Why General Counsel should care about information governance
Information governance is no longer limited to simple record keeping. In today’s workplace, it is the backbone of best practice across business functions and encompasses:
compliance and risk management
data storage and archiving
business operations and management
Business intelligence and big data
In my role as an ediscovery consultant, I have seen the impact information governance for legal scenarios involving litigation, regulatory investigations and data protection related requests such as the right to erasure. Furthermore effective information governance can bring many benefits and ensure the smooth management of various legal scenarios that depend on the production and identification of electronic evidence such as right to erasure requests.
Companies who have their house in order generally find that requests for information are fulfilled with minimum disruption to their business. Rather than spending time searching for electronic documents, they can respond to the request right away, honing in data quickly. Because they understand their data architecture searches and collection can be less widespread and therefore cheaper. In contrast, those with poor infrastructure waste valuable time and money seeking this out and often spend more on forensics services, processing and hosting fees.
In terms of compliance, we find that information governance and efficient compliance programmes go hand in hand. You can’t have a good compliance programme if you do don’t have a handle on where your data is, what data you are collecting and what backup systems are in place. Poor information governance provides a useful camouflage for those engaged in unlawful behaviour. Those who have been embroiled in regulatory investigations or experienced fraud know all too well the financial and reputational damage caused by not preventing misconduct.
Take the lead towards improving information governance at your company
If you have concerns about how your company is managing information, it is vital that you raise the issue with senior management, IT and other departments and begin the process of enacting change. As general counsel, your legal knowledge and responsibilities make you a key stakeholder in the process.
Where do I begin?
Some elements of information governance do require technical knowledge and specialist services such as ediscovery and data analytics. An experienced ediscovery vendor will be able to offer consultancy to tailor a specific programme for your company’s needs. However below is an outline of the typical steps involved in improving information governance:
- Mapping and assessing data estates
Using consultative assessments, data mapping, system inventories and data mining technologies, your consultant will outline how important or sensitive data is created, secured, managed and retained throughout your organisation.
- Analysing and classifying data
Once you know where your data resides and the extent of it, this data can then be defined and classified. Redundant and obsolete information can be eliminated using a specialist review platform, freeing up server space and reducing backup costs. Key information can be preserved and managed more easily.
- Building context and monitoring activity
Technology such as predictive data analytics can then be deployed to mine critical information, evaluate the facts in context and define relationships between data sets and measure trends.
With stronger insight into trends and anomalies in targeted sets of content, you can holistically manage or predict risks and make informed legal decisions whilst reducing reactive legal fees.
- Futureproofing your systems
Information governance is an ongoing process and not a one off project. Your ediscovery consultant will be able to design and implement sustainable policies, technology enabled solutions, flexible training programs, and periodic audits. This will ensure your information governance program can stand the test of time as cultural, business, legal and technical needs evolve.
About the author:
Tina Shah is a US trained lawyer and joined in 2012 as an Electronic Evidence Consultant within the legal technologies division of KrolLDiscovery. Her role is to advise on how to effectively manage electronically stored documents in matters ranging from litigation, arbitration, internal and regulatory investigations.
Should you have any questions on GDPR and Data Privacy, ediscovery and digital forensics you may always call Tina for advice or email her @ Tina.Shah@krolldiscovery.com
+44 (0) 20 7549 3870 Amsterdam Office
+44 (0) 77 9989 6853 Mobile
KrolLDiscovery provides technology-driven services and software to help legal, corporate and government entities manage, recover, search, analyse, and produce data efficiently and cost-effectively. In addition to its award-winning suite of software, Kroll Ontrack provides data recovery, data destruction, electronic discovery and document review services.
For more information about Kroll Ontrack and its offerings please visit: www/ediscovery.com/nl and follow @KrollOntrackEU on Twitter.