This post was written by Joe Shepley, VP President and Practice Leader at Doculabs.
Information risk is one of the most significant risks facing organizations today. Whether because of sensitive data (such as PII, PHI, or PCI), which will generate negative PR and substantial fines if breached, or intellectual property (IP), which will lead to loss of revenue or market share if it falls into the wrong hands, or junk and stale data, which make it harder to know what to protect as well as to find information that’s needed, information has the possibility to damage the organization if not managed properly.
Having Information Management Challenges? Everyone is
The best defense, therefore, is to manage information properly, but this is easier said than done because most organizations not only keep everything forever (despite having policies to the contrary) but also have little to no idea what information is stored on what systems (and who owns it). In addition, there’s often no single entity responsible for managing information at an organization, so getting buy in, momentum, resources, and funding is a real challenge.
You Need the Right Team to Manage Information Risk
And all too often, managing information is seen as an IT or records management concern, whereas in reality, Information Security and Privacy should be deeply involved: after all, when a breach happens, the state of information behind the firewall will drive the size and impact or the breach. If there are terabytes of unneeded PHI on shared drives or decades of old billing information in a legacy billing system, it won’t be the records manager or IT owner of the systems who have to answer to the Board, it will be Information Security and Privacy.
Want to Learn How to Manage Your Information Risk?
There is a lot to understand about proper information governance. If you live in the Houston area, we welcome you to join myself, Gungor Aydogmus from InfoDNA Solutions and Everteam for breakfast and a discussion on the tools and techniques of information governance that can help you reduce information risk. Mark your calendar for June 29th at 7:30am CDT and register to save your seat. We’d love to see you there.