Some companies face the prospect of archiving electronic documents for very long periods of time – up to 100 years, for regulatory or business reasons. For example, construction companies involved in large projects, bridges, dams, skyscrapers, airports, etc., must keep all documents related to the project for the actual construction period plus 30, 50, 100 years (varies depending on state and local government regulations). As well, the records must be quickly searchable and readable over those same periods.
Most companies eventually realize many of their legacy applications or databases are costing them more while providing little value. The main reason companies cite for keeping aging applications and databases active is the potential need to respond to regulatory or legal requests. In reality, legacy application data can be archived and managed separately eliminating the need to keep legacy applications active.
With the recent ransomware attacks that have been in the headlines over the last year, many companies are reconsidering their data protection strategies to protect their company against these new, growing threats.
Prior to the availability of cloud archiving, companies were stuck with expensive, on premise archiving solutions mainly because they were the only game in town. The archiving software vendors focused on specific industries that required companies to archive data based on government regulatory requirements, for example the financial services industry with SEC and FINRA compliance requirements. Companies quickly discovered the downside of on premise archiving solutions; 1) they were expensive, and 2) they were complicated to maintain. Their main advantage was that your data was stored in your data center – you controlled your data.
The EU/US, Safe Harbor scheme, was struck down by the Court of Justice of the European Union (CJECU) in October of 2015 putting companies on both sides of the Atlantic in a difficult position - not having a process for legally transferring data out of the EU to the US.
In my frequent discussions with customers about the benefits of cloud archiving for regulatory, legal, abd business reasons, I still find a large percentage that still don't worry about archiving corporate social media content.
Microsoft today announced the general availability of their archive tier, Microsoft Azure Archive Blob Storage, to go along with their Hot and Cool storage tiers. For Azure-based archiving and information governance applications, the Azure Archive Blob Storage tier will be a huge advance for records managers and information governance professionals looking for long term, inexpensive archive storage.
According to IDC, healthcare data is one of the fastest growing segments of the digital universe – growing from 153 exabytes in 2013 to an estimated 2,314 exabytes in 2020, a 48% annual growth rate. So where will the healthcare industry put all of this critical and sensitive data and how long must it be held?
Today, companies are looking for solutions that can archive inactive data from little used enterprise applications. Those applications can be decommissioned, saving the company the expense of keeping them running for little payback. But the question not addressed early enough in the project is what to do with all of the application’s legacy data – delete it or save it (and where). By migrating the legacy data to an intelligent archive, organizations can preserve the value of legacy application data, ensure regulatory compliance, and address any legal concerns.
A couple of weeks ago I sat in on a presentation about the legal profession and information governance hosted by two attorneys. The presentation was very good however a couple of things set my teeth on edge. The two attorneys presenting started the discussion by pointing out that content is everywhere, is always changing, and is under increased scrutiny, and because of that can be a major headache for attorneys during discovery and for compliance personnel responding to information requests from government agencies. Hard to disagree with that.
The eDiscovery process can be a complex and expensive undertaking. Ever increasing data stores, new applications and data formats, country regulations limiting data movement and increasingly, documents authored in foreign languages, continue to drive up cost, time to respond, and risk.
One eDiscovery task that has been an ongoing pain for companies is dealing with foreign language-based documents during collection and review.
Corporations continue to adopt new information technologies that make their jobs both easier and more complex. Companies have adopted new communications platforms like Skype for instant messaging, enterprise social networks like Yammer and Slack, collaborative groupware applications such as WebEx, GoToMeeting, and video conferencing, not to mention audio and video recording for security. And of course most companies still rely on the old tried-and-true tools like email and telephone/voice messages for day to day communications. Many of these tools now allow you to record both audio and video for regulatory and eDiscovery needs.
The concept of Defensible Disposition has been around for many years. Defensible Disposition is the process of disposing of unneeded and valueless information in a manner that provides information about the disposition process showing that deleted data was not under regulatory retention requirements and the data was not subject to current or anticipated eDiscovery. In short, a data disposition process that ensures regulatory and legal considerations are taken into account.
There are many reasons to develop and follow information management policies including the retention/disposition of information. The most obvious reason is to ensure compliance with regulatory retention requirements. Another reason is because of business requirements such as ensuring that data not deemed having long term value is disposed of so that IT resources are not consumed with "junk" data.
I continue to hear companies make the case for the need to have relatively detailed retention/disposition policies is due to their belief that "the law" requires it - in case your company is involved in a lawsuit and eDiscovery. Let me first touch on the first two reasons before I get into the main reason for this blog.
There's a compelling business case for attorney’s utilizing cloud storage including cost, ease of access, and security, but can lawyers ethically use it?
I still have attorneys argue with me about the appropriateness of storing client-related data, client notes, case notes, and eDiscovery results sets in the cloud. Because cloud storage involves storing data, on remote servers/storage outside of the lawyer's direct control, it continues to generate concerns regarding its acceptability under applicable professional ethics rules.
In my last blog, I discussed the connection between information management and data value. I laid out a math exercise showing how a lack of information management can dramatically affect productivity across the organization by calculating the actual cost of employees not being able to find information when the need it. This in turn causes employees to waste time looking for it, and when not found, being forced to recreate it. By estimating the number of hours of lost productivity as well as the fully loaded cost of the average employee, we are able to determine the total cost of lost productivity.
Taking this theme further, we can use the estimate of lost productivity hours and calculate total lost revenue – the revenue the company could have captured if enterprise-wide information management was more efficient.
Corporate data is what powers most businesses and so is a valuable business asset. In fact, you can say that companies employ information workers to generate and consume data for the betterment of the company. But can you actually calculate the value of data?
Employee’s annual salary, benefits, training, and corporate infrastructure all go into calculating the cost of information. On the other side of the equation, average revenue and profit per employee are measures of efficiency and productivity. To be successful, companies must generate more revenue (and profit) than total cost. And these are driven by how well companies manage their information.
In a couple of blogs over the last month, I have mentioned the possibility of Predictive Information Governance (PIG) - automated information governance based on unsupervised machine learning technology. Just like the name implies, unsupervised machine learning (computers teaching themselves) removes the iterative manual training cycles of the learning process and allows the system to automatically categorize, store, apply retention/disposition, and manage content as it flows within the system.
In past blogs I have discussed the possibilities of machine learning and information management, i.e. predictive information governance (PIG) and auto-categorization to automate the management of electronically stored information (ESI). One of the challenges the information management industry continues to face is how to extend this machine learning capability to audio and video content.
Many companies faced with a need to archive data (usually email) due to regulatory requirements, eDiscovery responsibilities, or business requirements, look for solutions based on capabilities, cost, vendor reputation, security, and regulatory requirements.
In the past, companies in need of archiving solutions purchased one of the many on premise or cloud-based solutions that met their needs. However, many of these archiving solutions actually converted the data so as to enable more efficient storage, indexing, and search. The problem with data conversion is the data can be corrupted or metadata changed or lost nullifying its “golden copy” or copy of record status. In most cases, this is not really a problem… unless you are anticipating or are in fact, involved in litigation.