By Fatskills Exam Guides Team — the exam nerds behind 28,500+ quizzes and 2.1M practice questions across 500+ global exams.
Manage, protect, and ethically use data to drive decisions and comply with regulations.
Data governance is the framework of policies, processes, and standards that ensure data is accurate, secure, available, and used ethically across an organization. You’d use it today to: - Comply with laws like GDPR (EU) or CCPA (California) to avoid fines (e.g., Meta’s €1.2B GDPR penalty in 2023).- Improve decision-making by ensuring data is trustworthy (e.g., 84% of CEOs distrust their own data, per KPMG).- Reduce costs from poor data quality (IBM estimates bad data costs the U.S. $3.1T annually).
The lifecycle of data from creation to deletion, including: - Storage: Where data lives (databases, data lakes, cloud).- Metadata: "Data about data" (e.g., who created it, when, and why).- Lineage: Tracking data’s origin and transformations (e.g., "This sales report pulls from CRM → SQL → Tableau").- Retention: How long to keep data (e.g., GDPR requires deleting personal data when no longer needed).
Key question: Who owns this data, and who can access it?
Measures how fit for purpose data is. Dimensions: | Dimension | Example Problem | Fix | |-----------------|-------------------------------|------------------------------| | Accuracy | Wrong customer address | Validate against postal APIs | | Completeness| Missing 30% of order records | Enforce required fields | | Consistency | "USA" vs. "United States" | Standardize values | | Timeliness | 2-week-old inventory data | Automate updates | | Uniqueness | Duplicate customer records | Deduplicate with fuzzy matching |
Rule of thumb: If you wouldn’t bet $100 on a decision using this data, it’s not high-quality.
Critical difference: | GDPR | CCPA | |-------------------------------|-------------------------------| | Opt-in (explicit consent) | Opt-out (assumed consent) | | Applies to any data | Applies to personal info | | Global reach | California-only (but similar laws in Virginia, Colorado, etc.) |
Beyond legal compliance, ethics asks: Should we do this, even if we can? - Bias: Does the data reflect societal biases? (e.g., facial recognition works poorly on darker skin tones).- Transparency: Can users understand how their data is used? (e.g., "We use your location to recommend nearby stores").- Purpose limitation: Is the data used only for the stated purpose? (e.g., don’t use health data for targeted ads).- Accountability: Who is responsible if something goes wrong? (e.g., assign a Data Protection Officer (DPO) for GDPR).
Example: Clearview AI scraped 30B facial images from social media without consent. Ethical? Legal? (GDPR says no; U.S. courts are split.)
Tool: Use Collibra or Alation for data cataloging.
Example workflow: 1. A user submits a DSAR (GDPR right to access).2. The DPO verifies their identity.3. The system automatically redacts third-party data (e.g., "This record includes data from Facebook").4. The user receives a machine-readable copy (e.g., JSON) within 30 days.
Goal: Identify and fix data quality issues in a CSV file.
# Install Great Expectations pip install great_expectations # Initialize a project great_expectations init # Load a dataset (e.g., customer_data.csv) import pandas as pd df = pd.read_csv("customer_data.csv") # Define expectations (e.g., "email should not be null") from great_expectations.dataset import PandasDataset ds = PandasDataset(df) ds.expect_column_values_to_not_be_null(column="email") ds.expect_column_values_to_match_regex(column="email", regex="^[^@]+@[^@]+\.[^@]+$") # Run validation results = ds.validate() print(results)
Expected outcome: - A report showing pass/fail for each expectation (e.g., "10% of emails are null").- Actionable fixes (e.g., "Add a NOT NULL constraint to the email column").
Goal: Replace PII (Personally Identifiable Information) with fake data.
from faker import Faker import pandas as pd # Load data df = pd.read_csv("users.csv") # Initialize Faker fake = Faker() # Anonymize columns df["name"] = df["name"].apply(lambda x: fake.name()) df["email"] = df["email"].apply(lambda x: fake.email()) df["phone"] = df["phone"].apply(lambda x: fake.phone_number()) # Save anonymized data df.to_csv("users_anonymized.csv", index=False)
Expected outcome: - A new CSV where real names/emails/phones are replaced with fake data.- Use this for testing or analytics without violating privacy.
Goal: Add a CCPA-compliant opt-out link to a website.
<!-- Add this to your website's footer --> <a href="/do-not-sell" id="ccpa-opt-out">Do Not Sell My Personal Information</a> <!-- JavaScript to handle the request --> <script> document.getElementById("ccpa-opt-out").addEventListener("click", function(e) { e.preventDefault(); // Send request to your backend to opt the user out fetch("/api/opt-out", { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ userId: "123" }) }).then(response => { alert("You have opted out of data sales."); }); }); </script>
Backend (Python/Flask example):
from flask import Flask, request, jsonify app = Flask(__name__) @app.route("/api/opt-out", methods=["POST"]) def opt_out(): user_id = request.json.get("userId") # Store the opt-out in your database # Example: update users set ccpa_opt_out = true where id = user_id return jsonify({"status": "success"})
Expected outcome: - Users can opt out of data sales with one click.- Your system logs the request and stops sharing their data with third parties.
Join 4M+ learners. Unlock unlimited quizzes, wrong-answer tracking, flashcards + reminders, study guides, and 1-on-1 challenges.