’s important to consider the value exchange. Is the consumer getting value that will build a strong relationship?

Appropriate value exchange between consumers and the use of their data is incredibly important. Companies that give something of value in exchange for data and prioritize data privacy at every step will see the highest customer retention rates.

That is the essence of data governance; go a step beyond legal requirements to proactively build privacy by design.

Implementing data governance policies

With momentum for state level privacy legislation at an all-time high, data governance is having its moment in the spotlight. Businesses are seeing the value in developing functional teams dedicated to data governance to keep pace with state privacy legislation and avoid fines and litigation.

If you are currently behind for 2023, don’t panic, but start engaging in data governance now. Do not run away from it! Assess your current position, depending on the size of your organization and the original approach taken to CCPA, compliance to upcoming regulations could be simple or require significant work. Get started now to avoid a last-minute scramble.

Engaging the C-suite is a good starting point to gain support for a holistic data governance program. It is important to secure resources to integrate technology and leverage tools that will drive efforts forward. Recognize not every company can go it alone and consider adding a strategic partner or vendor that specializes in data protections. Another resource for legislation and data-related content is the International Association of Privacy Professionals.

As businesses plan new customer products and services, data governance will play a major role. Beyond just regulatory adherence it impacts how businesses operate, the products and services released into the marketplace, and how companies build trust with consumers to drive economic growth.

Focusing efforts on data governance, businesses can move away from simple compliance and privacy programs to build a more holistic approach that scales to the future and enhances the customer experience. Ultimately, the goal is to protect consumers and earn their trust.

Christine Frohlich
Christine Frohlich is the head of data governance at Verisk Marketing Solutions, a data provider for the insurance and lending industries. In addition to overseeing more than 2.8 petabytes of data within her own organization, Christine helps industry leaders identify privacy and compliance risks and adopt data management best practices. For more information, visit


Please use comments to add value to the discussion. Maximum one link to an educational blog post or article. We will NOT PUBLISH brief comments like "good post," comments that mainly promote links, or comments with links to companies, products, or services.

Please enter your comment!
Please enter your name here