Three Steps to Ethical People Analytics
The greatest risk for today’s people analytics functions is not technology, a lack of available skills, or budget. It’s the risk of abusing the foundational element of people analytics: employee data. And that risk is growing exponentially, because of the new ways in which we collect and use employee data. From organisational network analysis to skill-based workforce planning, from employee listening to employee experience, innovation abounds, and risks have multiplied, but are barely understood.
When the risk inherent in the collection, manipulation, and use of personal data is poorly understood it leads to one of two outcomes:
First: caution paralysis. Sheer endless loops of review and discussion about a proposed people analytics project, new data or tools. Case in point: a client who looked to upgrade their survey software was told it would take 18 months to complete the privacy review… Caution paralysis renders people analytics functions unable to deliver meaningful results and demonstrate value efficiently.
Second: blind analysis. Analysing and sharing of data that at some point yields a breach; either on a small scale, such as sharing individual survey results of team members with a senior leader, or on a large scale, such as installing surveillance programs on employee computers without their knowledge or permission. This leads to a crisis of confidence from which people analytics teams and leaders’ careers seldom recover.
We’ve discussed in the past how a Data Ethics Charter – a set of clear principles on the use of data – is essential to avoid these two outcomes, by better understanding what should and shouldn’t be done with an employee’s personal information. But what we have learned over the past three years is that an Ethics Charter is not enough. It’s not enough even when written specifically for people analytics, and it certainly isn’t enough when it is a general corporate ethics charter.
In addition to an Ethics Charter, organisations need a governance process for people data, in order for the Charter to be activated. A governance process balances the opportunities and risks of People Analytics. In this blog, we’re going to look at:
1. What is a governance process for People Analytics?
What is a governance process for People Analytics?
Insight222’s People Analytics Program members co-created a three-step process that enables projects to stay within the boundaries of the Ethics Charter.
1. Step one is the initial go-ahead, based on three straight-forward questions:
Is the proposed project legal?
Is it aligned with the Ethics Charter?
Would we be comfortable if it shows up on the front page of the New York Times?
2. Step two occurs when the project is running, and the team finds new opportunities to analyse the data or requires different data than originally anticipated (both are common occurrences). This requires a deeper, more technical series of questions that Insight222’s group co-created (the full set of questions are shared amongst members). Questions, such as:
Who will receive the output of this analysis?
Is this something we would be happy to share with our workforce?
Do we need explicit consent to use the data? Do we have implied consent?
3. The third and final step occurs at the end of the project when results are found. The Governance Council (see below) has the opportunity to review the results to decide whether proposed actions and recommendations conform with the ethical standards of the organisation. The Governance Council questions include:
Is there a clear methodology for how the analysis was conducted? Can this be explained simply?
How long will this data/analysis need to be retained? Will it require destruction at a certain point?
Will the data potentially have onward transfer risks or considerations from a security or privacy perspective?
Who should own the governance process?
Unfortunately, many companies default to assigning this governance responsibility to their legal or privacy teams (the logic being either that they know risk, or that they just set up the GDPR process and therefore can simply add this onto their task list). What these companies learn is that such an approach often leads to caution paralysis (see above).
Striking the right balance between risk and opportunity requires a deep understanding of data, analytics, and algorithms. Because the goal is not to stop all activities that are risky (you would never use a knife in the kitchen if your only goal was to not take any risk), but to understand the risk and take the right precaution (ultimately allowing you to prepare a delicious meal). The most effective organisations assign the role of developing people data governance to people analytics teams, because that is where the expertise around employee data and its uses resides.
Introducing the people data Governance Council
Data governance owners have to identify the right stakeholders and process to enable innovative business-impacting people analytics as well as protect against risk. Six stakeholders need to be engaged:
Representatives from these areas form the people data Governance Council. The role of the governance council is to vet all new major projects or technologies and make decisions at the strategic level that balance risk and opportunity. Therefore, it is imperative to have representation on that Council that has the seniority that will be respected and trusted by the organisation.
The biggest gap that we have found in Governance Councils is a lack of perspective from outside of HR. Too often HR believes that it can and should make these decisions, or that it will be too hard to bring such groups together, or that it exposes a weakness in their understanding and/or capability. Nothing could be further from the truth. An effective people data Governance Council is an accelerator for people analytics work and builds credibility and trust with the organisation and its employees.
Final thoughts
We’ve seen what can go wrong with data at companies from across industries: An Israeli spyware led to surveillance of journalists, activists, and thousands of others; Facebook staff have abused customer data to stalk its users. Having such events occur with employee data will arguably be more devastating, because of the impact on trust, morale, engagement, productivity, and turnover. On the other hand, we have seen people analytics teams get disbanded because they couldn’t get approval for their analyses and therefore could not deliver valuable insights. Striking the right balance between enabling insights that benefit employees and their firms, and protecting their data requires proactive engagement and effective leadership by the people analytics team.
Ethical people data governance is a topic of urgency, one that has to be built into people analytics from the start. If you do not have it in place already, it has to be tackled now.
ABOUT THE AUTHOR
Dirk Petersen is a renowned expert in HR strategy, organisational change, digital transformation, and how analytics affect HR communities and those they serve. After his MBA at Harvard Business School, Dirk spent many years serving leading organisations at the Corporate Executive Board (CEB). From there he served as a HR Business Partner with the World Bank. Since then he's helped leaders better understand and strategise around how workforce analytics impacts careers, innovation, operational effectiveness, and executive decision-making.
Build the skills you need to drive real success with your People Analytics projects
The myHRfuture academy is a learning experience platform for HR professionals looking to invest in their careers. All of our online HR certifications reflect the core HR skills you need to develop for the future, giving you a professional edge while providing evidence of the skills you’ve mastered, helping you get ahead and Press PLAY on your Career® for only £25 per month. With over 30+ HR certifications, 600+ pieces of expertly curated content and 200+ hours of learning the opportunities are endless. Start building the skills you need to get ahead today.