Read an Excerpt

CHAPTER 1

New Gold/Data Management for Business

New Gold

Just as gold is a raw material for coins, jewelry, and watches, so too can data be viewed as the raw material from which money is obtained. In fact, a good definition of data is "facts or figures from which a conclusion can be made, giving the data perceived value by the author and the audience." Data information and statistics are often misunderstood, just like fool's gold. I found the basis for this definition from the Statistics Canada website and polished it.

Armies and families have killed each other over gold. At time of the gold rush, during 1848 - 1855 people were desperate to hold it, honor its value, and create wondrous things with it. Originally, our dollar and entire economy were based on gold. The gold standard became a mantra that meant excellence. Gold was a commodity protected by the government; there was a time government determined how much each person could have.

As you move along in this book, you will see other similarities, like government regulations of gold as a resource and control of data. The government is turning to data mining to circumvent need for warrants. It purchases data from private companies to have ready access. The US Supreme Court has tried these cases and determined an individual has no reasonable expectations of privacy to data that is held, managed, or maintained by a third party. Therefore, the Fourth Amendment does not protect an individual's data that reside in the public domain. Social media and other public venues are able to provide access to the government when asked, and no warrants or other legal procedures are necessary. Hackers (i.e., robbers) are stealing data, reselling it, releasing to the public, and holding it for ransom. If the dark net knows data has value, then we need to protect it.

In this new millennium, data is controlled, regulated, and hoarded; ownership is given to the individual so the entity cannot share it and must protect individual data through regulation reporting, security compliance, and suggested methodologies for proper management. The United States and governments throughout the world are dictating to companies how they must protect data.

For example, in 1998, the United Kingdom enacted the Data Protection Act, which states sensitive personal data cannot be transferred into a non- European Union country unless that country has the means to protect the sensitive data. Although we have our own HIPAA laws to protect individual's health data, we do not have legislation to protect the data as tightly as the European Union.

Since many companies are global and in the United States laws control healthcare-related information, companies that are not generally regulated must jump through regulatory hoops to continue doing business in the United Kingdom.

Case Summary

Take a company that runs software for schools worldwide. This company might run applications and store the production data inside the United Kingdom, but its backups might go to a colocation site outside the United Kingdom. Secondly, every vendor who could touch any of the related environments had to be audited by the United Kingdom, even if the people, database, and environment they worked on was in the United States because the individuals who own the end data lived in the United Kingdom.

The ownership and protection of each individual's data "nugget" supersedes the right and privileges of the company that houses, stores, administers, and maintains the data. That makes it an interesting statement about this economy. A business owns the data as a whole with all integral parts of the sale or service, but in the end, the business must protect the nuggets to protect the rights of the individual and incur costs for all aspects of that protection.

The cost of protecting personal information is high for companies today. They have to provide security in the form of software, firewalls, processes, and audit controls to make sure no one accessed the personal information data. The personal information data is what in many circumstances inherently adds value to the data.

Providing access but limiting details to each user is another process that causes pain points and cost overruns in projects and data management. We haven't even talked about performance and direct user access costs. How you need to deliver the data — through fax, e-mails, web portals, mobile devices, videos, images, or telephonic or voice devices — should be considered.

As access to data grows and personal information becomes more detailed, government agencies will become more critical of how data is protected. The data stream causes corporations to follow protocols to protect their data and to protect rights and privileges of the data owner. The government will manipulate the way businesses grow, spend money, and hire professionals.

This has created a time when data might be as important as any other commodity but will need to be protected as your company's success depends on keeping it in the vault.

Summary

Data is becoming more relevant in the world around us. Protecting someone's data and ensuring it will be accessible are causing more regulations throughout the world.

Data is becoming so valuable that in the next chapters you will be able to create entire markets around preparing, massaging, and analyzing data that could be stored in your systems.

CHAPTER 2

Why Do I Protect It?

Got Data? Protect It

If you have data, then your business data management problems are directly correlated to the type of and amount you are managing. If you own a restaurant, you have to protect the credit card transactions that are handled through your point-of-sale, or POS, software. The POS is responsible for security, maintenance, and management of that data. After you set up the POS, check the background of anyone who handles transactions and set up guidelines for properly handling the credit card and entering the transaction in the POS. If you do this, you are probably safe from the rest of the security requirements for credit card transactions.

The rest of your data consists of inventory and sales analysis of beverages and food, including to whom and when it was served. With this data, you can capture what customers like and don't like. Seasonal specialties or just preferences and how you might use that data analysis can increase sales or improve quality of your product. It also can improve ordering, inventory, and delivery schedule.

If you own one restaurant, you might be able to handle this data in spreadsheets or a small database/application system. If you own thousands of restaurants across continents, then you have a different problem. You have inventory control per thousands, timeline issues, customs, and possibly different offerings, depending on the restaurant location. Your data analysis must be tighter and better thought out. Applications and real-time data strategies need to be met as opposed to the data warehousing process where you can analyze data over dozens of seasons and years. Your data issues just became geometrically magnified. Your data access needs are no longer met with a simple solution. Now you have database performance problems as well as server and database relationship issues.

Now change the restaurant to an insurance company. Take away inventory and add HIPAA, SOC, and SarBox (Sarbanes-Oxley Act) compliance, users such as doctors, labs, patients, nurses, and drugstores, as well as state and federal compliance, and you kind of own the data. But patients are the legal owners. If you don't protect that data, you are potentially out of business. You not only need to secure it against the hacker but you must back it up and maintain and protect it from corruption. If you lose or share it, someone can stake a claim to that data and force you to defend the claim.

Ownership is key. It no longer can be determined by the finders-keepers rule or the last one to touch data owns it. Data is not exclusively yours, but it is yours to protect and value.

Data can be used to enhance the value of your companies and can be used to market importance in your industry. It can be manipulated to provide information that will help grow your companies and find ways to improve service or products to entice customers.

The historical data, in terms of pattern recognition and usage, can sometimes be as important as today's data when trying to find a path forward. After a while, it can age and the validity can be compromised, maybe because in the past reports weren't as detailed as they are now or products have changed so much the target audience also has changed.

Historical data for a restaurant could track favorites by season. It seems to reason that in winter months, folks crave richer, warmer foods. However, with New Year's resolutions, salads and vegetables might have a high selling season in January. The data can help provide information as to what foods to stock up on, saving spoilage fees. Also, you might want to create coupons that match the tastes of customers during different seasons to lure them from competitors.

Creating social media campaigns that match these trends is another way to create a closer relationship with clients by sharing with them your understanding of their dietary wants for good health.

I believe we often look into the data with rose-colored glasses instead of taking a critical view. When reviewing data, if we allow the data to create new paths, we might gain better insight as to our own paths forward. These paths might help us design better products and services that push us past competitors.

Case Summary

In an article in Small Business Chron, the authors discuss thoughts I would like to share. (#4F) Managers spend about two hours researching data per day. Often that data can be erroneous, incomplete, or invalid because it is disconnected. Or it does not have history or details for full query or business analysis or is disjointed because of missing facts. Also, data can be disparate, saved in different systems, databases, and environments, making it hard to get the data reestablished usefully.

In our case, we create client reports that track work efforts so we can prove we have completed activities, have approval for those activities, and document time and effort spent to complete the work. Here are issues we deal with to make sure data is processed to provide honest, factual report for clients:

1. Ensure processes and procedures are easy for users to follow.

2. Create an interface with guidelines but allows the user to easily do the data entry freeform so the order of entry does not matter. Therefore, we cannot create rules that require data to be entered in any order nor can we create a status that limits actions.

3. Once the data is entered we need to be able to create reports that provide accurate data and add accurate hours so that time cannot be added twice should the work cross weeks or months, affecting billing.

This seems to be so easy you will say: "What's the problem?" However, how do you make sure a task that stays open across billing statements and hours is added as you go? How do you make sure hours are not billed twice? Then how do you make sure you are able to bill at the end? When hours are limited by a statement of work you can't add up all hours at the end because you need to track as you bill to make sure you don't go over.

Every time we add more details to our activities logs we need to review the reports to make sure rules haven't been broken that would cause billing issues. Also, if reports are run asking different questions you want to be sure data maps accordingly. Sometimes the query itself and how you ask it, what date types and ranges are chosen and other conditions can skew the data. Until both queries are analyzed, you may not understand why data doesn't map.

If you can, hire a Business Intelligence expert or purchase a BI tool. If first you get the data collection right, the data restructured through a business intelligence tool can improve the bottom line. Your bottom line can be impacted through small changes that improve usability, quality, intelligence, easy remote access and sales mobility. Accurate data is an important customer service strategy.

For example, the only thing that bugs me about Amazon is I might pay extra expecting to get two-day shipping. However, their application usually fails to note the processing of my purchase can take 5-10 days, negating my extra costs in paying for the upgraded delivery charge. To me, Amazon's application should note when my product won't come within two days because it does not accurately inform the customer.

In a study from the University of Texas in 2010, researchers found the average company could increase annual sales per employee by 14.4 percent if it increased stability of its data by 10 percent. For the average Fortune 1000 company in the study, this amounted to a potential increase in productivity of $55,900 per employee. Investment in effective and efficient methods of transforming data into usable business intelligence will pay dividends.

Imagine the increase in customer satisfaction that would result should the data be so accurate the client could know the time a package would land on the doorstep.

Summary

Basically, you protect data for the company's best interest. That means meeting regulation standards and protecting against lawsuits from individuals who are related to the data.

Also the data itself has historical and possible cash value if you can provide the data in a manner that interests prospects. Protecting the data can mean protection not only for the bottom line but could affect your future as well.

CHAPTER 3

How Important is Your Data?

Your data is as important as you believe so. But consider this: Statistically, 65 percent of companies that suffer catastrophic data loss close their doors.

You must not only consider how precious the regulatory agencies believe your data is to the individual, but you have to consider how precious the data is for your company.

Data is important depending on how you use it and how much time and money is spent to protect it. If you spend little protecting data, you have given data little value. This value had better reflect the real value of the data, however. You don't want to find out one day you have been disconnected from the data running your business.

Ask yourself this: "What happens if I lose all my data tomorrow?" If you reply, "I move on, nothing much will happen to my job, my company or my clients," you could be in denial. If this question panics you, then do something about it. If your answer is "I have backups, redundant systems, proper restore procedures and my team has a full disaster recovery process in place, and has practiced and evaluated these procedures on a timely basis" then you not only have recognized value of your data, you understand the role of data in today's marketplace.

We worked with a medical insurance provider company, which found it had a corrupted database, and no restorable backups newer than six months old. The backups had been corrupted before anyone noticed the issues. If we had not managed to pull data from the corrupted database, 4,000 workers would have been looking for employment elsewhere that week.

This company spent two weeks, praying the data could be recovered. Patient data that was saved may have saved thousands of lives as well. Today, no one can afford to be cavalier about data. The truth is, if it doesn't mean much to you, check regulations because you will find those who believes data matters. The tragedy of data loss may not end when you close your doors. Lawsuits and regulatory agencies can make your life a nightmare if you fail to understand, develop and follow processes that protect regulated data.

Sometimes being out of compliance means you are not following industry-standard best-business practices to manage data. It may be as simple as making sure the environment is being watched for breaches, capacity issues and being held with software and hardware in compliance with vendors. We had a new medical provider who didn't realize by not having proper monitoring and maintenance jobs set up they could be fined for not following Healthcare Privacy and Portability Act procedures. Those procedures regulate requirements to ensure data is protected through professional and proper data management. The jobs they needed to have set up were successful backup processes, database integrity and capacity checks, and server availability, or heartbeat checks. Once these jobs were set up they were in line with regulations. Processes required by HIPAA guidelines were immediately set up and within 24 hours the environment was compliant.

Case Summary

There is a small startup. The startup knew HIPAA compliance meant having proper security protocols, including logins, passwords, roles, hiding private data when not needed by the user, backing up databases and providing proper reporting to regulators. What they did not know; they were out of compliance because they did not have a maintenance plan designed and put in place. The startup also did not have the recommended operating system and database version patches for security put in place by specific software vendors needed for their environment. They simply didn't have time nor experience to do all this work.

If you can't afford to buy experience, lease it.

(Continues…)

---

Excerpted from "Mining New Gold — Managing Your Business Data"
by .
Copyright © 2017 Penny, Jeffrey and Gillian Garbus.
Excerpted by permission of AuthorHouse.
All rights reserved. No part of this excerpt may be reproduced or reprinted without permission in writing from the publisher.
Excerpts are provided by Dial-A-Book Inc. solely for the personal use of visitors to this web site.

---