Global privacy—Data governance program

Data governance program

As a global leader in conversational AI, clients trust Nuance to deliver solutions that handle patient and consumer data responsibly. We remain firmly committed to helping our clients comply with their data protection requirements throughout the world. In recognition of the reality that a sound data governance program is at the heart of data protection, the Nuance Data Governance Program manages the production, reliability, traceability, quality, integrity, disclosure, protection, and usage of data across the organization.

Our program includes:

  • Data ownership and accountability: Every set of data held by Nuance has a Data Owner who is responsible for defining who can access a relevant system or corpus of data and is the accountable party for security requirements, quality standards, and data definitions such as classification. The Data Owner is responsible for maintaining a data map documenting the categories of Nuance data processed by the relevant system and creating the appropriate record of processing which confirms all data flows.
  • Standardized policies and procedures: Policies and procedures are reviewed by subject matter experts and aligned to support the various aspects of a holistic data governance program, including data privacy, protection and security. Nuance’s SMEs closely monitor developments in data privacy and protection laws so that Nuance’s policies and procedures are current and consistent.
  • Consistent data quality management: Maintaining the integrity and quality of customer data is critical to our clients’ expectations as well as meeting legal and regulatory requirements for controllers and processors.
  • Change management: Nuance conducts Privacy Impact Assessments on new or materially-changed collection, disclosure, or use of Personal Information to ensure such processing meets both the requirements of our contractual commitments and the law.
  • Data assessment and monitoring: Nuance assesses our processes, procedures, and systems on a routine and regular basis to ensure that updates and improvements are implemented to maintain industry standards.
  • Training and communications: Nuance conducts training on at least an annual basis, and more frequently as needed, to ensure workforce members are aware of their roles and responsibilities related to data governance.

For all data solutions, whether cloud-based or on-premise, responsibility for data privacy—including access and controls—is shared. Our clients are responsible for configuring Nuance solutions to support good data governance efforts and for implementing and enforcing policies within their organizations in accordance with applicable requirements.