The dawn of digital governance

When the internet first came along it was a bit like the American gold rush. People were staking their claims on the new ground with nothing more than a flag on a stick and a glint of avarice.

Companies sprang up overnight building websites of enormous cost and complexity. People spooned repurposed brochure content into the accompanying white space. There was money in them thar hills – and not a few error messages.

Over time things calmed down. dot.coms boomed and busted, the cowboys were rode out of town on a rail; the approach to content became more thoughtful.

But not thoughtful enough…

Yes, best practice emerged and organisations maintained (somewhat) as well as built things. Digital professionals also began to measure – everything and anything. The internet was wonderful for measuring – it still is. You can create bar charts that show you loads and tell you nothing. Nonetheless, they look mighty fine in a PowerPoint presentation.

Skill sets began to evolve. Companies slowly began to realise that a new website or email programme wasn’t just a technological progression but a communications one. Most recently the internet has gone out into the field as devices become more plentiful and more highly mobile. The phones, at least, became smart. And media became social.

But what holds all this together and, most importantly, what bonds what’s happening in marketing departments and agencies to what is decided at board or senior manager level? What I see is business critical communications decisions being made as if they were simply tactical subsets.

A toe in the budget door – but not the boardroom door

Digital communication professionals did themselves no favours. Marketing and even IT departments were the traditional organisational gateways to budget decisions. We framed our arguments and project language in a way that the people deploying what we offered would see as relevant. Oh, a big website overhaul might be a senior management or board decision but that was on the basis of costs (or politics) and the fact that some IT Directors, at least, made it through the digital ceiling.

So, what makes a digital project relevant at the very highest level? What raises what we do to the most senior floors and embeds communication and content as business critical, alongside production costs and HR budgets?

Let me introduce you to the concept of digital governance…

I’ve worked as a non-executive director in the National Health Service (NHS) and spent a number of years as a Chair of Governance. Governance is embedded into corporate structures at the highest level and companies such as Enron have simply served to demonstrate the value of probity.

Good corporate governance is a system for structuring, operating and controlling based on: sound business ethics, long-term strategic goals, care of employees (past, present and future), customers and suppliers, the environment and the local community and proper compliance with legal and regulatory requirements. Source: Applied Corporate Governance

Within the health service there is also a specific clinical governance structure. In my opinion this brings together to critical organisational pathways: business function and business output.

Clinical Governance is a framework through which NHS organisations are accountable for continuously improving the quality of their services and safeguarding high standards of care, by creating an environment in which excellence will flourish. Source: A First Class Service – Quality in the new NHS

Clinical governance: bridging the gap between managerial and clinical approaches to quality of care Source: Stephen A Buetow, Martin Roland

Over the last year I’ve taken this learning acquired in the health service and tried to develop a framework for its development in digital content. What I’ve come up with is this:

Digital Governance is the framework through which organisations are accountable for continuously improving the quality of what they offer audiences digitally,  safeguarding high standards  and creating an environment in which excellence will flourish. Source: Me

Digital governance: bridging the gap between managerial and digital approaches to quality of content and communication. Source: Me

Okay, where am I going with this? And why should you care?

Anne Caborn's digital governance visualI believe that if we don’t start drawing content into some big business framework it could slide back into a series of not particularly significant (in board terms) silos; whether that’s usability, content development and management, design and build, search and optimisation… Content strategy has gone some way to providing the glue for harmonising key skills and expertise but it isn’t a term that gets the suits excited.

Information Governance already exists. Organisations get that the governance and accountability relating to business usage and storage of information is business critical. But information goes only partway to describing and proscribing content. Digital governance  of content creation, production and maintenance, supporting processes / methodologies and technologies needs its own guidelines, benchmarks for excellence and monitoring systems (piped upward to board level in dashboard form).

I’ve come across the term digital governance (and web governance) here and there but its current definition is neither broad enough nor sufficiently demonstrated within an organisation. It deals with probity – but not excellence. The only person who comes close to covering this ground sufficiently, in my opinion, is Lisa Welchman in the United States.

In the health service the weft and weave of clinical governance is raised to board level using a range of data and compliance measures. Mortality figures are obviously a key metric but what about recovery times for people operated on in a specific operating theatre, sent to recover in a specific ward? Do ‘bed days’ go up or down dependent on where a patient was admitted from, whether it was during the day or during the night? Metrics are marvellous but only if you bring them together from multiple sources, keep them current  and interpret them with confidence and robustness.

There is also another critical thing that makes governance business critical – the risk of legal and punitive  censure. Since 2001-2, NHS Chief Executives have been required to sign a Statement of Internal Control that forms part of the statutory accounts and annual report. In order to make this statement, Boards must be able to demonstrate that they have been properly informed about the totality of principle risks that an organisation faces (not just financial). Conclusions to such risks need to be documented using an evidence-based approach.

I firmly believe that in order for digital content to be discussed and taken seriously at board level, the possibility of breaking the law – which exists – needs to be better evidenced and monitored.

What laws do you want to break today?

I’m currently working on some new training and workshops that attempt to bring together the necessary governance disciplines required to properly monitor compliance with all the legislation and regulations that should keep organisations awake at night (but to which they are currently not paying it sufficient attention – if any at all). I’ll be covering this off in much more detail next year but the things we should be all-over-like-a-rash include:

1. Since March 2011 the Advertising Standards Authority in the UK has also been responsible for regulating online marketing. It recently banned a series of online ads for Lynx spray (it’s a bloke thing), which ran on Yahoo, Hotmail, Rotten Tomatoes, Anorak and Spotify, for being ‘likely to cause widespread harm and offence.”

2. Privacy and Electronic Communications (EC Directive) Regulations 2003 prohibit unsolicited electronic marketing material unless covered by the “soft opt-in” rule. This covers not only email but also text messaging. Breach of the regulations can result in regulatory investigations, fines, civil damages actions and criminal liability. Criminal sanctions may be imposed on company directors, as well as the company.

3. The above regulations also introduced controls on the use of cookies on web sites. Users have to be given guidance on why information is being collected using cookies and the opportunity to refuse that information. Organisations using cookies should have a clear compliance statement.

4. Since 2007 companies in the UK have needed to include regulatory information on their websites and in their email footers, such as company number and registered address (not always the main contact address) or risk being fined under the Companies Act.

Do keep up!

5. The Disability Discrimination Act (DDA) 1995 Part 3 makes organisations responsible for making their websites accessible.  The section came into force in October 1999 and the Code of Practice for this section was published in May 2002. The legislation was policed by Royal National Institute of the Blind (RNIB) which forced a number of companies to make changes to avoid prosecution.

6. But did you know that since  October 2010 the Equality Act  replaced ‘most of’ the DDA? The RNIB points out that the new Act is ‘anticipatory’, which means you cannot wait until a disabled person wants to use your services, but you must think in advance and on an ongoing basis, about the potential illegality of:

  • links that are not accessible to a screen reader
  • application forms in a PDF format that cannot be read by a screen reader
  • core service information (for instance, timetables on a public transport website) not in a format accessible to screen readers
  • using text, colour contrasting and formatting that make the website inaccessible to partially sighted users
  • changing security procedures (for instance, on an e-commerce website) without considering the impact of blind and partially sighted customers that use screen readers.

And this, my friends, is just the tip of the iceberg.

Now, I know what you’re thinking…

You may think that as the newspapers are NOT wall to wall with reports about major prosecutions under any of the above (there have been significantly more in Australia, as far as I can see), you can just keep calm and carry on as before. I have only one question: Do you want to be the first prosecution? Even without a prosecution, do you really want to be named and shamed by a regulatory body?

Welcome to Digital Governance 101.