Two major stories emerged over the last few weeks that throw a spotlight on the importance due diligence in data. What I mean by this is actually having proper systems of control and governance over data in your organisation rather than simply paying lip service to it.

The first is the $400 million fine levied on CitiGroup for Data Governance failures by the Federal Reserve and the Dept of Treasury. The second is the recently released

Wexford County Council has had to start filing a flight plan for data if they want to put drone mounted cameras in the air. The Data Protection Commission has determined that, not withstanding the fact that the recorded images were not distinct enough to allow the identification of any individual, the deployment of drone mounted cameras as part of Wexford County Council's Easter Week response to Covid-19 travel restrictions constituted the deployment of a mass

In the Hitchhiker's Guide to the Galaxy, Zaphod Beebelbrox (Galactic President, criminal, and all-round froody dude) has a unique approach to managing and mitigating risk. He has a pair of Joo Janta 200 Super-Chromatic Peril Sensitive Sunglasses. These glasses have a particular function. They help people maintain a relaxed approach to danger by turning completely dark and opaque at the first sign of trouble. In this way, the wearer is unaware of the impending danger,

Too many strategy leaders in today's organisations are viewing their organisations through a keyhole. This means they are ill-equipped to respond to crises. It means they are ill-prepared to take advantage of unforeseen events. That keyhole is the understanding of data and information processes and flows within the organisation. The shape of this keyhole is influenced by a variety of factors. The academic background of the leader influences it. Their experience in the day-to-day operations

In Ireland, and around the world, this is the time of year when children return to the classroom. Whether it is the nervous newbie entering primary education for the first time or the know-it-all young adult starting university, it's historically been a time of change, uncertainty, and adventure.

And into that mix this year we have to add the challenge of a global pandemic and the readjustment of the old logic of how the world works

Last week I wrote about the Bastard Son of Shield (BSOS) and how the announced 'talks about talks' between the EU Commission and the US Dept of Commerce would inevitably lead to another collapsible adequacy decision unless there was some fundamental rethinking of the situation on the United States side of the discussion of any replacement for Privacy Shield.

I believe it is essential now that both sides take this opportunity, an opportunity that has been

What is the value of data to your organisation? Can you put a monetary value on it? What would you base this valuation on?

If economics is the dismal science, infonomics is its grim-faced ginger haired cousin. Infonomics has been defined by its pioneering innovator, Doug Laney, as the:
discipline of managing and accounting for information with the same or similar rigor and formality as other traditional assets (e.g., financial, physical, intangible, human capital).
While the value of

The US Department of Commerce and the European Commission have responded to the striking down of Privacy Shield by issuing a joint press release. This release announces that:
The U.S. Department of Commerce and the European Commission have initiated discussions to evaluate the potential for an enhanced EU-U.S. Privacy Shield framework to comply with the July 16 judgment of the Court of Justice of the European Union in the Schrems II case.
What does this mean for

Data Ethics, Data Quality, and Data Literacy are inextricably linked in a number of ways. And they can have a significant impact and influence when we begin to look at issues of accuracy in Data Protection. Of course, while accuracy in personal data is an obligation under data protection law, accuracy in how you present and report on data protection related issues, like regulatory fines, is an issue of data literacy and potentially data ethics.

Dermot Casey posted a question on Twitter today about books that leaders in information-driven enterprises should read, wondering if there were any others to add to the list.

Heres a bunch of books I recommended a few years ago to people who were going to be managing information driven enterprises. Still all great books. What else belongs on the shelf with them ? pic.twitter.com/77I0AalGdu
— Dermot Casey (@dermotcasey) July 24, 2020


I'm a big fan of Thought Readership.

Castlebridge is 11 years old on the 24th July 2020. It's been an interesting journey. Looking back on my vision for Castlebridge, I find myself returning to the reasons why I started the business. My strategy and motivation was to help people in organisations do great things with data. Not by buying more technology (although I do love my toys and tools), but by understanding (as Peter Drucker put it in a 1998 article in

Last week I gave a webinar on Data Strategy for Data Protection Officers and Data Governance leaders. The topic was the importance of defining a clear strategy. I talked about the need for such a strategy to help navigate the inevitable iceberg question of "how does this role add value"? This is a key issue, not just for formal data leader roles like the DPO and the Data Governance role. It is relevant for anyone

So, Ireland advances through the stages of reopening in the midst of a pandemic, we see the beginnings of a Data Ethics case study unfolding as technology vendors start their advertising of thermal scanning solutions as part of a Covid-19 response strategy. The question is one of the ethics of technology solutionism versus soap and water and whether suppliers of data processing technologies have an ethical duty to be upfront about the limitations to the

The full list of ministerial and junior ministerial appointments is how complete and the government of Ireland can move on with the juggling of departmental structures (i.e. people, physical assets and equipment, data, data governance measures etc.)

Here’s the full formal list of Ministers of State and their official responsibilities. @VirginMediaNews pic.twitter.com/B46SMq4yPd
— Gavan Reilly (@gavreilly) July 1, 2020


Despite the high profile given to Data Protection in the Programme for Government announced a few short weeks ago,

The draft programme for Government has been published and a quick scan through it highlights some data-centric themes and issues that organisations should pay attention to in the coming weeks and months. This is a programme that has been defined in order to frame a government for the rebooting and the recovery of the economy. Therefore, the measures proposed in it should be considered in that light. They are, by and large, proposed as enablers for

My friend Anthony Algmin has a thought provoking post on TDAN.com this month (alongside my thoughts on data in the "new normal"). Anthony makes some fantastic points about how the social and economic recovery from the deep freeze of Covid-19 will need a new breed of data leader to emerge, one that has learned the lessons of the last 30-odd years we've spent not quite getting it right. The importance of an information-enabled strategy for

The Data Protection Commission confirmed last Friday (15th May 2020) that they had submitted their first administrative sanction under GDPR for approval by the Circuit Court. This was covered over the weekend by the Sunday Times and the Irish Times.

The fine relates to three data breach instances in October 2019. It is one of a number of investigations the Office of the Data Protection Commission has had open in respect of Tusla. For a variety

We've all heard the hackneyed phrase "Information is an Asset". Yet despite decades of work by my friend and mentor John Ladley,  and Garter and Forrester alumnus Doug Laney (to name but two), information and data don't appear on the balance sheet of any organisation. At least not explicitly. As organisations of all sizes begin to assess how they will restructure and refocus their businesses and operating models in what is being referred to as "The

Castlebridge has always been a promoter of remote working capabilites and we have tried over the years a number of approaches to help organisations find and deliver the best data management training possible for delivery in a variety of ways. Over the past few weeks we have been putting together our contingency planning for Covid19 in the event of restrictions on gatherings or other challenges in delivering training to clients either in-house or on our