Who owns your digital policy?

There’s an old joke that the risk of a child being injured increases in direct proportion to the number of adults present. Whether there’s any truth to it or not, the point is that, when no one has designated any individual with having primary responsibility, nobody takes responsibility.

I think that’s a great analogy to where we are with digital policy. People are very aware of the risks and opportunities within their own areas of responsibility. And that’s a good thing. Digital policy is too big for one person to be an expert in every single aspect.

The downside, however, is that when there are a number of stakeholders operating independently, there’s a high probability that there are too many people watching one area and no one watching another. That’s why you need someone with ownership of the whole thing.

Why you need a digital policy director

As you can see in the graphic above, some areas overlap — which could result either in a turf war or in each party assuming the other is handling it — and then there are gaps where some things aren’t covered at all. While it’s better than ignoring digital policy altogether, it creates the potential for some problems. Here are a few examples:

  • Sales is excited about the potential of Big Data to help with customer segmentation. The Technology folks, on the other hand, want to minimize their data security risks.
  • Marketing is excited about launching campaigns in new countries, but Legal isn’t confident that Marketing knows enough about that country’s regulatory requirements.
  • Social wants to embrace user-generated content, but Legal is worried about potential liability, and Branding is worried about users posting content that doesn’t reflect well on the company.
  • Content creates an image of the company logo to put on the “About Us” page, but they don’t realize that Marketing and Legal require not just a shade of green that looks close, but a particular shade of green: 00d400 and 00d446 might look the same, for example, but only a logo with 00d400 is trademarked.

In other words, even if everyone is handling their own little circle perfectly, you’re asking for trouble if there’s nobody to coordinate the different circles into one cohesive digital policy.

What a digital policy director does

The job of a digital policy director is twofold: to make sure nothing falls through the cracks, and to resolve conflicting goals. That includes things like:

  • Researching and understanding digital best practices on a comprehensive level
  • Determining the company’s tolerance for risk
  • Resolving conflicting goals or concerns
  • Identifying any gaps and delegating them to a specific owner
  • Communicating the need for a digital policy to employees
  • Training employees on how the new digital policy affects their jobs
  • Providing tools and resources that make it easy for employees to follow the policy
  • Monitoring ongoing compliance with digital policies and resolving any problems
  • Regularly reviewing policies to identify any areas that need to be added,deleted, or updated

What a director needs to succeed

If you’ve ever worked in a corporate environment, you know what it’s like to have responsibility without authority. A digital policy “director” who’s outranked by competing VPs won’t — and can’t — be very effective. Here’s what a digital policy director needs in order to succeed:

  • The clearly stated endorsement by and support of the C-suite
  • The consistent communication of that support to all stakeholders
  • Clear guidance on who has the final say when stakeholders disagree
  • Guaranteed, quick access to whomever that decision-maker is
  • Company-wide communication of what the digital policy is and who’s responsible for creation and implementation
  • The resources needed to get it all done

Who needs a digital policy director

If you’re a small business, you’re probably thinking: “Well, sure. That makes sense for a big company with a thousand VPs.” Or, if you’re an enterprise, you’re probably thinking, “Well, sure, that makes sense for small businesses where everybody is pulling triple duty and no single person is in charge of anything.”

The truth is that company size doesn’t matter. Whether you have too many people focusing on specific issues, or too few people focusing on multiple issues, your digital policy needs an owner. That owner — the director — needs to have the support of the C-suite, and all stakeholders need to know who has the authority to make the final decision.

What are the most important skills for a digital policy director?

To be successful, a digital policy director needs a combination of “hard” and “soft” skills:

  • Broad business expertise: One of the most important qualifications for a digital policy director is an understanding of all of the moving parts involved in running a business, as well as how each of those parts affects the others. For example, a digital director weighing the risks of collecting data vs. the risks of that data being compromised would need to understand things like the potential revenue that data could generate, whether there are other avenues for generating that revenue, the (quantifiable) level of risk associated with the data, and the ability of policies/preventive measures to lessen that risk.
  • Legal/regulatory expertise: While a law degree isn’t essential (although it would certainly be a plus), what’s more important is an awareness of the laws/regulations affecting a particular business or industry. It’s really a matter of knowing which questions to ask. For example, someone who had no idea that some countries have restrictions on the transfer of their citizens’ personal data wouldn’t know to ask what measures were being taken to bring the organization into compliance.
  • Research skills: Having all the answers isn’t as important as knowing where to find the answers. That’s especially true when it comes to finding out what you don’t know that you don’t know — something best solved by researching the best practices of other organizations/industries.
  • Attention to detail: Laws and regulations are, almost by definition, detailed and nitpicky. A digital policy director needs to be able to consider both policies and compliance with those policies at the same level of detail as a lawyer or government agency.
  • People skills: A digital director needs to be able to assess and bridge conflicting egos, negotiate competing objectives, act as peacemaker for turf wars, etc. Listening skills are critical, as is the ability to read between the lines and perceive a stakeholder’s real objectives and concerns.

It’s not a popularity contest. However, a digital policy director absolutely must have the ability to work with people who have very big egos and very different objectives — and to get the job done regardless of any personal issues.

Digital policies need subject-matter experts. And the various functional areas need someone to represent their interests. But you also need somebody to coordinate the whole thing. Otherwise, you don’t really have a digital policy. You have a bunch of different stakeholders doing their own thing in their own way. So I encourage you to take a close look at your approach to digital policy and, if needed, to find yourself a five-star director.

Digital policy innovator, helping organizations see policies as opportunities to free the organization from uncertainty, risk, internal chaos.