Posted by Nick Patience
12th December 2013
If the explosion of big data were not enough to drive organizations to consider implementing an information governance strategy, the increasing number of regulations that businesses must comply with will certainly bring information governance to the forefront of every executive’s mind. Regulations such as Solvency II, Dodd-Frank, HIPAA, the Gramm-Leach-Billey Act, Basel III as well aschanges to the EU Data Protection regime coming in 2014 make information governance a must for every company, especially multinational firms. It’s simply unreasonable and unwieldy for a business to try to respond to each of these regulations (and their ever-changing requirements) individually. A business must adopt a comprehensive information governance strategy to avoid the serious risks associated with a lack of compliance.
To date, most organisations have relied on manual approaches to information governance, either relying on employees to self-classify information, or employing professional records managers to capture and manage ‘records’. These approaches are prone to error and can potentially leave businesses in breach of compliance and subject to strict penalties and hefty fines, for example, the changes to the EU Data Protection regime may attract fines of up to €1m or 2% of annual global turnover for failures to comply.
Lynn Collier, writing recently in Business Computing World, offers steadied and measured advice for businesses still in the early stages of information governance execution. Most importantly, information governance must be wide-ranging enough to protect a company for all regulations on the books. Information governance is a strategy for every facet of a business, with policies and procedures for data retention, storage, management, and usage championed and put into play by everyone from the C-suite on down. Information governance is most successful when businesses shape these policies and procedures based on a thorough assessment of their own needs and current practices.
Once the information governance strategy becomes ingrained in a company’s DNA, subjectivity disappears, as every employee has clear rules surrounding data. This allows significant benefits to flow to the business, such as more efficient and effective use of data and associated cost reductions. With a recent study finding that 17.3% of companies have paid a financial settlement of at least $50,000 related to compliance issues, the rewards of adopting an information governance strategy far outweigh the risks.
Source: Recommind, Inc