Handling data – the lifecycle of data and how to manage it

Data, data, everywhere, but not a drop to…no, that doesn’t make sense. So you’ve got data all over the place, but what do you do about it? Let’s take a trip through the lifecycle of some data, and what happens to it.

Before we do that, it’ll probably help to set some context around ‘data’. It can be such an ethereal phrase. I could use the word ‘information’ and, for what I’m talking about here, I would say they are interchangeable.

Think about the data or information that your business collects to be able to operate. That might be lists of prospective customers, current customers or staff. It could be some metrics about the operation of your business-like number of marketing leads per month or conversion rates. It could be facts that you are researching and recording as part of the work you’re doing for your customers. You might be storing this information in a computer system, spreadsheets, or on paper. This all counts as data.

If you want to get the most from that data, manage quality and security, and ensure effective and efficient use of that information then managing that data with careful, deliberate processes will really help – as opposed to throwing it all in one folder and hoping for the best!

Let’s start at the start: if you’re looking to collect some data.

1. Plan how you’re going to collect that data and what data you’re going to collect. Do you have a system that captures this data? Will you need to create a specific data capture system to handle the data collection? You’ll also need to be clear on exactly what pieces of information you’ll be collecting.
2. If this data falls under the GDPR then make sure you’re recording what you’re processing and all other requirements of the GDPR.
3. If any of the data is a GDPR special category, then extra protection and attention is required for processing that data.
4. Storage. How are you going to store this data once you’ve captured it? This decision can impact how much you can do with that data after you’ve collected it and how much value the business can gain from that data. Are you going to store this data in spreadsheets, in a database, on paper? If it is a database, how are you going to structure the database?
5. Security and access need to be considered as part of the storage discussion. Are you protecting that data to the appropriate level? Have you given access to only those people who need it? The principle of least privilege.
6. This next point pretty much falls into the GDPR category, but I think it’s a useful point to consider no matter what type of data you are storing: cataloguing that data. So you know what you’ve got and where it is.

Once you’ve got data captured and saved somewhere, what do we do now?

1. Understanding. It’s not very exciting, but really, to make the most of the data you have, everyone working on it does need to understand what the data literally represents. What each data point is saying.
2. Data cleanliness. This is a whole discussion in its own right, but to gain valuable insight, a dataset shouldn’t have incorrect, corrupted, duplicate, or incomplete data in it.
3. Anonymisation. Depending upon what the data is and what it is being used for, you might need to anonymise it so that while you can still get insights from it, you are not holding on to identifiable data unnecessarily. If you want to hand the data to another organisation for analysis purposes, anonymising the data might be appropriate too.
4. Transformation for reporting. The same data can be stored in different structures for different purposes. Sometimes a report or KPI dashboard can be produced directly from the data as it is stored, but often some pre-processing and transformation into a new structure will considerably improve everyone’s ability to report on it.
5. Interrogation. This is the stage where you’re asking questions of that data and reporting from that data.

Once you’ve finished processing the data you captured, or at the end of its usefulness, or when you are obliged to stop using the data. That might be because you bought it from a data broker for a certain length of time, or due to GDPR-style restrictions. What do you do then?

• Archiving. Some data may no longer be relevant for the work you are doing now and so should be archived away in case it is needed for an historical analysis.
• Removal. This is where having a well-managed catalogue of the data you hold and a clear view of who has access to that data really helps. It’s important that if you are removing data, you actually remove it rather than, say, just restrict access to it.

Where do you go from here? It very much depends upon where you are at in your data journey. I would recommend starting by reviewing what data you’ve already got. Next, have you got all the ‘hygiene’ factors in place like classification and cataloguing for GDPR purposes? Check how secure the data is and review access.

Once you’ve got that all sorted: relax, sit down with a nice cup of tea and decent biscuit (can’t go wrong with a chocolate digestive, of course) …then I’ll throw in the hideous curveball of Business Continuity Planning at you and run away! Sigh, let’s save that for another day, shall we?

Want to know more? You could look into the following terms on the internet, there’s loads of information out there about these topics.

• Information lifecycle management (ILM)
• Data Governance