GDPR, CCPA, and PIPEDA are just a few examples of the growing number of strict data privacy laws around the world that are impacting virtually every aspect of how companies do business. While regulatory hurdles certainly add complexity to any business’s operations, that doesn’t mean that they’re a limiting factor. On the contrary, organizations that are highly regulated are actually more likely to be data-driven, and often have more efficient data tooling and processes than those that are not.
These insights were among the key findings from a recent survey by S&P Global’s 451 Research and Immuta. The survey showed that organizations that are subject to data privacy and data protection regulations are more likely to have a cloud-first strategy and a dedicated data engineering team, and to provide self-service analytics. It also revealed that highly regulated organizations face fewer challenges with data access and use.
Collectively, these and other findings help to illustrate that common assumptions about regulated organizations — such as that they are laggards or less effective at leveraging data — simply aren’t true. Instead, they typically stand out for their leadership in a number of important areas.
What Highly Regulated Organizations Do Differently
A Cloud-First or Cloud-Forward Strategy
One important distinction between regulated and unregulated organizations is that the regulated ones tend to see data as more important to their decision-making than their unregulated counterparts. In fact, 75% of survey respondents from regulated organizations reported that data would become more important to their decision-making over the next 24 months, versus just 51% of respondents at non-regulated organizations. It’s factors like this that contribute to so many regulated organizations prioritizing a cloud-first or cloud-forward strategy.
Respondents from regulated organizations generally reported that their organization had either a cloud-first (31%) or a cloud-forward (45%) adoption strategy. By contrast, respondents from non-regulated organizations were much more likely to have a cloud-conservative (46%) or cloud-skeptic (9%) strategy. By embracing the cloud, regulated organizations can be more flexible and reliable, lower costs, and deliver better outcomes. That includes achieving tangible ROI from their data supply chain and data leverage practices.
The survey results help confirm that the old notion that regulated companies tend to shy away from cloud technologies is simply out-of-step with reality. In reality, many are making substantial progress on this front and reaping cloud adoption’s numerous benefits in the process.
A Consistent Approach to Data Management and Access Control
Nearly two-thirds (65%) of respondents from non-regulated organizations either ‘somewhat’ or ‘completely’ agreed that their organization faces challenges in the consistent administration of data access and use. Among regulated organizations, however, that number dropped to 47%. Simply put, regulated organizations are more likely to adopt agile and automated approaches to data management, while consistently delivering the relevant data needed to support these self-service models. Their leadership is also more likely to have articulated a clear vision and roadmap for adopting cloud data management technologies, helping to ensure that the appropriate resources and attention are given to data initiatives.
Collectively, benefits like these contribute to many regulated organizations’ long-term success relative to other unregulated businesses, by allowing them to be more agile and efficient. Organizations that have a consistent approach to data management and access control are also able to increase their security and compliance, while extracting greater value from their data, thereby improving business performance.
A Dedicated Data Engineering Function
Regulated organizations also have an advantage with data engineering. While respondents from regulated and non-regulated organizations reported having a dedicated data scientist or data science team at similar rates, those from regulated organizations were over 10% more likely to say that their organization also has a dedicated data engineering team. Of course, having a dedicated data engineering function is important for scaling a business because, among other things, data engineers can increase data pipeline throughput, automate data compliance and auditing, and ensure that an organization’s data is secure both when it’s in motion and when it’s at rest.
What this finding suggests is that regulated firms are more likely to formally invest resources in the data supply side of the equation, which is critical to closing the growing gap in many organizations’ data supply chains.
Self-Service Data Access
Although self-service technology usage rates are still low overall, regulated organizations are better suited to support these models of consumption. More than half (54%) of respondents from regulated organizations indicated that their organization uses self-service analytics or visualization technology, while only 35% of respondents from non-regulated organizations did.
The fact is that regulatory requirements often force functions of data governance, such as consistent access control for data, which can facilitate safer data automation and more responsible self-service analytics. Ironically, organizations without a regulatory impetus can lag in these and other areas, particularly if they lack a clear cloud data strategy.
Ready to learn more?
People often incorrectly assume that highly regulated companies are at a disadvantage. Yet as we’ve seen, organizations that have to comply with an array of regulatory requirements are, in fact, often better prepared to use their data to achieve better business outcomes.
To find out more, check out S&P Global’s and Immuta’s full report on gaps in the data supply chain and how highly regulated companies are thriving in today’s competitive landscape. And if you want to see how you can grow your business while protecting your data, request a demo today.