Big data projects bring with them significant concerns over security, privacy, and regulatory compliance. Nowhere is this a more sensitive issue than in the health care industry.
Health care provider Beth Israel Deaconess Medical Center is one organization becoming increasingly involved in big data, as it works with electronic medical records, new health care reimbursement models, and the vast amounts of clinical and claims data that has been collected over the years. Data governance will play a key role.
"There will be a lot of pressure put on health IT organizations to turn the data around rapidly," says Bill Gillis, CIO of Beth Israel Deaconess.
Having strong governance in place enables organizations to make sure the data is accurate and tells the clinical story they need in order to provide quality and improved care.
"It's critical that the 'tyranny of the urgent' not win over," Gillis says. "Having governance in place up front can help avoid that pitfall and keep things on track."
Of course, security and privacy are a big part of this.
"Given the uncertainties that surround new big data, for the important brands the privacy and security bar is so high that the protections afforded for this new data are higher than most other traditional external decision data," says Charles Stryker, chairman and CEO of Venture Development Center, a consulting firm that has provided big data advice for companies such as AOL, Cisco, First Data, and Yahoo. "No major brand wants to test the limits of where the privacy and security line falls," Stryker says.
From a project's outset, companies need to consider data provenance (the metadata that describes the source of the data) and make appropriate pedigree decisions (confidence in the data) when using this data in any big data solution, says Louis Chabot, senior technical adviser and big data lead at technology and management consulting firm DRC, which has helped government agencies implement big data projects.
"Maintaining data provenance metadata and pedigree-based decision making is not something you 'bolt on' after the fact," Chabot says. "It is an integral part of the initiative that must be designed and included from the outset." When appropriate, Chabot says, specialized techniques such as digital signatures should be used to protect provenance from accidental and/or malicious tampering.
Organizations also need to respect data privacy laws and regulations. "Various techniques such as anonymization of the data, stripping out elements of the data, and restricting distribution [and] usage of the data can be used" so that organizations are in compliance with security and privacy regulations, Chabot says.
Recent research from Aberdeen Group stresses yet another litmus test for big data success: data accuracy.
According to the report, best-in-class companies (as determined by Aberdeen metrics) reported that 94 percent data accuracy was their organizational goal and 1 percent improvement was needed to meet this goal. But industry-average companies reported a data accuracy goal of 91 percent, and needed 18 percent improvement in their data management methodologies to achieve this, while "laggards" reported a data accuracy goal of 80 precent and needed 40 percent improvement in their current performance to reach that.