Day 2 of the first ARMA/Sedona Executive Conference on Information
Governance turned toward technology and law.
Tech featured the world of Big Data, while a mock trial and an
exploration of IG in the public sector excited the legal eagles. RIM features, like The Principles, took
backstage until brief appearances at the concluding “town hall” forum.
Both presenters and attendees agreed: Big Data is ignored at
one’s own peril, and it raises a multitude of questions and ethical
dilemmas. Repeatedly, presenters
emphasized that Big Data is not “more of the same”. There is certainly more data than before, but
the real difference is the analytical algorithms applied to the data.
Amazon uses algorithms to move books and products to nearby
distribution centers even before a buyer places an order. While enabling quick delivery can be
important, using algorithms for alerts to medical conditions or pharmaceutical
needs can be life-saving.
In contrast, some Big Data analyses presented seemed
ominously futuristic, like dystopic sci-fi movies where individuals’ every
movement and choice are accurately predicted by a controlling government or mad
scientist. In reality, whether Big Data is beneficial, neutral, or sinister
depends on its use. Is Edward Snowden a
hero or a villain?
Why is Big Data significant for Information Governance?
- Algorithms enable more accurate eDiscovery
- Algorithms auto-classify records more quickly and accurately than human staff
- Big Data (and its analysis) raise serious ethical issues
- It may collect personal information without consent
- When consent is given, Big Data may be used for purposes beyond that of its original collection
Conference dialogue repeated that all data has value (more
or less) and all data has risk. The
balance between the two invokes ethics in how the data is used. Since members of the Bar, Certified Records
Managers, and certified Information Governance Professionals are bound by
ethical codes, understanding Big Data and its uses are essential to
professional responsibility.
At the concluding “town hall” forum, presenters encouraged
attendees to apply the conference’s lessons to their daily work. The concepts of IG are over-arching, and the
technology can be imposing, but that should not paralyze practitioners. “Start small,” several leaders implored:
- Learn more about complementary disciplines.
o
The non-technical should learn more about Big
Data and how it works, perhaps by taking a course in probability or statistics.
o
RIMmers and techies should keep up on emerging
case law relating to records, as well as revisions to the Federal Rules of
Civil Procedure
o
Attorneys should add the Generally Accepted
Recordkeeping Principles to their repertoire, moving on to newer and broader
concepts of records and their management
- Apply Information Governance to under-managed information such as records held by suppliers, including Cloud providers
- Introduce and enlist organizations’ high-ranking officers to IG. Consensus said it takes a C-level leader to harness the disparate contributors to IG.
The concluding forum also invoked the “C” Suite in plans for
2015. Even though this first “executive”
conference was light on executive attendance, I sensed real enthusiasm for high-level
involvement next year. Most likely, ARMA
and Sedona will make an extra effort to recruit enlightened officers. They may reach even higher, to corporate
boards of directors and corporate secretaries.
As I mentioned, there were only a few references to The Principles,
as well as Sedona’s Guidelines, as background and reference for ongoing IG work.
At lunch with leaders from both ARMA and The Sedona
Conference, I reiterated my hope that there would be at least a nominal attempt
at forging a mutually acceptable definition of “Information Governance”. Alas, my plea went unheeded, and the
conference closed with everyone’s preconceptions intact.
In the fourth (and possibly) final post on this conference,
I will present a summary and analysis of the event as a whole. Tune in tomorrow for another exciting
adventure into the emerging world of Information Governance.
Posts
Here is a succinct definition of Information Governance, which I have developed in the course of researching my latest book which came out last week, "Information Governance: Concepts, strategies, and Best Practices (Wiley, 2014).
ReplyDeleteI'll put it out there, and don't mind it getting kicked around and torn up, so long as we put it back together and end up closer to a consensus. Clarity is needed. We all can generate wordy definitions to cover all the bases, but then the message gets lost.
I spoke to the ARMA greater Los Angeles chapter last week, and before my presentation, I asked, "Who is clear on the definition of IG?" Not a single hand went up. So it is the duty of thought leaders and trade associations to boil it down, make it succinct, usable, and memorable. I have it down to 10 words.
IG is : "Control of information to meet legal, regulatory, and business demands."
That's the shortest I can get it. I'd like to say "business information" but that's implied. I'm trying to keep it succinct.
Now let's break it down.
"Control" means the management, policies, processes, and controls -- all of this is essentially control. If you have control you are managing, if you have control you have enforced policies, if you have control you have defined processes. Also, if you have control you are able to meet privacy requirements and to properly secure your information.
By "demands" I mean legal information retention requirements, adherence to the FRCP and other applicable laws; also, any regulations that require retention or disclosure; and business demands such as internal business objectives, a defensible disposition policy (certainly overlaps with legal), company IT strategies and policies, and other internal IG requirements a particular organization has.
So there is is, the best I can do at this point but I am open to suggestions - so long as they do not complicate or elongate the definition.
What say you?