Data contracts for automation
One of the benefits of data contracts is the amount of automation they unlock.
This could include platform capabilities such as:
- Standardised interfaces
- Resource management
- Backups
And it can include data governance tasks such as:
- Data retention
- Access controls
- Audit and regulatory compliance
All you need is the data contract to contain the required information. So, for backups you might have something like this in your data contract:
backups:
- schedule: daily
- retention: 30d
- destination: s3://...
From that we can easily provide tooling that reliably takes well tested backups.
Something more complicated like access controls might need configuration on the each field, for example:
fields:
- email
- is_personal_data: yes
- data_subject: customer
- data_categorisation: confidential
- last_active:
- is_personal_data: no
- data_subject: customer
- data_categorisation: internal
You could then provide tools to apply access controls to those fields based on a users role, for example the support team may have access to confidential customer data, while engineering teams may only have access to internal customer data.
Exactly how you define these labels in your data contract and the policies you define will depend on your organisation.
But as long as there is sufficient information in the data contract you can automate many, if not all, of the tasks associated with managing data.