More and more startup companies are exploiting business opportunities tied to data. Whether developing data-dependent AI, re-imagining how to conduct familiar business processes in innovative ways, or intelligently designing and building datasets drawing from a growing variety of sources. The common theme for this class of business is the reliance on, and exploitation of, data.
In the earliest stages, startups are focusing their energy and time on creating their product or service. As they begin to mature, they naturally start to move toward a state where they are returning value to their stakeholders – profits. Perhaps they plan an IPO or to be sold to an investor, or some other larger entity.
This paper explores options and approaches that companies could consider to determine if and when they should appoint a Chief Data Officer (CDO), as well as their scope of responsibilities.
What kind of startups should prioritize appointment of a CDO?
At some point in their lifecycle, any company that is dependent on data will need to implement data management processes. These include processes to acquire, ingest, catalog, track and at some point, dispose of data. If the data is licensed or belongs to others, they will need to understand and comply with applicable obligations. They will need to create a data architecture, build repositories and apply appropriate controls to protect the data.
This description admittedly covers a lot of scope. So the following adds a little structure to the thought process:
Does the startup…
- Handle large volumes of data?
- Have data as core to it’s business, where completeness, accuracy and currency are critical?
- Have products and services that are dependent of data, but are themselves not data products? (e.g., a website or app with data in the back-end vs. a licensed database)
- Need data that is licensed or procured from others?
- Use personal data (PII) or health data (PHI)?
- Need to demonstrate data lineage or provenance?
- Create new data, which has intrinsic value?
- Live with the risk that a data incident could cause irreparable harm?
If the answer to many of these are Yes, then the company should consider appointing a CDO. Moreover, if the company wants to go public or be bought by another company – especially a public company where the transaction is material, the startup may be expected to demonstrate discipline around the treatment and protection of data, including documented policies and procedures. While a CDO isn’t necessary to do this, a CDO can design and implement practices and disciplines that will provide comfort in a due diligence setting, and integrate those disciplines into the daily business routine of the startup.
What value can a CDO provide to a startup?
A CDO can provide a range of value to a startup. The CDO looks at a company’s business through the lens of data, and is sensitive to both the value (revenue) cycle as well as the risks and obligations, recognizing they go hand-in-hand. From this vantage point, they can enable the business by sourcing data and removing barriers, and can implement right-sized controls, proportional to actual risks and obligations. In effect. they can enable the data scientists – who seem to always “need…more…data…” – by providing relevant data, aligned with business objectives, where obligations and risks are managed elsewhere. Call it “unencumbered data”.
A CDO understands and recognizes the transformative potential of data, but also a balanced sense of proportion – especially when resources are scarce. By implementing structure around the activities of data scientists, a CDO can improve the chances that research will be fruitful and aligned with business objectives – with a necessary degree of transparency for stakeholders.
Protection and Compliance:
Most information that companies want to use will have some kind of requirements around handling. These will emanate from one or more of the following:
- The data is regulated; many data projects will incorporate information about people — PII or PHI — likely controlled by one or more regulatory frameworks (e.g., GDPR, CCPA, GLBA, HIPAA/HITECH)
- The data belongs to others and is governed by a contract or Data Use Agreement
- The data is valuable and needs to be protected – these protections might be present as a result of the data being regulated.
- A breach of the data could result in harm or loss, either to the company or to data owners, and should cause the company to respond in a certain way.
The CDO, who should understand the nature of data, can work with the CISO and counsel to implement proper controls to protect the data and comply with requirements.
By understanding the business and compliance perspectives of data, the CDO can provide perspective on the ethics of data use. So much of the new digital economy is exploring uncharted territory, where potential uses haven’t yet been imagined. There are lines not yet drawn around what industry should do, even though they can do it. Data-driven inventions can cause real or perceived harm to consumers as they disrupt industries. Whether its financial services, advertising/marketing, insurance, consumer electronics, or the breadth of online applications and properties. Data is central to these and a misstep can be catastrophic.
Transparency is a cornerstone of the capital markets. And while data-driven startups are inventing new ways to conduct business and benefit consumers, much of it is betting on the future. With so many unknowns, appointing a CDO can help inspire confidence that a data-dependent startup is approaching their objective with a view to managing their data assets for the longer term.
What can a CDO do?
85% of the time, “Big Data” initiatives fail to meet their objectives, and 50% of startups fail in the first year. Start-ups relying on data can’t afford many false starts. The CDO can spearhead data management activities that can, in aggregate, reduce risk of project failure and increase the likelihood of achieving the desired outcome. These might include
- Vision and strategy, involving leaders across the company
- Data inventory
- Data architecture
- Data acquisition
- Data maintenance and quality
- Data retention and disposition,
- Risk assessments, protection and compliance processes
While these are not necessarily discrete activities, and should certainly be scaled to the situation, having a framework in place would be very useful to (1) enable growth, (2) permit introduction of different data sets, and (3) give Boards of Directors, auditors, reviewers and regulators a level of comfort that the company takes data management seriously.
Balancing cost vs value? Alternatives…
Many early stage startups are focused on laying out the important initial groundwork to sustain themselves — developing products, recruiting talent and identifying customers. As they move through funding stages and become established, they might be looking toward aggressive growth, IPO and engaging in discussions to be acquired. This is a sliding scale – and it may not make sense to appoint a full-time CDO initially. Startups should consider engaging a consultant or a CDO on a contract basis to implement and appropriate framework. As time and circumstances evolve, the time commitment can be adjusted.
Who should drive the decision?
The role is so important and strategic, that the CEO should drive the decision to appoint a CDO. The CDO should expect to work closely with the CEO, as well as the rest of the executive team. Moreover, the CDO should expect to meet with the investors and advisory board to reinforce the role and how it will help the company accelerate forward.
It goes without saying that startups leveraging data science are not at odds with managing data, or the scope of a CDO. They are extremely complimentary, to the point where an CDO can dramatically improve the probability of a data program, or data-dependent startup, succeeding.