Loading...
You are here:  Home  >  Data Education  >  Data Architecture News, Articles, & Education  >  Data Architecture Blogs  >  Current Article

Is Master Data a Controlled Substance?

By   /  April 2, 2018  /  No Comments

Click to learn more about author Frank Cerwin.

I recently engaged on a project to design a Master Data Management (MDM) solution for pharmaceutical products.  As my knowledge of the subject area developed, I began to see how the degree of Data Governance applied to pharmaceutical products is also applicable to all types of Master Data domains.  Prescription drugs are used to treat diagnosed illnesses and debilities.

Strong governance is put in place to ensure the drug is safe, administered properly for the correct indication (purpose), and is not abused.  A MDM program is often prescribed as a treatment for defective data that resulted in debilitated business processes.   Data defects can be caused by poor quality or from an inappropriate fit to the business purpose that it was applied to.  Additionally, like a drug, Master Data can be abused.  Government entities, industry organizations, and corporations create governance policies, standards, procedures, and adjudication for drugs as well as Master Data to avoid or remediate these issues.

Achieving Master Data Quality can be a challenge since it is often sourced from a number of enterprise applications and third parties outside the direct management of the MDM program.  A lesson can be adopted from the pharmaceutical industry where the U.S. Food and Drug Administration (FDA) has well-documented procedures to ensure uniformity and consistency of inspections of a drug manufacturer’s data, procedures, and methods.

Procedures include performing sampling to detect inferior product.  This degree of inspection can be applied to Master Data when it’s being selected as a MDM program source as well as on a continuous basis to ensure that it maintains the required level of quality.  A respected MDM program will detect problematic data, immediately engage with the source to remediate the issues, and notify the MDM downstream subscribers about the data issues and the action plan.  Traceability, accomplished through documented lineage, and adjudication procedures from data creation to disposal provides assurance to MDM subscribers that the data they receive can be trusted and safe for use.

Additionally, drugs are tested for their efficacy in the U.S. as part of the responsibility of the FDA Drug Efficacy Study Implementation (DESI).  DESI rates drugs on a scale from safe and effective to less than effective for their intended medical indications.  A MDM program must accomplish the same objective.  Prior to a MDM program being in place, I’ve observed Master Data sources being chosen based entirely on XML tag names without any other metadata being scrutinized.  Master Data, like a drug, must be appropriate for the purpose to which it is applied to truly be effective even when all other quality dimensions are satisfied.

Therefore, well-defined and accurate metadata is a critical component for both Master Data and drug production.  In addition to an enterprise’s MDM program, industry organizations can improve effectiveness, such as GS1 which provides standards to reliably recognize and share supply chain product and location Master Data across organizations.

In the U.S., specific drugs are categorized by the Drug Enforcement Administration (DEA) into five categories or “schedules” according to their recognized health benefits, risks to users and likelihood for non-medical use.  Categories range from Schedule I drugs that are defined as drugs with no currently accepted medical use and a high potential for abuse to Schedule V drugs with the lowest level of dependence.  Obviously, schedule I drugs must have the strictest controls.

Master Data classifications are similarly based on the levels of benefits, risk, and likelihood of misuse.  Typical classifications assigned to Master Data from highest to lowest risk are “highly restricted”, “internal confidential”, “personal”, and “public”.  The U.S. government’s Health Insurance Portability and Accountability Act (HIPPA) and the European Union’s General Data Protect Act (GDPR) are two examples of governance established to protect Master Data from abuse of personal health information (PHI) and personally identifiable information (PII) respectively.  Based on its risk rating, Master Data is protected using technologies such as encryption, masking, access restrictions, and usage agreements.

Should Master Data be governed as a controlled substance?  Absolutely.  That is the purpose of the MDM program.  To ensure quality, fitness for the purpose where it is applied, and prevent it from being intentionally or inadvertently misused.  Maybe Master Data should come with its own warning label – “May cause rash business decisions and severe financial discomfort if not managed and used as directed.”

About the author

Frank Cerwin focuses his firm, Data Mastery Inc., on Master Data Management (MDM) strategy, planning, design, and education. Frank developed and offers clients a highly-acclaimed MDM framework and service operating model that establishes a long-term, sustainable MDM program. His framework and model have proven to overcome issues experienced by organizations who struggle to launch, cost justify, sustain, or grow their MDM programs. Frank has over 30 years of leadership and architect experience at Fortune 500 companies. His extensive career experience spans MDM, customer analytics, database management, Enterprise Application Integration (EAI), application development, and security. Frank’s industry experience includes banking, insurance, restaurant, manufacturing, and healthcare, as well as government. Frank is the producer and presenter of the online course “Mastering a Master Data Management Program” that is offered through Dataversity Training Center. He is a Six Sigma Green Belt and ITIL certified and has been a featured speaker at several national data conferences including Enterprise Data World, Enterprise Dataversity, TDWI, Data Governance/Information Quality, and BI Innovation Summit. Follow Frank at: Twitter, LinkedIn

You might also like...

Data Governance and Serverless Computing

Read More →
We use technologies such as cookies to understand how you use our site and to provide a better user experience. This includes personalizing content, using analytics and improving site operations. We may share your information about your use of our site with third parties in accordance with our Privacy Policy. You can change your cookie settings as described here at any time, but parts of our site may not function correctly without them. By continuing to use our site, you agree that we can save cookies on your device, unless you have disabled cookies.
I Accept