Beyond record keeping: the importance of Information Governance

22 September 2017 by Tina Shah

Information governance is no longer limited to simple record keeping. In today’s workplace, it is the backbone of best practice across business functions and encompasses:

  • information security
  • compliance and risk management
  • privacy
  • data storage and archiving
  • business operations and management
  • IT management
  • Business intelligence and big data

In my role as an ediscovery consultant, I have seen the impact information governance has on legal scenarios involving litigation, regulatory investigations and data protection related requests such as the right to erasure. Furthermore effective information governance can bring many benefits and ensure the smooth management of various legal scenarios that depend on the production and identification of electronic evidence such as right to erasure requests.

Companies thathave their house in order generally find that requests for information are fulfilled with minimum disruption to their business. Rather than spending time searching for electronic documents, they can respond to the request right away, honing in on data quickly. Because they understand their data architecture searches  collection can be less widespread and therefore cheaper. In contrast, those with poor infrastructure waste valuable time and money seeking this out and often spend more on forensics services, processing and hosting fees.

In terms of compliance, we find that information governance and efficient compliance programmes go hand in hand. You can’t have a good compliance programme if you do don’t have a handle on where your data is, what data you are collecting and what backup systems are in place. Poor information governance provides a useful camouflage for those engaged in unlawful behaviour. Those who have been embroiled in regulatory investigations or experienced fraud know all too well the financial and reputational damage caused by not preventing misconduct.

Take the lead towards improving information governance at your company

If you have concerns about how your company is managing information, it is vital that you raise the issue with senior management, IT and other departments and begin the process of enacting change. As general counsel, your legal knowledge and responsibilities make you a key stakeholder in the process.

Where do I begin?

Some elements of information governance do require technical knowledge and specialist services such as ediscovery and data analytics. An experienced ediscovery vendor will be able to offer consultancy to tailor a specific programme for your company’s needs. However below is an outline of the typical steps involved in improving information governance:

  • Mapping and assessing data estates

Using consultative assessments, data mapping, system inventories and data mining technologies, your consultant will outline how important or sensitive data is created, secured, managed and retained throughout your organisation.

  • Analysing and classifying data

Once you know where your data resides and the extent of it, this data can then be defined and classified. Redundant and obsolete information can be eliminated using a specialist review platform, freeing up server space and reducing backup costs. Key information can be preserved and managed more easily.

  • Building context and monitoring activity

Technology such as predictive data analytics can then be deployed to mine critical information, evaluate the facts in context and define relationships between data sets and measure trends.

With stronger insight into trends and anomalies in targeted sets of content, you can holistically manage or predict risks and make informed legal decisions whilst reducing reactive legal fees.

  • Futureproofing your systems

Information governance is an ongoing process and not a one off project. Your ediscovery consultant will be able to design and implement sustainable policies, technology enabled solutions, flexible training programs, and periodic audits. This will ensure your information governance program can stand the test of time as cultural, business, legal and technical needs evolve.