It is becoming increasingly difficult for organizations to manage their data. On a global scale, it is estimated that data generated and copied annually will reach 44 zettabytes (or 44 trillion gigabytes) by 2020. An organization can effectively manage its rapidly increasing data by implementing a legally compliant information governance (IG) program. Legally compliant organizations minimze their risks and costs and maximize the value of their information. Optimally, organizations should assess their legal compliance issues, address challenges and barriers, and develop a solutions-based approach to mitigate risks associated with legal non-compliance.
Key Challenges for Global Organizations
- Legal Complexities: Many global organizations operate in dozens of jurisdictions. There are unique local legal requirements across different jurisdictions. Legal landscapes are constantly evolving, particularly in jurisdictions such as, China, Russia and Ukraine. It is crucial for a global organization's IG program to remain dynamic and to capture shifting legal requirements.
- IG Complexities: There are a growing number of compliance challenges in areas such as privacy, data storage, cross-border datatransfer restrictions, and media/format requirements. Global organizations must be aware that a failure to comply with data protection regulations such as the new EU General Data Protection Regulation can have long-termfinancial and reputational implications.
Rising Operating Costs: Storing information outside the scope of an organization's business needs for lengthy periods of time is costly, and may be unnecessary or even risky from a legal standpoint. According to a 2014 study from Enterprise Strategy Group, it costs between US $4 and US $100 to store a single gigabyte of data over the course of its lifetime.
Solutions for Global Organizations
In a perfect world, there would be turn‐key solutions. However, each organization is unique, has its own compliance standards, runs different systems, and operates in specific markets.
- Project Scoping: Compliance with a wide range of differing laws and regulations depends on how global organizations are regulated locally. Understanding an organization's business activities and the local regulations of the jurisdictions in which it operates is key. It will ensure that information is dealt with securely, efficiently and effectively based on legal, tax, data privacy and business requirements.
Guiding Principles: Well defined guiding principles and methodologies that follow global industry best practices and comply with local legal requirements will satisfy an organization's operational business needs.
Life Cycle Analysis: Conducting a life cycle analysis to determine how information is created and used is essential. Without a life cycle perspective, an IG program would be costly and inefficient.
Ongoing Compliance: To ensure ongoing legal compliance the IG program must be designed to facilitate changes in the legal landscape.
Contributors - Lisa Douglas, Catherine Chen and Nadia Rauf