The volume and type of electronically stored information (“ESI”) retained by corporations has increased exponentially in recent years, creating a range of challenges for corporations developing formal records retention policies. While certain types of records must be retained for a fixed period as determined by legislation, many documents are not subject to a specified retention period. Retention then becomes a matter of business need and risk mitigation. In addition, the expanding scope of legal privacy…

The EU General Data Protection Regulation (“GDPR”) came into force on May 24, 2016. Companies offering goods or services to individuals in the EU have until May 25, 2018 to comply with the requirements set out by the GDPR. While GDPR requirements may appear rather prescriptive compared to its predecessor – the EU Data Protection Directive – the GDPR advocates for a systematic and organized compliance culture.Article 30 of the GDPR requires companies to maintain…

Organizations are recognizing that data scientists can play a valuable role in enterprise IT security. However, effective security requires a collaborative effort between data scientists and security professionals within an enterprise. While data scientists have a pivotal role to play, they cannot and should not operate in a vacuum.Leveraging Data Science to Mitigate Security RiskData science is a field of research that involves analyzing massive data sets to extract useful information. In the context of…

When a person deactivates, deletes or disengages with his or her profile on an online service, what happens to that person’s personal information? When a person leaves, does personal information stay?In 2015 Ashley Madison, an online dating website known for connecting users to explore or engage in extramarital affairs, was hacked and the personal information of 36 million users was publically exposed. The data breach prompted a joint investigation by the Canadian and Australian privacy…

As explored in an earlier b:INFORM article, “Email Compliance: Act Now, Save Millions – Information Governance Report Is A Call To Action,” email management is proving to be a major compliance challenge for organizations, threatening financial harm and loss of reputation if left unaddressed. Employing a legally compliant and business savvy email management program is a critical starting point in overcoming the complexities and challenges associated with email retention. In order to facilitate compliant email…

The rapid evolution of digital storage technologies over the past two decades illustrates how seemingly timeless inventions can become completely obsolete in the blink of an eye. Today, floppy disks are all but extinct, the use of CD-ROMs is drastically decreasing, and the proliferation of cloud-based storage suggests that hard disk drives may too be on their last legs.Organizations that retain digital records over the long-term must ensure that their records remain accessible into the…

As the volume of data worldwide continues to increase exponentially, businesses are feeling pressure to start taking more proactive measures in the area of data governance. Much of the current focus on data governance relates to security concerns, but managing unstructured data also presents a potential competitive advantage for businesses.Data is a tremendously overlooked asset for many modern businesses. Organizations may be sitting on extremely valuable sets of data but, without proper organization, this resource…