The Two Circles: How AI is Reshaping Modern Data Governance

We find ourselves at an intriguing juncture in the world of data governance. On one hand, there’s the growing need to govern Artificial Intelligence (AI) systems, ensuring they’re used ethically, responsibly, and in compliance with regulations. On the other, AI is being seamlessly integrated into our data governance tools, helping us solve some of the most complex challenges we face in managing and securing data. This raises an interesting question: where do these two types of governance meet, and where do they diverge?

Data governance, while a critical function for any organisation dealing with vast amounts of data, has often struggled to live up to expectations. Many businesses are still grappling with building a strong business case for data governance, and even when implemented, the outcomes are often less than stellar. Furthermore, the sheer volume of data companies must manage, alongside the need for high-quality, well-structured data to train AI systems and support technologies such as Generative AI and Retrieval Augmented Generation (RAG) systems, presents an entirely new set of challenges. In this context, traditional approaches to data governance seem increasingly outdated, highlighting the need for innovation.

Enter AI. As data governance becomes more complicated, AI has emerged as a powerful tool capable of transforming the way organisations manage their data assets. By enhancing efficiency, improving accuracy, and streamlining operations, AI-powered solutions are rapidly reshaping the landscape of data governance. Let’s explore some of the real-world applications of AI in this domain and understand how it is making a tangible difference.

AI Use Cases in Data Governance

Automated Data Discovery and Classification

One of the most remarkable applications of AI in data governance is automated data discovery and classification. In the past, organisations relied on manual processes to scan through their data and classify sensitive information—an approach that was not only time-consuming but also prone to human error. Now, AI systems equipped with machine learning algorithms can automatically detect and classify data across diverse systems, identifying sensitive data such as personal information, financial records, and intellectual property.

A prime example of this in action is Grundfos’s use of Microsoft Purview. Grundfos are a pump manufacturer that gathers a lot of data from IoT devices, as well as organisational data. This has been deployed to scan the organisations hybrid estate to help the scan and classify data. This has significantly reduced the need for manual data classification, improving both efficiency and accuracy.

Data Quality Management

Data quality management is another area where AI excels. AI’s ability to analyse vast amounts of data and detect patterns makes it an ideal solution for identifying inconsistencies, anomalies, and potential issues in data sets. Finance organisations have been using AI-driven platforms such as Precisely’s Data360 to automatically monitor data quality across their operations. The AI system flags issues such as duplicate records and missing values, while also predicting potential data quality problems before they escalate.

The result is a more proactive approach to data management, reducing the risk of errors and improving the overall integrity of data. AI, therefore, plays a critical role in ensuring that organisations maintain high standards of data quality in real-time.

Security and Privacy

As privacy regulations continue to tighten globally, AI is emerging as a vital tool for helping organisations comply with these increasingly complex requirements. AI is instrumental in areas like intelligent access control, where it analyses user behaviour to detect any unusual or potentially suspicious activity.

For instance, Partners Healthcare, a leading healthcare provider, uses AI to monitor access to sensitive medical records. The AI system flags any unauthorised attempts to access data, ensuring that patient information remains secure and compliant with privacy regulations. Additionally, AI-powered systems are invaluable in helping organisations identify and classify personal data in accordance with data protection laws such as the GDPR.

A notable example comes from Migros-Genossenschafts-Bund (Migros), Switzerland’s largest retailer and supermarket chain. Migros uses OneTrust’s AI capabilities to identify and classify personal data across its operations. This automated system ensures the company adheres to GDPR requirements, reducing the risk of non-compliance and associated penalties.

Data Lifecycle Management

AI is also transforming how organisations manage data throughout its lifecycle. From the moment data is created or collected to when it is archived or deleted, AI is enhancing the efficiency and cost-effectiveness of data management processes.

AI is also improving data lineage tracking, which is essential for maintaining transparency and ensuring compliance. Pfizer, for example, uses Alation’s AI-powered data catalogue to map data lineage automatically. This enables the company to track where data comes from and where it goes, making it easier to ensure that data is handled correctly and in line with regulatory requirements.

Governing AI within Data Governance Tools

While AI is becoming a key component of modern data governance tools, it is important to recognise that AI itself must also be governed. In essence, organisations must govern the very systems that are helping them govern their data. This presents unique challenges, as the governance of AI involves several key considerations.

1. Performance Monitoring: Just as you would monitor the performance of any tool or process, it is crucial to assess how AI models are performing and ensure that they are delivering accurate results.  This includes ensuring that there is a human in the loop for monitoring.
2. Bias Detection and Mitigation: AI systems can inadvertently introduce biases in the way they classify or process data. Therefore, it is vital to regularly check AI models for biases and take corrective action when necessary.
3. Version Control: Much like software updates, AI models need to be versioned and tracked to ensure that any changes or improvements are well-documented and do not inadvertently impact governance processes.
4. Compliance Assurance: Organisations must ensure that AI-powered data governance tools comply with all relevant regulations, including the GDPR and the California Consumer Privacy Act (CCPA).
5. Continuous Monitoring: AI systems should not be set and forgotten. Ongoing monitoring is required to ensure that the models remain accurate and relevant over time.
6. Training and Education: For organisations to successfully implement AI-powered data governance tools, staff must be adequately trained. This includes not just technical teams but also non-technical departments, as AI will have an impact on many facets of the organisation.

The Regulatory Landscape

The regulation of AI is still a work in progress, with different regions taking different approaches. The European Union is at the forefront with its AI Act, which establishes strict guidelines for high-risk AI applications. The Act aims to ensure that AI is used safely and responsibly, with particular emphasis on transparency, accountability, and fairness.

In contrast, the UK has adopted a more flexible approach to AI regulation. The UK AI Bill, which is currently making its way through Parliament, focuses more on guiding principles and is less prescriptive than the EU’s approach. This allows for greater innovation but also requires organisations to take a more proactive stance in ensuring that AI is used responsibly.

The regulatory landscape needs to be reviewed to determine whether an organisation is either a developer or deployer of AI products, as there are different obligations for each.

Impacts on Organisations

As organisations integrate AI into their data governance processes, several considerations must be kept in mind:

1. AI Literacy: Organisations need to ensure that their teams, from IT to procurement, have a basic understanding of AI and its implications. This is no longer just a concern for data scientists—it’s something that affects the entire organisation. For example, procurement needs to be more aware of software procurements with embedded AI and where the accountability would lie if something went wrong.
2. Consistency Across Tools: Organisations should strive for consistency in how AI behaves across different governance tools. This ensures that AI models and algorithms can be trusted to work seamlessly across the organisation’s data landscape.
3. Increased Technical Expertise: The procurement of AI-powered data governance tools is no longer a simple purchasing decision. It requires a higher level of technical expertise to evaluate the capabilities and risks associated with the AI models being used.

Conclusions

AI-powered tools are undeniably transformative, helping organisations streamline their data governance processes, improve efficiency, and ensure compliance. However, they are not ‘set and forget’ solutions. Just as with any tool, AI requires ongoing management, monitoring, and oversight to ensure that it continues to perform as expected and remains in line with evolving regulations and organisational needs. Think of AI as a highly skilled assistant—it can do incredible work, but it still requires guidance, oversight, and care.

In the fast-evolving landscape of data governance, organisations must not only embrace AI but also recognise the responsibility that comes with it. By doing so, they can ensure that AI remains a force for good, improving both their governance practices and their overall data strategy.

For further information, please contact amino Data to discuss your AI and Data Governance requirements.