Now, more than ever, it's important to add information to your organization's portfolio of assets. And more importantly, to manage your information like any other asset. Why now? According to IBM Marketing Cloud's recent report, 2.5 quintillion bytes of data (roughly 2,500,000 terabytes) are generated every day, and 90% of existing data was created in the last few years. These are staggering statistics - and they bring up a host of obstacles and issues for companies to tackle.
Storage is expensive - you're potentially paying for boxes at a storage facility, data in applications in the "cloud," (i.e., a server farm somewhere), and in your employee's hard drives and file cabinets. According to Wikibon, the worldwide revenue for cloud infrastructure as a service is estimated to be $65 billion in 2018. Unnecessary data - the stuff we often keep that we don't actually need for potential litigation, business purposes, or regulatory compliance - often accounts for more than half of total data storage and corresponding costs, according to the Compliance, Governance & Oversight Council.
Data breaches are expensive - the average cost per breach is estimated to be $7.4 million, as so many companies know only too well. And on top of the expense, information overload is also taxing to our minds and bodies. David Shenk has written extensively about "data smog," and how a glut of information actually increases stress while decreasing our ability to make sound decisions.
The Price Tag Attached to Data Breaches, by Martin Armstrong
If you don't know where your records and data are, accessing the right information when you need it can be expensive due to lost productivity (not to mention frustrating). You need pharmacy logs and licenses this minute when the pharmacy inspector shows up unannounced, records of individual customer insurance policies immediately when a claim is filed, and drilling permits accessible right now when you're ready to go and you've got your contractor and employees standing by. It's inefficient - and costly - when these records aren't accessible or managed like any other asset.
Those records and that data - the stuff you really need - are tremendous assets to your organization. You couldn't do business without them, nor could you comply with regulations or have the evidence you need in litigation. Those records are the lifeblood of your organization.
But on average, only 1% of information is subject to legal hold, 5% is required to be kept for regulatory compliance, and 25% has real business value and utility, according to CGOC's 2015 report. So what about that other 69% of information your business is generating?
Every industry produces a large amount of information - and our ability to discern what has enduring value is becoming more and more essential as the amount of information we store grows exponentially.
Data Never Sleeps 6.0, by Domo
This process - determining what, where, and how our records need to be kept - is daunting when we stop and consider the vast amount of information we currently generate and keep on our servers, in the cloud, in various applications, and physically across our different locations and storage sites. Mergers, acquisitions and divestitures further compound the situation, often leading to more complexity in our management of those information assets.
We understand it is overwhelming to determine what needs to kept and what doesn't, and we've seen many companies who decide in the face of this daunting task to simply keep everything. But keeping everything - all the information your company generates - increases storage costs exponentially as we've seen, adds to that data smog, and hinders your employee's ability to locate the right information they need, when they need it.
So the question remains:
What records and data does your organization produce that need to be kept for legal, regulatory and/or business purposes?
There are certain records and data that your company wants and needs to keep:
Records that have business value
Records that could potentially be evidence in litigation
Records that you need to keep to comply with contractual obligations
Records that you are required to keep to comply with federal and state regulations
Ideally, you would defensibly and consistently delete everything else once it no longer has any immediate value.
Knowing what and where those records and data are - the ones you actually do need to keep - and knowing their required retention and when to legally dispose of them, is essential to clearing up the data smog in your own organization. If you only are paying to store those required records, you will be greatly reducing those hefty costs of storage, whether that's in the cloud, on your servers, in the back office, or at an off-site storage facility.
Identifying these assets and creating a records retention schedule is the foundation for managing your information assets. A retention schedule allows you to distinguish those assets from the rest of your organization's information, and determine how long you are required to keep them. Once a retention schedule is in place, you can defensibly dispose of records that have passed their retention, as well as confidently dispose of other documents.
Identifying your information assets and creating a savvy retention schedule for them not only tells you when you can defensibly dispose of information, but can also tell you:
What format or media it is in
Who the custodian is
If it contains privacy information like personal identifiers or health information
What the security classification is
If a third-party vendor keeps the record
Where duplicates exist
What application/s it's stored in
What regulations and legal citations govern those records
Building a records retention schedule that gives you this data about your information is the key to success. Records management software products like iGMapware allow you to identify and effectively manage your information to comply with both your business and regulatory demands.
Once you have identified your information assets and created a retention schedule you would only be paying for storage for ~31% of the information your organization generates and keeps, and the remaining costs for the other 69% can be eliminated. If your employees know exactly where the records are when a legal hold goes into effect or a permit or license needs to be accessed, frustration will be greatly reduced, and efficiency will go up. Data smog is real, and it's costing your organization a lot of money.
We understand it can be hard to distinguish what and where your information assets are. Many of our customers have struggled with knowing how to get started and what the different steps are to this process.
iGMapware offers a records management and record retention solution that gives you all this information about your records, and more. We also offer consulting services for records management and information governance, and we have helped more than 100 organizations through this process. Click here to have a quick conversation to see if we can help you get started.
Domo. (2017). Data Never Sleeps 5.0 [Digital image]. Retrieved May 18, 2018, from https://www.domo.com/learn/data-never-sleeps-5
Armstrong, M. (2017, June 22). The Price Tag Attached to Data Breaches [Digital image].
IBM Marketing Cloud. (2017) 10 Key Marketing Trends for 2017 and Ideas for Exceeding Customer Expectations.
CGOC. (2015, November 21). Information lifecycle governance leader reference guide (2nd Edition).
Shenk, D. (1997, May). Data smog. MIT's Technology Review. p. 18.
Wikibon. (n.d.). Public cloud Infrastructure as a Service (IaaS) revenue worldwide from 2015 to 2026 (in billion U.S. dollars). In Statista - The Statistics Portal.
#Regulatoryrequirements #informationassets #InformationRisk #RecordsManagementConsulting #InformationGovernance #RetentionScheduleExperts #LegalCompliance #personaldata #corporaterisk