Play 06 - Conduct regular data audits for accuracy and security

#dataaudit #risk #sensitivedata #documentation

Relational play for data stewards: Conduct regular data audits for accuracy and security.

A #dataaudit is a process of evaluating the social and technical infrastructures related to an organization’s data at regularly scheduled intervals. This may include reviewing the location, quality, and consistency of the data, as well as the common workflows or uses of the data and who is able to do what with specific datasets. Data audits can support the minimization of #risk in that an organization can review general workflows of sensitive data to ensure that access is available to permitted parties and the technical infrastructure supporting that data is still serving its intended purpose. Data audits can also be set up in ways that mirror organizational priorities. The basic considerations include: determining where the data are, if the data are complete, if the data can be used for a specific purpose, and how and by whom the data is being used.[1]

From the data audit, a report can be created to document the state of the data at that particular moment. This report can serve as a record of the data over time, including the issues that have arisen and been addressed, and who might serve as a contact point for a specific change or decision.

🌱 Each play stems from a takeaway from an case study, workshop, or other learning source.

Takeaway: Risk emerges in different ways when data sharing.
Data #misuse runs the gamut from truly harmful—misaligned actors can selectively choose data points to communicate harmful or untrue narratives—to merely inconsiderate—people could use data without acknowledging the original source. The risks of sharing data can rarely be fully eliminated, but there are practices and tools that can mitigate against potential threat.

Source: Community Data Playbook (Full report)

  1. Everything in Its Place: A Guide to Data Audits. Strings Not Factors. Access here. ↩︎