WHITEPAPER Making a Business Case for Automated Redaction.



Similar documents
2008 NASCIO Award Submission. Utilizing PCI Compliance to Improve Enterprise Risk Management

DALLAS COUNTY DISTRICT CLERK NEW STATEWIDE RULES FOR E FILING

Government Records Modernization

An ECM White Paper for Government August Court case management: Enterprise content management delivers operational efficiency and effectiveness

Report to the Council of Australian Governments. A Review of the National Identity Security Strategy

Automating. Leveraging Technology to Refine 1040 Workflow

Spotting ID Theft Red Flags A Guide for FACTA Compliance. An IDology, Inc. Whitepaper

Michigan Criminal Justice Information Network (MiCJIN) State of Michigan Department of Information Technology & Michigan State Police

Michigan Criminal Justice Information Network (MiCJIN) State of Michigan Department of Information Technology & Michigan State Police

Enterprise Content Management - ECM Program for New Mexico State Government

Technology Lifecycle Management. A Model for Enabling Systematic Budgeting and Administration of Government Technology Programs

STATE & LOCAL GOVERNMENT DIGITAL ENGAGEMENT TRENDS REPORT: 2015

Improving E-Filing Adoption Rates. Practices from Other State Courts and Recommendations for Wisconsin. Larry Murphy, NCSC consultant January 10, 2013

The Local Government Innovation Fund Council 77 South High Street P.O. Box 1001 Columbus, Ohio (614)

TAKEAWAYS CHALLENGES. The Evolution of Capture for Unstructured Forms and Documents STRATEGIC WHITE PAPER

E-Filing RFP Questions November 26, 2013

VERMONT JUDICIARY S NEXT GENERATION CASE MANAGEMENT SYSTEM:

SAP Solution Brief SAP ERP SAP Invoice Management by OpenText. Take Control with Invoice Management Software

C LOUD E RP: HELPING MANUFACTURERS KEEP UP WITH THE TIMES

Why Automate Accounts Payable Processes?

Strategies for Developing a Document Imaging & Electronic Retention Program

A Compelling Case for AP Automation in the Cloud

ANALYTICS PAYS BACK $13.01 FOR EVERY DOLLAR SPENT

How to choose the best CRM implementation partner for your call center

Travel and Expense (T&E) System: Automated Expense Claim Reimbursement and Electronic Funds Transfer (EFT)

Accounts Payable Invoice Processing. White Paper

WHITEPAPER PROACTIVE SECURITY INTELLIGENCE RETURN ON INVESTMENT

Compliance Management EFFECTIVE MULTI-CUSTODIAL COMPLIANCE AND SALES SURVEILLANCE

Backfile Conversion: Best Practices and Considerations for Electronic Document Management

Making the Business Case for IT Asset Management

Thought Paper: Business Process Automation

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

Preemptive security solutions for healthcare

The Massachusetts Strategic Plan for Cyber Crime

AD Management Survey: Reveals Security as Key Challenge

White Paper. Are SaaS and Cloud Computing Your Best Bets?

Press the arrow keys. or Page Up and Page Down keys to navigate the presentation.

Testimony of David Sohn Senior Policy Counsel Center for Democracy and Technology. Before. The House Committee on Small Business.

Tips & Tricks for Online Sleuthing Kim Ositis, Public Law Library of King County kim.ositis@kingcounty.gov October 10, 2014

Court Case Management System (CCMS)

Whitepaper: 7 Steps to Developing a Cloud Security Plan

Calculating the ROI of your Learning Management System:

Advanced Remote Monitoring: Managing Today s Pace of Change

VRIRSA Frequently Asked Questions (FAQs)

Protecting Cardholder Data Throughout Your Enterprise While Reducing the Costs of PCI Compliance

Deluxe Provent : Protecting against expanded threats. Providing for expanded opportunities.

The Value of Vulnerability Management*

PCI White Paper Series. Compliance driven security

Responsive Business Process and Event Management

DOCUMATION S CREDIT CARD STATEMENT PROCESSING

AND DOCUMENT MANAGEMENT

VCE SUPPORT OVERVIEW. Investment Protection and Welcome Peace of Mind

FAQ Is efiling mandatory? Who can efile? Can an attorney from another state register directly with the court?

Enabling Continuous PCI DSS Compliance. Achieving Consistent PCI Requirement 1 Adherence Using RedSeal

Alternative Records Solutions and Shared Services Opportunities

P L A N H I G H L I G H T S A B S E N C E S O L U T I O N S

WHITE PAPER APRIL Leading an Implementation Campaign to Address the Convergence of Healthcare Reform Initiatives

9 Innovations That Will Change The Way We Recruit

ERP Software and Your Business

ediscovery Software Buyer s Guide FOR SMALL LAW FIRMS

GxP Process Management Software. White Paper: Software Automation Trends in the Medical Device Industry

GOMEMBERS. GOMEMBERS OVERVIEW Membership driven solution to help you fulfill your mission.

Housing Authority of the County of Alameda Case Study:

Business Process Management and the Clinical Trial Process

Supply Chains: From Inside-Out to Outside-In

Employing Best Practices for Mainframe Tape Encryption

HOUSE COMMITTEE ON APPROPRIATIONS

Combining Financial Management and Collections to Increase Revenue and Efficiency

Scheduling Automation Buyer s Guide. How to Select a New Scheduling Solution StaffReady. All rights reserved.

A white paper discussing the advantages of Digital Mailrooms

CT TyMetrix. For Claims Departments, Convergence of Matter Management and E-Billing Creates Opportunity

Time and AttendanceVendor Tutorial - 9 Must Have Features For a Successful Transition

Prevent cyber attacks. SEE. what you are missing. Netw rk Infrastructure Security Management

Enterprise Knowledge Management Via Text Search Analytics An Implementation Guide

Establishing a Mature Identity and Access Management Program for a Financial Services Provider

Appendix A. Functional Requirements: Document Management

Operational Risk Management - The Next Frontier The Risk Management Association (RMA)

How To Improve Your Business

End-To-End Invoice Processing Automation at Land O Lakes. Session #705. Natalie Hawley, Applications Developer

Cloud Computing; the GOOD, the BAD and the BEAUTIFUL

WHITE PAPER. Is your AP Department Truly Automated?

2009 NASCIO Recognition Awards Nomination. A. Title: Sensitive Data Protection with Endpoint Encryption. Category: Information Security and Privacy

Audit of the Seattle Police Department s Public Disclosure Process

Revenue and Sales Reporting (RASR) Business Intelligence Platform

Prevent cyber attacks. SEE. what you are missing. Netw rk Infrastructure Security Management

Securing the Microsoft Cloud

Network Services in the SDN Data Center

e-filing and Ethics Palm Beach County Bar Association, North County Section

How to Go Paperless In Three Simple Steps: A Guide for Small Businesses

Sarbanes-Oxley (SOX) The Migration from Project to Process. Practical Actions for Getting Started. Jim DeLoach, Managing Director.

Document Imaging: The Origin of Streamlined, Effective Workflows John O Connor BenchMark Consulting International

Cyber Security - What Would a Breach Really Mean for your Business?

Accounts Payable Imaging & Workflow Automation. In-House Systems vs. Software-as-a-Service Solutions. Cost & Risk Analysis

Infrastructure Our Tax Securing Presented by:

The Business Case for Automated Solutions from B2B Payment Providers

Finding Nirvana in AP Automation and Outsourcing

Accenture Risk Management. Industry Report. Life Sciences

Overview. The TriTech Solution TriTech s Inform RMS is a proven, robust, multi-jurisdictional records management system.

ebook: The Value of Usable Data for Government Agencies

Security Services. A Solution for Providing BPM of Security Services within the Enterprise Environment.

Transcription:

WHITEPAPER Making a Business Case for Automated Redaction. By Nancy Crandall Nancy Crandall is the principal of Justice Connections LLC, a court management consulting company. Ms. Crandall has nearly 30 years of experience in courts and criminal justice. She has held a variety of court management positions including: Court Administrator, Assistant Judicial District Administrator, Business Architect for a statewide case management system implementation and Manager as well as Deputy Director of the Court Services Division for the Minnesota Administrative Office of the Courts (AOC). Consulting services and expertise includes project and change management, project leadership, program management, technology implementation support and business process reengineering services. Public access in the era of manual records There are many persuasive reasons for government agencies to make electronic public records accessible remotely. Access to public information is, after all, one of the cornerstones of transparency in government and excellence in customer service. Public demand for remote access to electronic public records is another driving force. Many of the same records that are now available electronically have been publicly available for years, with the limitation that if one was interested enough in the information, they would also be willing to travel to the courthouse or other government facility to search for and review public records. This approach inherently limited access to public information. Public access to today s electronic records The introduction and expansion of technology in government, such as case and records management systems, document imaging and electronic filing, has contributed to increased availability of electronic public records. Access to much of this information is becoming more broadly available to the public and other agencies remotely through websites, public portals or subscription services. The electronic era of public records makes information regarding court cases, land records and vital statistics accessible and searchable anywhere, at any time. Making public records available electronically benefits agencies and consumers alike by limiting in-person requests for information and services and reducing foot traffic and wait times at public service counters. This, in turn, allows scarce government resources to be reallocated to other activities. It is a prime example of how technology can help government operate more efficiently doing more with less, while also meeting customer demands for convenient and expanded access to information and services. However, for as many benefits as electronic systems and documents provide, new challenges also arise. Protecting Sensitive Data in Public Documents Making electronic data available remotely or online requires up-to-date policies to protect sensitive data that may be contained in WHITEPAPER Making a Business Case for Automated Redaction. 1

otherwise public records. Types of sensitive data that might typically be found in many documents include: Social Security Number Date of birth Financial account information Victim names and addresses Driver license numbers Names of minor children A variety of methods may be in place within government agencies today to protect sensitive data from being inadvertently displayed in publicly accessible electronic systems. A few common methods include: Rules and other policies that make it the responsibility of the filer to redact or otherwise ensure the absence of sensitive information in documents Requirement that the filer use only partial fields (such as last four digits of SSN) in pleadings or other documents submitted for filing Document classification approaches that restrict access to documents containing sensitive data fields Manual redaction of sensitive data Automated redaction tools Making the investment in technology to improve customer service and reduce labor costs comes with the responsibility to protect sensitive data in electronic documents and data stored in public systems. A single pronged approach using any one of the methods above is simply not enough. The prevalence and perils of identity theft is driving additional data security legislation at federal and local levels to protect sensitive information in electronic records across industries. Unfortunately, unintended release of private data does happen. There is a public expectation that government agencies meet an even higher standard than other industries in the protection of personal data. This article explores some key considerations and benefits of incorporating automated document redaction into an electronic document management business model. Identity Theft on the Rise It will come as no surprise to most that crimes involving the theft and misuse of personal data identity are on the rise. According to Javelin Strategy and Research statistics; Identity fraud increased WHITEPAPER Making a Business Case for Automated Redaction. 2

...111,000 government or military records were reported as breached within the first 22 days of 2013. by 13% in 2011. More than 11.6 million adults became victims of identity fraud in the United States. (Van Dyke, & Monahan, 2012). How much of this problem can be attributed to the breach of sensitive data in electronic government records and automated systems? It is difficult to say for sure, however the Identity Theft Resource Center 1 states in an online report that more than 111,000 government or military records were reported as breached within the first 22 days of 2013 alone! 2 (Data Breaches, 2013). The most egregious incidents of public data breaches are well covered by the media and tracked by a variety of groups and organizations. Still, an untold number of additional incidents impacting a single individual, for example, are also at risk for occurring. Remote and electronic access to public data systems has presented challenges in the protection of sensitive data for a number of years across public sector agencies. The introduction of electronic documents in those systems promises to increase these challenges. An article in the Washington Post entitled Online Records May Aid ID Theft (Brubaker, 2008) illustrates with specific examples, the incidence of public exposure of sensitive information in some public sector record systems. This article highlights specific instances of complete Social Security Numbers found on hundreds of imaged and paper public records including land deeds, death certificates, traffic tickets, creditor filings and other electronic documents, as well as records related to civil and criminal court cases. All were found upon spot checking of records. From a business perspective the problem is a complex one, further complicated by timing and the sheer volume of records. Monitoring the volumes of newly filed electronic documents submitted through electronic filing portals or new paper submissions scanned by staff for the presence of sensitive data is one part of the equation. Many older records have been scanned and exist in public systems. These documents were originally filed prior to 1 Identity Theft Resource Center (ITRC) is a nonprofit organization dedicated exclusively to the understanding of identity theft and related issues. The ITRC provides victim and consumer support as well as public education. The ITRC also advises governmental agencies, legislators, law enforcement, and businesses about the evolving and growing problem of identity theft. 2 A breach is defined as an event in which an individual s name plus Social Security Number (SSN),driver s license number, medical record, or a financial record/credit/debit card is potentially put at risk either in electronic or paper format. WHITEPAPER Making a Business Case for Automated Redaction. 3

newer laws and regulations restricting the inclusion of sensitive data in public documents. Social Security numbers are a prime example. Custodians of these records must go back to find and manually redact sensitive data that may be contained in these documents, while also manually monitoring the ever increasing volume of newly filed electronic documents. It is a daunting task. The good news is that sophisticated and reliable software solutions for automated redaction of sensitive and protected data are available in the marketplace today. These tools help make the responsibility to protect sensitive data more manageable, while bringing into better balance the risks associated with making public data and documents electronically accessible with the benefits provided to public sector agencies and their constituency. Automated Document Redaction High-Level Technical and Features Overview Redaction refers to the permanent removal of personal or sensitive information from documents. With automated redaction, electronic images are processed through Optical Character Recognition (OCR) software to convert them into a digital format. These digital formats are then searchable using rules-based logic driven by clues, pattern recognition, spatial location and algorithms designed to locate sensitive information in a variety of documents. If sensitive information is found within the document, the software will assign a confidence level based on how well the data found matches the pre-determined rules, pattern and clues. An image found to contain sensitive data may be automatically redacted (as in the case of a high confidence level result) or electronically routed for human verification for specific or all confidence level results, based on user preferences. The identified redaction zone is then burnedin to a copy of the image making it suitable for public view. Redaction software that provides a high degree of flexibility, allowing customers to define customized rules, confidence levels and preferred actions based on specific business needs, provides the most precise and accurate results. Products with a proven ability to interface seamlessly with case management and records management systems already in place are an important consideration in terms of upfront costs and interoperability needs. Automated features that effectively process historical documents housed within large repositories, as well handling newly filed documents, are essential requirements when evaluating a product solution against business needs. WHITEPAPER Making a Business Case for Automated Redaction. 4

Benefits of Automated Document Redaction As mentioned, one or more methods to protect sensitive data in publicly accessible electronic systems may be incorporated into document processing practices in courts and public agencies. Automated redaction software and tools enhance those methods already in place by further minimizing exposure and narrowing gaps that may exist. This results in greater assurance that sensitive data is not accessible to those not authorized to view it. Protecting your Investment A decision by public sector agencies to invest in technology is often predicated on these basic objectives: improve the quality of information, increase access to publicly available information and services, and improve operational efficiency. Similar to other security measures in place to protect data network and infrastructure, automated redaction can be viewed as a protective measure for the documents and data stored within public systems. It is difficult to quantify a loss that never occurs as a result of protective measures in place. Yet taking additional measures to minimize opportunities for errors that can occur within large, complex, remotely accessible systems, is time and money well spent. When you consider the what if scenarios experienced by some public agencies due to the release of private data, thinking in terms of cost avoidance is a sensible strategy. Staff Efficiencies Like other business ventures, anticipating the return on your technology investment is something that is often carefully calculated, communicated and monitored. The introduction of e-filing and electronic document management are technology initiatives well aligned to meet the stated business objectives. However, staff time savings (a metric in calculating ROI) can quickly erode if too many manual and time consuming tasks must be incorporated into new business processes. Manual redaction is one example of a time consuming task that can have a significant impact when quantifying cost and time savings resulting from e-filing and electronic document management efforts. Add in the realities of staff reductions, turnover, training and cross-training needs related to manual redaction efforts, and you can see where efficiencies are quickly reduced and risks increased, making automated software redaction a cost effective alternative. WHITEPAPER Making a Business Case for Automated Redaction. 5

Quality Assurance When receiving electronic documents for filing, it is important to evaluate the quality of work being processed in a new manner. In this context, quality relates directly to the skills and experience of staff responsible for this work and the tools available to them. The e-filing portal or review queue that serves as the point of entry for the filing of electronic documents should be viewed as your virtual service counter. As such, what kinds of skill and experience should staff performing these duties possess and what tools do they need to perform high quality work? Electronic document management is much more than simple data entry tasks and the movement of electronic documents. It typically requires that important decisions and determinations be made upon receipt of a filing. These decisions can include review of key acceptance criteria to determine whether the filing can be accepted, verification of case type and/or document type designation selected by the electronic filer and document classification determinations, as well as the review of documents for sensitive information and redaction. All of these things occur during the initial review process and influence the quality of what goes into the system and what is ultimately available for public view. This makes the initial acceptance and filing of an electronic document critically important. It requires a high level of staff skill and experience, as well as sophisticated tools. Automated redaction software is one such tool. The same quality considerations can be applied to current back scanning efforts or previously scanned documents. Older documents may contain types of sensitive data in multiple places that are no longer allowed in present day filings. When scanning older documents, a heightened awareness that sensitive data may be present in multiple places and a method to quickly locate it is essential. In the case of inactive or closed files especially, the people reviewing them (post scanning) are most likely to be members of the public rather than internal staff members. Not an ideal way to learn that something was missed! By detecting and addressing sensitive data before the document is ever made viewable to the public, automated redaction can greatly improve and streamline the process of reviewing both existing paper documents as they are scanned into systems, as well as new electronic documents submitted for filing. For previously scanned documents already in systems, automated redaction can be a valuable tool to quickly and accurately review volumes of stored documents for the presence of sensitive data. This can all be done in WHITEPAPER Making a Business Case for Automated Redaction. 6

seconds and with higher quality and more reliable results than manual redaction processes, where time constraints and distractions often lead to human error. Why Automated Document Redaction, Why Now? Given the advantages of automated document redaction as discussed above, one may begin to wonder why an agency would not incorporate this technology tool into e-filing and electronic document management processes. Reasons and obstacles vary. Leaders immersed in e-filing and document management technology implementations may think of automated redaction as an add on feature that can wait, or as project scope creep that could threaten timelines. They may question whether a change-weary user community can endure another change in business processes. Other barriers to implementing automated document redaction include factors such as cost and skepticism regarding the reliability of automated redaction technology. All of these barriers, while perhaps valid, are not insurmountable when compared to the benefits that can be provided. First, although automated redaction can be successfully implemented at any time, doing so in conjunction with an e-filing and electronic document management initiative is ideal. Compared to other typical integration efforts, automated document redaction software implementation is generally not considered resource intensive from a technical or business perspective. Most redaction software solutions can integrate rather seamlessly with existing modern case or records management systems. The configuration of customized rules can be very manageable, depending on the product and with the help of an experienced product vendor. Next, from a business perspective, it is an understatement to say that e-filing and document management initiatives already require a major redesign of business practices. Introducing automated redaction upfront can actually eliminate extra manual steps, saving time and minimizing confusion. Taking a proactive rather than reactive approach to protecting sensitive electronic data and documents can make for a convincing and compelling request for funding. One does not have to look far for examples of unintended breach of sensitive data in publicly accessible systems, and the high cost associated with making whole again those who were negatively impacted. Operational efficiency WHITEPAPER Making a Business Case for Automated Redaction. 7

and quality considerations provide justification for funding to introduce automated redaction when transitioning to e-filing or electronic document management. Finally, the quality of the automated redaction solution you choose can make a significant difference in how quickly confidence in the software is secured, workflow streamlined and accurate results achieved. When software automatically detects a high percentage of sensitive content without human intervention and the automated results are consistently confirmed by the redaction verification staff as accurate, organizations gain confidence in applying technology to what was once a very manual process. The degree of automation for the redaction workflow can be controlled at a pace and comfort level determined by the agency. Works Cited Data Breaches. (2013, January 29). Retrieved January 29, 2013, from Identity Theft Resource Center: http://www.idtheftcenter.org Brubaker, B. (2008, January 2). Washingtonpost.com. Retrieved from The Washington Post: www.washingtonpost.com/wp-dyn/content/article/2008/01/01/ AR2008010102334_p Van Dyke,, J., & Monahan, M. (2012, February). Overview: 2012 Identity Fraud Report: Social Media and Mobile Forming the New Fraud Frontier. Retrieved January 30, 2013, from Javeline Strategy and Research: https://www.javelinstrategy.com/ brochure/239 WHITEPAPER Making a Business Case for Automated Redaction. 8

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information