eBook - ePub

Information Governance

Name: Information Governance
Author: Robert F. Smallwood

Concepts, Strategies and Best Practices

Robert F. Smallwood

Share book

English
ePUB (mobile friendly)
Available on iOS & Android

eBook - ePub

Information Governance

Concepts, Strategies and Best Practices

Robert F. Smallwood

Book details

Book preview

Table of contents

Citations

About This Book

The essential guide to effective IG strategy and practice

Information Governance is a highly practical and deeply informative handbook for the implementation of effective Information Governance (IG) procedures and strategies. A critical facet of any mid- to large-sized company, this "super-discipline" has expanded to cover the management and output of information across the entire organization; from email, social media, and cloud computing to electronic records and documents, the IG umbrella now covers nearly every aspect of your business. As more and more everyday business is conducted electronically, the need for robust internal management and compliance grows accordingly. This book offers big-picture guidance on effective IG, with particular emphasis on document and records management best practices.

Step-by-step strategy development guidance is backed by expert insight and crucial advice from a leading authority in the field. This new second edition has been updated to align with the latest practices and regulations, providing an up-to-date understanding of critical IG concepts and practices.

Explore the many controls and strategies under the IG umbrella
Understand why a dedicated IG function is needed in today's organizations
Adopt accepted best practices that manage risk in the use of electronic documents and data

Learn how IG and IT technologies are used to control, monitor, and enforce information access and security policy

IG strategy must cover legal demands and external regulatory requirements as well as internal governance objectives; integrating such a broad spectrum of demands into workable policy requires a deep understanding of key concepts and technologies, as well as a clear familiarity with the most current iterations of various requirements. Information Governance distills the best of IG into a primer for effective action.

Frequently asked questions

How do I cancel my subscription?

Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.

Can/how do I download books?

At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.

What is the difference between the pricing plans?

Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.

What is Perlego?

We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.

Do you support text-to-speech?

Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.

Is Information Governance an online PDF/ePUB?

Yes, you can access Information Governance by Robert F. Smallwood in PDF and/or ePUB format, as well as other popular books in Business & Information Management. We have over one million books available in our catalogue for you to explore.

Information

Publisher

Wiley

Year

2019

ISBN

9781119491408

Edition

Topic

Business

Subtopic

Information Management

Index

Business

PART ONE
Information Governance Concepts, Definitions, and Principles

CHAPTER 1
The Information Governance Imperative

Effective information governance (IG) programs improve operational efficiency and compliance capabilities while leveraging information as an asset to maximize their value. Active IG programs are the hallmark of well-managed organizations, and increasingly IG has become an imperative, especially for global enterprises.

A “perfect storm” of compliance pressures, cybersecurity concerns, Big Data volumes, and the increasing recognition that information itself has value have contributed to a substantial increase in the number of organizations implementing IG programs.

Most significantly, the European Union (EU) General Data Protection Regulation (GDPR), which went into effect May 25, 2018, left companies across the globe scrambling to gain control over the consumer data they had housed. The GDPR legislation applies to all citizens in the EU and the European Economic Area (EEA), regardless of where they reside, and also visitors and temporary residents of the EU. So any global enterprise doing business with EU/EEA citizens—or even visitors—must comply with the legislation or face a major fine. The primary goal of GDPR is to give citizens control over their personal data.

Brought about in part because of GDPR compliance concerns, membership in the International Association of Privacy Professionals (IAPP) grew from around 25,000 members in 2017 to over 40,000 members in 2018, and it continues to grow.

A first step in the GDPR compliance process is to conduct an inventory of an enterprise's information assets to create a data map showing where all incidences of data are housed. This is commonly the first major implementation step in IG programs, so the IG discipline and support for IG programs made substantial strides in 2018 with the lead-up to GDPR going into effect. Then California passed its California Consumer Privacy Act (CCPA), which borrowed many concepts from GDPR and required that any company (of a certain size) handling the personally identifiable information (PII) of California residents (in specified volumes) comply by January 1, 2020. Suddenly US-based companies could no longer ignore privacy regulations, and the momentum for IG programs that could manage privacy compliance requirements accelerated.

During this same time frame, data breaches and ransomware attacks became more prevalent and damaging, and organizations adopted IG programs to reduce the likelihood of cyberattacks, and their impact. IG programs implement effective risk reduction countermeasures.

A first step in the GDPR compliance process is to conduct an inventory of an enterprise's information assets to create a data map.

Added to that has been the continued massive increase on overall data volumes that organizations must manage, which results in managing a lot of unknown “dark data,” which lacks metadata and has not been classified. Organizations also retain large volumes of redundant, outdated, and trivial (ROT) information that needs to be identified and disposed of. Cleaning up the ROT that organizations manage reduces their overall storage footprint and costs, and makes information easier to fine, leading to improved productivity for knowledge workers.

IG programs are also about optimizing and finding new value in information. The concept of managing and monetizing information is core to the emerging field of infonomics, which is the discipline that assigns “economic significance” to information and provides a framework to manage, measure, and monetize information.¹ Gartner's former analyst Doug Laney published a groundbreaking book in 2018, Infonomics, which delineates infonomics principles in great detail, providing many examples of ways organizations have harvested new value by finding ways to monetize information or leverage its value.

Infonomics is the discipline that assigns “economic significance” to information and provides a framework to manage, measure, and monetize information.

Early Development of IG

IG has its roots in the United Kingdom's healthcare system. Across the pond, the government-funded National Health Service (NHS) has focused on IG to ensure data quality and protect patient data since 2002. Although IG was mentioned in journals and scholarly articles decades ago, the UK is arguably the home of healthcare IG, and perhaps the IG discipline.² Could this be the reason the UK leads the world in healthcare quality? Certainly, it must be a major contributing factor.

The United States has the most expensive healthcare in the world, the most sophisticated equipment, the most advanced medicines, the best-trained doctors—yet in a recent study of healthcare quality, the United States came in dead last out of 11 civilized nations.³ The UK, Switzerland, and Sweden topped the list.

The U.S. healthcare problem is not due to poor training, inferior equipment, inferior medicines, or lack of financial resources. No, the problem is likely primarily a failure to get the right information to the right people at the right time; that is, caregivers must have accurate, current clinical information to do their jobs properly. These are IG issues.

Since 2002 each UK healthcare organization has been tasked with completing the IG Toolkit, managed by NHS Digital for the UK Department of Health. Although the IG Toolkit has evolved over the years, its core has remained constant. However, in April 2018 it was replaced with a new tool, the Data Security and Protection Toolkit, based around 10 National Data Security Standards that have been formulated by the UK's National Data Guardian.⁴

Big Data Impact

According to the research group Gartner, Inc., Big Data is defined as “… high-volume, high-velocity and high-variety information assets that demand cost-effective, innovative forms of information processing for enhanced insight and decisio...