InfoGov: Not Just Another Pretty Buzzword



Similar documents
Breaking Down the Silos: A 21st Century Approach to Information Governance. May 2015

From Information Management to Information Governance: The New Paradigm

The Importance of Information Governance and Risk Management

3 Initial Steps on the Way to Success. Information Governance: by Mike Frazier Director, Information Governance, TERIS - 1 -

Tactics v. Strategy: From Records & Information Management to Information Governance

ARMA CENTRAL IOWA APRIL 25, 2013 MAKING THE BUSINESS CASE FOR INFORMATION GOVERNANCE: MORE CARROT, LESS STICK

Fundamentals of Information Governance:

Applying Technology to Information Governance. Bennett Borden, Drinker Biddle Cathleen Peterson, Kroll Ontrack March 26, 2015

Real World Strategies for Migrating and Decommissioning Legacy Applications

Information Governance 2.0 A DOCULABS WHITE PAPER

Killing Two Birds With One Stone: Optimizing Information Governance for Easier E- Discovery

Meaning Based Computing: Managing the Avalanche of Unstructured Data

TechTarget Enterprise Applications Media. Pocket E-Guide

Information Governance: Business Imperative or Technology Asset?

Information Governance: Where is ARMA International Headed? David M. Fleming, CRM, IGP, CIP ARMA Utah-Salt Lake Chapter Meeting September 18, 2014

Miguel Ortiz, Sr. Systems Engineer. Globanet

ARMA: Information Governance: A Revenue Source Potential

Master Data Management, Risk and Governance

5 WAYS STRUCTURED ARCHIVING DELIVERS ENTERPRISE ADVANTAGE

Information Governance for Healthcare Executives. Lesley Kadlec, MA, RHIA Lydia Mays Washington, MS, RHIA, CPHIMS

Governance from the Cloud. threat protection compliance archiving & governance secure communication

Guide to Information Governance: A Holistic Approach

Agenda. You are not in the business to manage records

Workshop: Information Security as On Ramp to the Information Governance Superhighway

How the Information Governance Reference Model (IGRM) Complements ARMA International s Generally Accepted Recordkeeping Principles (GARP )

What We ll Cover. Defensible Disposal of Records and Information Litigation Holds Information Governance the future of records management programs

Information Governance

How To Manage E-Discovery

The Cloud Balancing Act for IT: Between Promise and Peril

IBM Information Archive for , Files and ediscovery

WHITE PAPER. Deficiencies in Traditional Information Management

Washington State s Use of the IBM Data Governance Unified Process Best Practices

White Paper: Enterprise Compliance Management

Unstructured Data Doubles Every 3 Months

State of Florida ELECTRONIC RECORDKEEPING STRATEGIC PLAN. January 2010 December 2012 DECEMBER 31, 2009

Information Governance Manage in Place Use Cases Workshop

Meeting E-Discovery Challenges with Confidence

Organizational Alignment is Key to Big Data Success

Leveraging Information For Smarter Business Outcomes With IBM Information Management Software

IBM ediscovery Identification and Collection

Integrated archiving: streamlining compliance and discovery through content and business process management

and ediscovery Peter Pepiton ediscovery Product Manager CA Information Governance

Allison Stanton, Director of E-Discovery U.S. Department of Justice, Civil Division. U.S. Department of Agriculture

Supply Chains: From Inside-Out to Outside-In

Hillary Clinton Incident: Five Lessons Learned for Information Governance

EXCHANGE TO OFFICE 365

Argyle Conversations. by Argyle Executive Forum SM Streamlining the. ediscovery Process

Information Governance as a Holistic Approach to Managing and Leveraging Information

Knowledge Management and Enterprise Information Management Are Both Disciplines for Exploiting Information Assets

BUSINESS ALIGNED IT MOVING TO INNOVATION

Brochure. ECM without borders. HP Enterprise Content Management (ECM)

Director, Value Engineering

The Viability of Indefinite Storage: Insights from Archiving

Business white paper. Lower risk and cost with proactive information governance

IBM Information Management

2014 Financial Services Industry Compliance Benchmark Study

White Paper. Why Should You Archive Your With a Hosted Service?

Global trends in information security

Lowering E-Discovery Costs Through Enterprise Records and Retention Management. An Oracle White Paper March 2007

Building the Case for Information Governance in Healthcare

Table of contents. Best practices in open source governance. Managing the selection and proliferation of open source software across your enterprise

SearchWinIT.com SearchExchange.com SearchSQLServer.com

Information Governance: How to Assess Your Status

I D C A N A L Y S T C O N N E C T I O N

How To Know If Your Archive Is Ready To Be Used For Business

Management Trends, Troubles, and Solutions

INFORMATION GOVERNANCE FOR HEALTH PRIVACY MANAGEMENT

WHITEPAPER BIG DATA GOVERNANCE. How To Avoid The Pitfalls of Big Data Governance?

The Governance of Enterprise Information and Information Technology Challenges and Approaches

A Beginner s Guide to Information Governance

W H I T E P A P E R E X E C U T I V E S U M M AR Y S I T U AT I O N O V E R V I E W. Sponsored by: EMC Corporation. Laura DuBois May 2010

Privacy Impact Assessment

Accenture Risk Management. Industry Report. Life Sciences

Data Security Best Practices for In-House Counsel

Employing Best Practices for Mainframe Tape Encryption

CEB s Workforce Surveys & Analytics

Success story. IBM Business Consulting Services and IBM Rational Rapid Developer help legacy developers deliver J2EE applications for state agency

Achieving & Maintaining E-discovery Fitness

IBM Unstructured Data Identification and Management

Compliance, Security & Control : How Business Drivers Killed FTP

Planning for a Successful Information Governance Program. Kathy Downing, MA, RHIA CHPS,PMP AHIMA Senior Director IG

The Business Case for Cloud: Critical Legal, Business & Diligence Considerations

Bridging the HIPAA/HITECH Compliance Gap

DEFENSIBLY DOWNSIZING YOUR DATA: WHERE TO BEGIN WITH RECORDS RETENTION AND MAINTAINING COMPLIANCE. June 5, 2015

TOP 3. Reasons to Give Insiders a Unified Identity

PICTERA. What Is Intell1gent One? Created by the clients, for the clients SOLUTIONS

Q2, 2015 Critical Trends Report (Snapshot)

The Disconnect Between Legal and IT Teams

Only 1% of that data has preservation requirements Only 5% has regulatory requirements Only 34% is active and useful

Enterprise Data Governance

Generally Accepted Recordkeeping Principles

Embracing SaaS: A Blueprint for IT Success

Long Term Record Retention and XAM

E-DISCOVERY: A Primer

IBM Unstructured Data Identification & Management An on ramp to reducing information costs and risk

Information Management: Today s Reality

White Paper: Information Governance In The Era of Big Data. Information Governance In The Era of Big Data

IBM Policy Assessment and Compliance

Should You Outsource Your ?

How To Protect Your Brand From Harm

Transcription:

InfoGov: Not Just Another Pretty Buzzword Information governance is taking on a much more meaningful role for organizations. If data security, compliance or Big Data matter to you, read on. by Erin E. Harrison, Legaltech News June 1, 2015 Illustration by Stephen Sweny As more organizations zero in on risk management and regulatory compliance, the topic of information governance (IG) commands greater attention but the concept of IG is far from new. However, the challenges of so-called info gov has evolved in recent years as informational forces including Big Data, data security, regulatory compliance and e-discovery converge to induce a much more significant meaning as a company-wide initiative with multiple objectives. According to research company Gartner Inc.'s definition, information governance "is the specification of decision rights and an accountability framework to encourage desirable behavior in the valuation, creation, storage, use, archival and deletion of information. It includes the processes, roles, standards and metrics that ensure the effective and efficient use of information in enabling an organization to achieve its goals." Whether you view Gartner's definition as the industry standard or believe the scope of IG goes much broader, IG has made many industry initiatives, including Big Data more than just

buzzwords. In fact, due to the monumental challenge of managing the astronomical amounts of data created day-to-day, some organizations are going as far to consider allocating a C-level position dedicated to it. This strategy warrants serious consideration given that just three years ago, Gartner predicted 20 percent of CIOs in regulated industries would lose their jobs for failing to implement the discipline of information governance successfully by 2016. Although the chief legal officer is responsible for avoiding sanctions and ensuring regulations are followed, the legal department must also take an active role in their organization's IG program. "There are a couple of things that have evolved that have brought it back to the fore and made [info governance] more of a boardroom conversation," Joe Garber, vice president of information governance at HP, told Legaltech News in an interview. "There is a lot of information being created; there are a lot more regulations now that companies need to comply with, and there are more sanctions and more fines now." As more companies implement technologies that allow them to leverage Big Data, they are also forced to comply with regulations that enforce greater transparency and accountability of information. "There are more demands being placed on information internally; people are saying 'let me get more value out of my data,' which stems from Big Data as far as I'm concerned. There are additional demands with mobility forcing companies to think about information in a different way," Garber says. Managing the data of a modern organization is a monumental challenge, especially when considering the fact that IBM research showed that 2.5 exabytes (2.5 billion GBs) of data were created daily in 2012, a figure which has undoubtedly increased over the last three years. "The sheer proliferation of electronic information, it's almost like an avalanche. If companies peel back the layers of information, I think they would be truly shocked to know how many terabytes of information they have," explains Karen Hornbeck, an information governance consultant who worked previously with HBR Consulting. In the past, information governance was traditionally rooted in e-discovery to be proactive rather than reactive, according to Dean Gonsowski, vice president of business development and associate general counsel of Recommind Inc., and coupled with other practice areas. "Today, governance is really about bringing together a couple of key disciplines that haven't historically been put together. Privacy and data security were the new kids to the party," Gonsowki says. As a "perfect storm" of data and compliance issues converges with recent data privacy incidents such as the late-2014 Sony Pictures hack, and this year's scandal involving Hillary Clinton's use of a personal e-mail account to send privileged messages during her tenure as Secretary of State, IG is being viewed with a much wider lens.

"You start getting a lot more of a diverse audience. For the first time all of these issues are coming together to accelerate this into a discipline that people care about as opposed to e- discovery, which was more siloed," Gonsowski notes. " Our country's view of privacy has changed over the past five years and will continue to change. And that to me is what really heightens this whole conversation." Regulatory Impact Increased state, federal, and foreign regulations regarding the management of information have also forced organizations to address IG needs to avoid enforcement actions, explained Mollie Nichols, a partner with Washington, D.C.-based firm Redgrave and a member of the Sedona Conference Working Group on Electronic Document Retention. "Increased activity by the Federal Trade Commission (FTC) and state attorneys general offices have reinforced the need to comply with regulations and filled the void for those companies that do not operate in heavily regulated industries. Industry groups, such as the PCI and Sedona have also furthered requirements for and awareness of good IG practices," explains Nichols. "Organizations are beginning to design and implement processes with an eye towards these requirements." One of the biggest regulations impacting the need for information governance is the Dodd-Frank Wall Street Reform and Consumer Protection Act, which introduced new requirements for reporting and recordkeeping of "swaps" and "derivatives" related content. This means that financial organizations must be able to provide relevant records associated with trades within 24 to 72 hours of a regulator request. Failure to timely and properly respond can lead to severe financial penalties, sanctions, and possible loss of the ability to trade in the U.S. "A lot of our customers are coming to us now today asking for solutions around that. That yet again is another poof point why IG is coming to the forefront. Giving more organizations the ability to remove the fear of data disposition," Garber explained. Economic Drivers Another factor shaping the new face of IG is the cheap cost of storage, which in many cases has influenced organizations to hold onto almost everything, and then some. "In the past there were really no economic drivers for companies to just save everything forever, so a lot of them just did. When most records were in paper form, it was easy to just box them all off and put them into storage," Hornbeck says. "It's a perfect storm of a lot of things happening with drivers that demand certain pieces of information, things that compliance that it is really hard for companies to support those demands. It goes back to knowing what is being saved across your company and then knowing what to do with it." Most companies have a "keep it forever" approach, both Hornbeck and Garber say. However according to Garber, between 40 percent and 70 percent of corporate data doesn't need to be

retained. New and evolving tools and technology address this issue, allowing for information governance with a more streamlined approach to regulatory compliance. "Many companies tactically approach IG on an audit basis or litigation basis and those things, in and of themselves, can be so daunting, that they just want to get through this litigation, for example," says Hornbeck. "In a perfect world these things would make them say, 'we need to do this smarter.' For some companies this is crippling; for the most part it is very tactical and very reactive." "Organizations are starting to say, 'if I govern my data more effectively I can then get to the important stuff, the information I need to leverage, and to do that much more effectively, more quickly and cost-effectively,'" Garber says. Big Data and E-Discovery As the volume of data created by organizations expands s, so too does the definition of information governance. "Seven years ago, companies were more focused on a small set of data for a small set of users. But, today, organizations are seeing that the volume of data is forcing them to govern data more and they are also focused on getting more value from that data," Garber explains. "The circle is being drawn bigger, they are touching more users in the organization." The business case for IG has become more apparent due to the increasing promotion and use of techniques that analyze large data sets. This alone has influenced companies to view their information as a valuable asset, according to Nichols. "The analysis of customer data can unlock further opportunities to serve customers and reduce operating costs," she says. "These factors create an interesting dichotomy between calls to decrease data retention time periods for security, privacy, and records management needs and the potential benefits of analyzing historical customer data." In addition, the increased reporting and public awareness of data breaches have driven companies to incorporate IG priorities into their strategic planning, Nichols adds. "Although often difficult to quantify, organizations would rather invest resources in IG to avoid the negative public relations associated with a lapse in information governance," she says. "Recent stock price drops related to data breaches have also increased pressure in the boardroom to plan effectively to avoid IG issues." If you rewind 10 to 15 years ago, there was very much a similar problem within e-discovery in that legal cared about the problem but didn't have the tools, the budget, the access or the resources to manage it. In the same way, information governance is not as aligned with IT as it needs to be, Gonsowski says.

"People are understanding more the nature of the problem. It is very hard to be siloed now," he says. "That sort of siloed view is not helpful organizationally. To me it is a combination of moving up the chain but broadening the perspective on their definition of info governance." By all accounts, information governance as we know it today is in the early innings of development and adoption. But that doesn't mean that it's too early for organizations to start considering the possibility of a senior-level position dedicated to IG, an investment that could bring stronger compliance and more strategic use of data to achieve business objectives. "I absolutely think it is a necessity, but I don't think the majority of companies are there yet. From now through the coming four to five years, we will at a minimum see C-levels getting the right people in the same room to have those necessary conversations to really see the areas where IG is needed," Hornbeck predicts. "But if a company wants to achieve an IGO position, they really could drive the education and awareness of this, and doing things upfront can save them a big amount of money from sanctions, fines, and reputation aspects. I think most companies know there is a value in it but taking the action of putting someone in that place is a ways off. Most companies are struggling even to make sure they have a CIPO. Until they get there, I don't think we will see a dedicated IG role." Taking Proactive Steps A decade ago, organizations were taking a boil-the-ocean approach. But this method was far from an effective strategy for businesses, according to Garber, who suggests that today businesses start small when it comes to their information governance efforts. "HP has made it a little more bite-sized, for example, focusing on legacy data, or a certain geography. We migrate that information to an active repository like a records management system to leverage that going forward. It takes some of the 'boil the ocean' approach out of it allows you to build a business case for additional projects. If you are starting small you have the ability to govern a certain amount of information." Read more: http://www.legaltechnews.com/id=1202727858316/infogov-not-just-another- Pretty-Buzzword#ixzz3bqPiT147

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information