Higher Digital President Joe Gottlieb sat down with colleague Henry DeVries, VP and Principal Consultant of Analytics and Finance, to chat about data governance.

Transcript


Joe Gottlieb: 0:00

Hello, and welcome to another Higher Digital coffee talk. My name is Joe Gottlieb, President of Higher Digital, and I'm joined by Henry DeVries, our Vice President and Principal Consultant of Analytics and Finance. Welcome, Henry.

Henry DeVries: 0:12

Hey, thanks, Joe. It's great to be here. What do you want to talk about today?

Joe Gottlieb: 0:16

Well, I know you have a ton of experience with data governance leading and supporting the investment in data governance at institutions, directly implementing it yourself and also helping institutions to implement it. So I thought we would first demystify that topic and help higher ed institutions think about how to tackle it. Hopefully, leave them with some guidance on how to apply some best practices and maybe even help identify some areas to get started. So essentially a micro-credential in data governance. You game?

Henry DeVries: 0:48

Well, yeah, I don't know. Sure. I'm not sure I could do a micro-credential in the 30 minutes, but let's give it a shot and see where we end up.

Joe Gottlieb: 0:53

Great. All right. All kidding aside. This is a big, big topic. So let's start out by defining what is data governance and, you know, is it security? Is it policy? Is it data quality? You know, what is this thing we like to call data governance?

Henry DeVries: 1:06

Well, when I start a conversation about this with folks, I always bring up a distinction. That's important. I bring up the distinction between data quality and data governance. Data quality is really about the data itself. It's the extent to which the data is correct, and it's timely. It's complete. Um, it's consistent with the requirements that people have to make decisions, but that's just a function of the data alone. Data governance is a bigger picture. It's a bigger topic. It's more encompassing. I like to say that data governance is a component of institutional governance, and it's tied to how the institution does business. And it has principles and processes connected, which we'll talk about in a minute. Data governance is really responsible for the shared decision-making about the data. How do we use it? How do we make sure it's correct? How do we, uh, even if you will, enforce the standards around the data, it's the, it's how you manage the institutions' data assets. Let me give you a little example. I live in Michigan and when most people think about water in Michigan, they either think about the great lakes or they think about Flint. And most people know that there was a few years ago, there was a big issue in Flint with the quality of the water. They switched their water source, and suddenly there were high lead levels. And the first thing that happened was the government and all kinds of agencies and philanthropic agencies and public assistance agencies started trucking in water. They brought in bottled water. Why? Because the bottled water was pure. It was safe to drink. It was not contaminated. You could cook it. You could bathe in it that didn't solve the water problem in Flint. What solved the water problem in Flint was a concerted effort to change the water source, to change the underground pipes, to change the filtration plants. It was really an all encompassing process of getting the right people in the right place, the right tools to fix the water system. So in that analogy, the water bottles were data quality, but the overall effort, years, long effort to fix the water system was data governance.

Joe Gottlieb: 3:11

I love that analogy. I mean, really, really, really useful, you know? Okay. So now let's zoom in on the components of data governance. I've heard you relate it to that lens. We often use people, process, and technology, but you have a twist on that that really incorporates some really useful, uh , sort of sub-aspects or sub-components that are pertinent to data governance. So tell us about that.

Henry DeVries: 3:32

Sure. Yeah . As you know, I spent lots of years as a management consultant before coming to Higher Digital. And one of the things I learned when I worked with institutions of higher education, because it was all in that, in that arena is that the whole idea of governance activity is complicated in higher ed. It's complicated by shared governance between the faculty and the administration a nd lots of things, but one thing that's really important for any big project, and I learned this earlier on as a Chief Financial Officer and a CIO, is that you have to ensure that you can get initial success for a project and you have to have long-term sustainability. Whether it's a new reporting system or a new ERP, or you're building a building, and there are five parts that fit into this there's people. And, you know, we talk about people like, Who's the leadership? What are the jobs that people have? What's the skill sets they have? There's policies, and in this arena, it's like data governance and standardization and security. You know, what tells people how to make the right decision? What gives you guidance to do things the way they should be done? That's that's policy and then there's processes or procedures. And that's the, how to the sort of policies are the what to do and the processes are how to do things. What's the way that information moves through a system? What's the process to correct an error, if you find it in the data? How do you communicate things? How do you manage documents? How do you dispose of data like data retention, you know, and record retention, and then record disposal? There's ways to do things that reflect the policies. There's two other pieces. And I, I like to think about this and it sort o f comes from my background in the world of working with HR and supervising is you have to pay attention to organizational development, b ecause one of the things that's going on all the time is change. You have to have project management. You have to have change management to get folks on board. You need a communication strategy. You need to do knowledge transfer, education, or training, whatever you call it. You just can't say to people here, we're doing something new. You have to empower them. And all this organizational development from the HR sense is about empowering people. And then finally, last of all, is the technology. You can buy new technology and deploy it, and it will fall flat on its face because people say, well, "I don't know why, why are we doing this?" Unless you prepare the culture, if you will, the organization, have the people, and the policies, and the processes, and the organizational development tools all put together, the technology is likely to fail. And so when I think about something like this, it's not just, you know, defining the fields in a database. It's also making sure that the person who is entering admissions data in the admissions office knows how to put it in correctly. And why? So it's sort of, it's a big twist on people, process and technology, but it's one that I think is fundamental when you're talking about governance and people's behaviors.

Joe Gottlieb: 6:28

Yeah. It really, really takes, a model that is well-known, but really tunes it to some of the things that are, that could easily be overlooked by going through the motions of people, process and technology. I love the difference between policies and processes, right? Because oftentimes organizations are very process-oriented but they lose sight of how they think about policies and standardization and evolution of policies. Therefore, process change becomes this sort of re-engineering thing versus the reliance upon the leverage you get from policies, which is great, but also love the way you've mixed two bits of your background. You know, your, your work in HR and your work in analytics and data, so that you could bring forth this organizational development. I agree with you that that's a thing that HR is often trying to get organizations to pay attention to, but many organizations, I would say most organizations do not. They don't, they don't take that proactive step towards org design,  rg development, the constant change vectors surrounding all these things, which are at the end of the day, affected by people and frankly, their, you know, their training and their posture. So love that stuff. Now I want to then, s o if I were sitting in the audience right now, wondering about this topic, my reflex would be, "It sounds great. I know, I know this is very pertinent, but how do I know I've got a problem with data governance?"

Henry DeVries: 7:56

Well you know, I have some key phrases that I would listen to when I was on a campus and I did a lot of this. And the one key phrase, the indicator that it never fails is the, is this little sentence, "Your numbers don't match my numbers," and that, and then of course the, yeah, really, right. Come on. Whenever I asked, I asked a crowd of people stopped to put their hands up. And when you give them enough time, everybody's hand is up. But that really reflects the problem of, you know, whether it's the reporting or the data entry or the analytics system, this is imperiling the ability of the , the institution to make good decisions. And then you sort of say, "Okay, if your numbers don't match my numbers, why is that?" And then pretty soon you hear about what we like to call shadow databases. You know, somebody in a department has their own little spreadsheet or access database. So, you know, once in a while, I bump at the Fox pro still, which is a little scary, but you know, there's different databases with the same source of the same data, two classic examples. How many majors do you have in business? You asked the registrar, the registrar will have one number. You go to the business department and the business department, secretary, or administrative assistant. He, or she will have a different number because they're keeping track on the flow of students coming in and saying, "I want to change the business. I'm leaving business," but the student doesn't necessarily go to the registrar, which is the official institutional source. Why does that matter? Well, go back to my CFO days when the apartment chairs came in for budget hearings, they'd say we have this many majors and I'm saying, well, no, you don't. And then you would get into this problem, which really leads to the third sort of classic symptom is what I call transparency. You spend more time auditing the data for correctness than actually using the data to make a decision. So it's that, you know, your numbers don't match my numbers. Why is it often shadowed databases? And then that is the problem that gets into it impedes good operations and good decision-making. So those are sort of the three, the three things I would listen to it pretty frequently here.

Joe Gottlieb: 10:08

Yeah. Like I just reflect on that. It's so true that you can spend all this time and energy on sorting through what is the right data to be able to get to a necessary decision, but perhaps even worse. I'm sure you've seen this perhaps even worse is the cynicism that develops around a lot of that groping and inability to get to an efficient and effective conclusion, which then causes people to stop even bothering to try. Right. It's just like, you know what, they throw up their hands. They say we can't do X, Y, or Z because we'll never get to the right data that we would need to make that call. So even subconsciously we start behaving and making decisions in ways that avoid this weakness. Right?

Henry DeVries: 10:55

Sure. Can . If you think about that transparency a little bit underlying, that is both the data has to match. Like I said, it has to correspond to be reliable in different parts of the system or different systems, but it also has to be trustworthy. And why, why do people not trust the data? Because either they don't know where it came from, or they have the, your numbers don't match my numbers and in a situation which is typical in higher education, where there's a lot of shared governance. And if the faculty, as one entity and administration as another, don't see things the same way, it really gets into the way of the business of doing business and making good decisions for the institution. That should be an ideal, it's a shared process, but there's a lot of sort of smoke to clear through if you can't make your decisions based on the similar, transparent, agreed upon trustworthy data, that's loading a lot of the data, but it's the reality. I mean, cause we're dealing with people, if you don't do something you're not going to go with it.

Joe Gottlieb: 11:55

True. So here, you know, therein lies both the cost of poor data governance and the opportunity or potential value in good data governance. Right? So to that end, uh , let's break it down, uh, for our audience. What are the components of data governance that you would articulate to help people understand the scope and the thing that, the things that go on and this discipline.

Henry DeVries: 12:24

Great. Yeah. I have to say part of, you know, way back when I started my career as a classroom teacher, as a faculty member. And so I always look for ways to simplify something, so it's relatable to anybody. You can be talking to a Chief Data Officer in a conversation about this, or a Director of Institutional Research or an IT programmer or like I said, that Admissions Clerk, who's just recording information that's coming in from applications, but there's, there's four components that I talk about that I think everybody can understand. The first component is what I call data responsibility and an institution needs to understand across the board between and within offices, who's responsible for the data. Um, and that's not as simple as it seems. It doesn't mean one person is responsible for all of it. I like a decentralized model, but it's important to understand that if I need to know about HR data, typically the director of HR, or maybe if it's a large institution, they might have a director of the HR information systems really knows the data knows how it used, and importantly, they know what those data elements mean. How do we interpret if someone says, how many employees work here? That is not a simple question. It's a complicated question because it sounds simple, but full-time , part-time, casual? Do you include students? Do you include internationals? The acute include bargaining unit or not? And suddenly what appears to be a simple question depends on a lot of relatively nuanced definitions, right? Same thing for how many students do we have? You know, so the institution needs to know who are those data stewards, who know what things are, who are the data custodians, the IT people typically who are caring for the data, they're restoring it, backing it up and making sure the systems run there's data creators. Faculty are important data creators because they're taking attendance and giving students grades. Then there's data end users and those are internal folks and external folks. So you have to understand what the roles are. And this will come back in a minute because you have to understand based on what people are doing, who has to make the decisions, and then you need an overall sort of structure. I call it the data governance council or whatever term your campus uses. So the first big component is data responsibility. The second one is one we've already touched on and that's data quality. The data quality really needs to have, the institution needs to have a way to determine how the data elements are defined, how they're recorded, how they're displayed, you know, and one important part of this data quality is what I call data standards. I'll give you an example. A data standard is something standard is something you put in place to ensure a fair and equal and well understood communication between two parties. If you and I were talking about buying a new car, you might say it gets this many miles per gallon, unless you're buying a Tesla. Right. Um, but when I say miles per gallon, we all understand what a gallon is. You don't have to say, well, Henry's in Michigan, so he has a Michigan gallon. And you know , so-and-so's in Illinois and that's a different gallon. I mean, I just drove from Illinois here to St. Louis and the same gallon from the gas pump all along the way, right? It's something we understand if you're North of the border or in Europe, it's liters of petrol, it doesn't matter. We all understand it. And understanding data has to be that straightforward. So that question of employee or student, or, you know, whatever is clear and, uh, unambiguous. And if you get to that point, then your data is of course accurate. It still has to be timely. You don't want to wait for four weeks to find out how many people were on the payroll last Friday. You want them to have the data be trustworthy, and you want the right scope. Sometimes you want detail for an operational decision. Sometimes you want a big summary data, a big, big picture for it's a strategic decision, but all those things, again, get back to our starting premise: they support good decision-making by the characteristics of the quality or integrity of the data. The third one, and that's the big one, and that's where most people spend most time. The third one is a big one and it's one that's been increasingly important, and even right now in the throws of the COVID crisis, there's a lot of concern about student data privacy. There's a lot of testing going on on campuses. People have a real heightened awareness about their personal health information, but institutions need to think not only about the quality of the data, but they need to think about how do you handle the data. I talk about this, like the question of "Who can see what?" That's the simple question. You are, you have this job at the institution, then you can see this data. You have this task, you can see this data. There's regulations like FERPA, which say, you know, some information can be shared, but unless the student gives permission, the parents can't see information if they're over the age of 18. There's the General Data Protection Rights in the EU that talk about protecting data and compliance. And so data access and privacy is a really important thing to cover because it helps people understand how to answer the question, "What kind of data is this?" and "How do I handle it?" You know, within an institution, anybody within the institution has access to data or some kinds of data. I'll give you an example. When I was last on a university campus, I had as the CIO and the CFO, access to pretty much all the institutional data. I even had access to student grades because sometimes a student would come to my office after seeing the bursar and would say, "You know, can I please, you know, I can't pay my bill a semester. Can you give me one more semester of grace?" And one of the things that I would evaluate is, "Is this a student who shows, promise and has a temporary setback, or is this somebody who's, you know, another investment semester might not be worthwhile?" So I could go in and look at grades. Now at the same time, I had my own children who were on that campus. I could look at those other grades. When I had a decision to make, to adjudicate about a student. It was completely against the regulations for me to go check up my own kids' grades or their bills, for example. Even though I could, I had access, I should not do it because regulation said it was inappropriate and people need to understand those kinds of nuances about who can see the data, who can't, what are the rationale, what are the reasons, and how do you handle the data so you can keep it private. Then the last one is another pretty straightforward one. That's the issue of data security and data security is where we typically intersect with the IT folks. And when I talk about data security, it's about the systems that have the data, and backing up those systems, and restoring them, and business continuity, and disaster recovery. And it's also teaching people what they need to do to be secure. Are laptops encrypted? That's a process, a procedural thing. Do you have a long password policy to make it more difficult to get into systems? Is the screensaver set so that within two minutes, the screensaver comes o n an administrative desktop, so someone walking by can't see the data and you have to log in. Again, those are all sort of personal behaviors o r they call it "Cyber Security Awareness", but helping people understand what they need to do to keep the data secure because if you're on a college or university campus, it's not just the student data and the business partners, everybody's personal data is in that system too. Your bank, your address, your birth date, your social security, or social insurance number, all that stuff is in there. So we have an it's incumbent on everybody in the community to know how to keep that data safe, because identity theft is an increasing issue. So that's the, those are the four components. I got long winded here. The old teacher in me, you'll wind me up for 15 minutes. And I go, but Data Integrity, Data Quality, Data Access and Privacy, and Data Security. Those are the four pillars that I talk about.

Joe Gottlieb: 20:33

Well, that's, you know, that's a good way to sort of frame it up. And interestingly, right, the, the , the last two, privacy and security, u m, can often be related, but also need to be treated, u h, you know, bit separately for, for the depth that each represents. Right? And you talked about that. One of the things that, uh, given my background in security, not just in broad general information security, but also in identity and access management is just this notion that there's access to the data, there's permissions on what you can do with the data, and then there's of course, processes for privacy that say, "Okay, underlying all of that, what are both our retention policies? Right to be forgotten per GDPR, right? Consents for certain activities that students right,  are engaged in producing certain bits of data, right?" All these things represent important aspects of the way we need to handle these policies and the processes that as you were saying, implement the policies. It can be overwhelming, but I, but I like to think about it in terms of there are some established, best practices. There are structures like this that we can articulate. Then, how you move forward, then depends upon your priorities and the context that you have in terms of either establishing these things, new or starting to nibble away a bit. But before we get into that, let's just talk about some best practices. Maybe you can share a few best practices and, and allow yourself for a moment to almost even be a little idealistic, right? So let's, let's touch the stone of idealism and we'll later then look back at these things through the lens of pragmatism.

Henry DeVries: 22:21

Okay, good. Well, I'm going to go back to the, where I sort of started our conversation. One of the first best practices is this idea, this is the infrastructure model, these five broad categories of resources. Like I said before, and I will continue to say they are critical for initial success and long-term sustainability. You need to have the right people in place. The institution has to have policies. You've got to have procedures and processes where people know how to implement them. You've got to help people understand them and master them and move through them, and if you're doing a project, you've got to manage the project and you need the right supporting technology. And the reason I say that is I have been on many campuses where the IT people say, "You know, we think data governance is really important, but we can't do it by ourselves. We don't have enough political capital, or we're too busy putting out fires to put the effort in. We need the whole institution to be involved here." And that's really an important, really important piece of all of this is that the whole problem of finding out who's involved, what they're doing, when they're doing it, and how they're doing it is really critical. And you got to have all that second thing that comes into play here in is really critical is this idea of, I call the best practice is authoritative source of the data. This is what sort of gets back to that idea we talked about earlier in terms of the shadow databases and all those kinds of things. It's related to the fact that you have to have one system. At my campus, we talked about "the mothership." One system is the authoritative source or the system of record, and everybody agrees that this is the system that will be correct, and it's trustworthy. So when I get back to my earlier example, the Registrar is working in the Student Information System, that's the system of record for how many majors are in each department. Okay. And that, that coming with that system of record, that doesn't mean you can't have multiple systems that have shared information. If you think about student demographics, right? The library has it , the parking system has it, the dining system has it, the career advising system has it , uh , you know, the housing system has it, the, you know, the learning management system and there's lots of systems on campuses. We know this. They share a lot of data, but all of those systems should be listening to the mothership. So when a student changes their address, it goes into the student information system, that pushes it out to all the other places. You don't walk up to the library and say, "Oh, I have a new address. Can you put it in?" Because where does it end up? Just in the library. No one else knows. Then the second thing about this system of record or authoritative source of the data is that what you really want to do is you want to make sure that if there are other data marks, that they're synchronized, okay, make sure they're connected. This is all about enterprise architecture and integration. U h, and if you have data that needs to be recorded, make sure it gets into institutional repositories, into sanctioned systems, because there are some situations where the data is kept in just the department, a single department it's not ever exposed, so the data is hidden. If it's hidden, no one else can take advantage of it or use that data, and so there's that sort of challenge as well. Um, the third sort of best practice here is the one that I refer to as standardization. I referred to this earlier, u h, which is you want to standardize your data. That's standardizing your definitions, standardizing the way the data is entered into systems, the formatting. I mean, how do you put in a phone number, or how do you put it into zip code? How do you format an address? That gives you the ability to create outcomes using the data, to index it in common. So it's simpler to sort through, get reports, make those decisions. Then finally, the last piece is this idea, u h, that I think is a best practice, is to leverage the technology. As much as possible, when you're collecting data, let the end user be the data creator. If you're taking an application, don't have somebody fill out the paper and have someone else type it in, let the originator put the data in and to simplify the process, give him, or her drop down menus rather than open, free form fields because of the big challenge, any programmer will tell you is that when you have free form fields, you can't create an index. If you can't create an index, you can't get a report. If you can't get a report, the data is not helpful. And so let your systems do the work, you know, get the correspondence between the systems, let them do all the hard work for you of , uh, sorting out the, the variables and matching up the meanings. So do that with leveraging your technology, integrate it, build an established enterprise architecture that will do that rather than doing stuff manually.

Joe Gottlieb: 27:27

Excellent. You know, I want to come back to that topic of practical starting points , but before I do, I, based on what you were just sharing, Henry, I couldn't help, but think about a really important theme is avoiding customization, right? We see customization crop up so often, and oftentimes it's pursued in the interest of differentiation, or speed, or even adaptability. It wears many clothes, right? It takes many forms, but at the end of the day, what customization does is it impedes our ability to automate it, impedes our ability to standardize, it impedes our ability to take advantage of new functionality provided by our vendors as they roll forward, um, new versions of the offerings that we're utilizing. And so let's talk just a little bit about that, because I think we, we try to advise institutions to avoid that wherever possible, lean towards configurability versus customizability. And the standards that you've been mentioning in terms of stay in sanction systems or if you have data marts, at least keep them synchronized with these sanctioned systems, right. That all speaks to, I think, um, an avoidance of customization wherever possible. Does that, does that resonate with you?

Henry DeVries: 28:46

Absolutely. I mean, I think we hear the term technical debt a lot. You know, and if, if you know, if you listen to what's been going on in higher education in the last few years in the IT world have heard consistently the movement from, you know, premise-based to cloud-based to, you know, to, to host it to SAS. And we all know that when you get to a, a SAS, software-as-a-service environment, you can configure things, but you can't change what the backend logic is. And institutions who have been doing that changing of the backend logic now find themselves up against the wall. Either they have to vastly change their, their technology, and operations, and business process environment. Again, that's why I talk about organizational development because big change has happened if you can stay consistent in the delivered product and not customize. The other thing that happens is you can also, um, it facilitates the interaction of the data because if you customize some, some item in your student information system , that's a unique characteristic to your institution. Then you've got to customize the learning management system and the library system and the dining system and the parking system, and the box office, and the career center, and the health services and on and on and on and on, right? I mean, every system is campus 40 to 80 systems like that. And then when you change something else, or one of them gets updated, then you've got to go back and do it all over again. Now I don't want to get into an enterprise architecture discussion, but the reality is data standards and data understanding and mapping it. It doesn't mean that it's because take, for example, you're a student in the student information system, you can be a patron and that can be the label on the, on the field of the library, because that's what librarians talk about. They don't call you customers. They call you patrons. If you go to the health service, you're a patient, but it's still the same entity. The still the same student demographic, the demographic data applies. You can leverage that part of the localization, the configuration, but don't customize. You're absolutely right, because it only gets you to detect that. And with the pressures on operations in higher ed these days, you know, all you're finding is IT shops are, all they're doing is keeping the, you know, they're keeping the lights on. They don't have any chance to innovate. That's another conversation we'll have a different day. Yeah,

Joe Gottlieb: 31:06

No, it's so true. And I, you know, it does set up a difficult discipline, right? In this day where we're all trying to figure out how to innovate, how to distinguish ourselves, how to deliver more with less all of these things, right? It, it , it we're, we're compelled to do new and different things, more capably, but what, what it really boils down to is really selecting systems that have strong architecture that really do give you a command over these different functions, and therefore deliver both data-driven decision-making as well as a very cooperative education delivery, right? Across these different capabilities of these systems. Um, and where are you finding limitations in whatever technology you find yourself on, coping with those limitations and building around them. Right? So the example that I would use is when you build a website and, you know, you can, you can select a platform that has a lot of built in integration across different templates, and if you choose to customize your templates, you're going to slow down your ability to change your website every single time. However, if you stick to the general template structure, but then innovate around the images you're providing and the content you're providing, now you can change that stuff more rapidly, and that still leverages the platform, as the platform grows with you, you'll be even better served. And so it's perhaps a simple analogy compared to the complexities of running an institution, but you get the point, right? It's having that discipline, and resisting that temptation and challenging to figure out how do I innovate a bit differently, atop this platform since I've selected it.

Henry DeVries: 32:43

And it , and it does come back in a certain sense. It comes back to the idea of standards. Once you've set the standards, once you've agreed upon them, okay, then we say, well , this is what we mean. It gives you a set of boundaries and a lot of cases, institutions over time. You know, they have differentiated with this customization. And I always would say that the DNA of an institution is in its Student Information System. That's where all the things that make them reside, but then when they have to upgrade or change it, they've got to untangle that all. So if you can still do that on the front end, like you say, and in the service side and other ways, but leave the, leave the backend technology in a uniform delivered fashion and observed standards. You're going to gain on the, in the long- term, because you're going to free up that, you know, keeping the lights on maintenance and repair for innovation, with the same number of IT staff.

Joe Gottlieb: 33:41

So true. It can be counterintuitive, right? It reminds me that a, you know, the second best strategic plan that everyone's enrolled in and aligned with will out execute the number one strategic plan that is not well aligned with the organization. Right? And so in this case, let's say the 70 or 80% solution that you feel you're holding yourself back t o, but it's aligned that fits your standards, is going t o out execute, the organization that is whimsically careening into different areas, but falling out of alignment, falling into customization and therefore falling into a trap of not being able to, to continue to evolve. So, to bring this now to a point on practicality, u m, the components and the best practices are super helpful to understand what's possible and how to think about this in the proper light. But what, what can we provide in terms of tips for how to get started, u h, to make this more practical and not so overwhelming?

Henry DeVries: 34:40

I think I would give you, I would give you two, um, two suggestions. The first suggestion is the one that says, think about where we started, that data governance is a part of institutional governance. Okay. And the first task is to get this agenda on the institution's agenda, because like I said, I've talked to numeral Directors of Institutional Research or Effectiveness and Planning or CEOs, and they say, I've wanted to do this for so long, but I can't get traction by myself. So the first thing you have to do is because some of these things are going to be a little contentious. You know, when you say we're going to use this standard, what we don't use that in this office. Well, you know, I'm sorry, but now you're going to, so you've got, the first thing you gotta do is get the, that responsibility piece certified so that the executives of the institution say, "We are going to commit to doing data governance. We're going to support the effort from the executive level." And then typically I encourage people to start out in that arena of data quality, because it's the confusion of what the terms mean. That's the most frequent presenting symptom. There can be other things. And we've , there's lots of things we can talk about, but getting agreement on that, the glossary of business terms, if you will, what does this mean on this campus? And if there's a really strong subpopulation or subset that says no, for our purposes, we have to define it differently. Okay. Acknowledge that, Mark it down and put an asterisk by it. Because, you know, dictionaries have multiple definitions of things. I was looking at something today online, and I saw that in Australia and New Zealand, this means a totally different thing than the way we use it in the States, same language, same word, but identified. So get, get around the data, quality pieces, the definitions. And again, like I said, if you have a data steward, you do that within the offices and you say, okay, Registrar, you work with the academic side on what's the content of the student records and what do those things mean? Finance, you figure out your stuff, finances pretty straight forward. HR, you do your stuff. Okay. Then, the career center and student services, you do your things, and then we'll come together. If we don't define them the same way, let's agree upon what the definition is. That process takes some time, some effort, some cooperation, but once you've got that, then you can begin to put that into the technical artifacts and the SIS, the ancillary systems, the integrations, comes through in the reporting. And when a couple of years you've got that stuff done. And in the meantime, IT can work in the background. If you've got an IT security officer, they can work on, okay, let's make sure we got education, so people understand what phishing is, or you know how to encrypt the laptop or you know how to have a strong password. They're not mutually exclusive, but having the institution say, this is the highest priority. That's how I would go at it because it really is driven by the personality and the needs of the institution. Yeah.

Joe Gottlieb: 37:51

So just to recap, then get leadership on board so that it can be part of institutional governance, really important for step. It can be aligned with  strategy. It can be prioritized to really focus on data quality and , and make sure that you let the different parts of the organization that are closest to their data and have the most understanding of what data should be and what, what that have that responsibility, let them step up and begin to advocate standards. And then work through that. You alluded to timeframes, right? This is not something you're going to do overnight. So allow yourself the patience to get started, give it leadership, visibility, and ownership and iterate through, because it will take a while to move the big, big , uh, mountains involved here. Um, but continuous progress, and the fact that it will never entirely be completed means you're, you're, you're signing in for the long haul, but you're making you're, you're creating impacts iteratively with priority based upon a well-correlated effort, uh, together as a team.

Henry DeVries: 39:03

Yup. And I would say one other thing is that in a lot of situations, there are external resources that can be brought to bear. If you're working in the US the IPEDS database, the common data set there are in your institutional research folks know about these things. If you work in a system, I've done quite a bit of work in the California community colleges, they have a system-wide data dictionary leverage those external standards because otherwise you're going to be interpreting your local stuff to the external stuff. Again, if it doesn't work for you locally, footnote it, but don't, you don't have to boil the ocean and create this from scratch. There's a lot of good work out there, uh, and being higher education, people are willing to share. And so within, particularly within public systems with any given state or state board of Regents, they may have definitions. They want the feds have definitions. So it sounds like a big task, but when you get down to it and you have all the resources in the campus, you'd be surprised how much of the work is already done. It's really just bringing it together.

Joe Gottlieb: 40:06

Well, that sounds like a good place to stop so our audience can get started with data governance. Thanks so much for joining me today, Henry, and thanks to our guests for joining us as well. Have a great day, and I look forward to hosting you again at the next Higher Digital Coffee Talk.