When the AIIM report “Automating Compliance and Governance: Understanding the intersection between information governance & security and analytics & machine learning” came out, we learned that organizations are preparing to spend more of their budgets on information governance. We looked at high-level stats; now we’d like to dig a little deeper into the research to see what insights we can take away for US companies in particular.
How much data is sensitive and how much is ROT?
Two important questions that impact the risks your company may face with their information. Regarding sensitive information, 33% of US companies manage between 20-40% sensitive data, 41% manage 41-75% and 20% 76+%.
Sensitive data is typically personal information like name and address, social security number, credit card information and, potentially, financial and health records. Most organizations must follow stringent rules and regulations that describe how this information must be managed.
ROT – redundant, obsolete and trivial – data is another concern for organizations. How much of their data is ROT?
- 20% manage <20%
- 39% manage between 20-40%
- 32% manage 41-75%
- 8% manage over 76%
ROT needs to be cleaned out. It’s data that isn’t required and by keeping it, you spend more money on storage, risk having that information exposes by internal or external parties and may find yourself in trouble with privacy regulations like NYDFS and GDPR. Equally challenging is the ability for your employees to find good information amongst all this ROT. Accidently confusing ROT data with good data, employees can make bad decisions and provide inadequate customer experiences.
Sometimes an organization may think the likelihood of this information getting exposed to the wrong people is a small risk and they are willing to accept the fines because compliance would take too much time, effort and money. But these incidents might make you consider otherwise:
- Uber was fined a combined $1.17 million by British and Dutch authorities Tuesday for a 2016 data breach
- Target paid $18.5 million to settle its 2013 data breach.
In Canada, new legislation requires that “Canadian businesses will be required as of Thursday to alert their customers and the federal privacy watchdog if there’s a danger that personal information under an organization’s control has fallen into the wrong hands.” The fines for non-compliance are up to $100,000 per individual affected by the breach.
And if you think the amount of information you store today is a lot, North America companies are saying it will increase by 4.28x that amount in the next 18-24 months.
How will organizations deal with information challenges?
Something needs to change. Every organization understands that. But many things can and should be done to improve the management of content – where do you start?
The AIIM survey asked NA respondents where they would spend their budget in the next 12 months. Here’s what they said:
|Records Management/Digital Preservation||3.82|
|Content and document discovery||3.67|
|Industry & geographic specific compliance||3.63|
|Data recognition, extraction, and standardization||3.7|
|Multichannel intelligent capture||3.71|
|RBA (robotic process automation)||3.68|
Note: 5 = +30% ; 4 = +10% ; 3 = no change ; 2 = -10% ; 1 = -30%
If a “3” equals no change in spending, then all these activities will see at least a slight increase in spending. Artificial intelligence, content analytics, and semantics will see the biggest increase in spending, followed by records management and blockchain.
The reality is organizations will need to do a mix of activities to ensure they are managing their information properly. Content analytics and AI likely top the list because these technologies can help identify what information you have and help you classify it.
Records management is also critical because you need to ensure you are managing your records appropriately, following the right data retention policies and ensure your information is secure and compliant. (By the way, register for our webinar, Are You Managing Data Retention Policies The Right Way? To pick up some tips on how you can manage your retention policies efficiently.)
You can pick up your copy of the AIIM report here. There are more insights we haven’t touched on that are important to understand.