Volumes of data continue to explode from more and more sources. Workforces are becoming increasingly mobile and connected. Companies are in a constant struggle to comply with regulations and litigation demands, while also maximizing the value of their data and minimizing costs and risks.
These present day realities have led to the adoption of confusing buzzwords — Electronically Stored Information (ESI), Electronic Discovery, Information Governance — that are thrown around regularly but may not be fully understood. Let’s take a look at what these terms mean, both individually and in relation to each other, and how companies can best approach the management of their data.
Generally speaking, ESI is information that is created and stored in digital form. Examples of ESI are emails and attachments, documents stored on a computer, text and voicemail messages, digital photographs, and videos. The sources of ESI are rapidly multiplying, thanks in part of the advent of the Internet of Things (IoT), including wearables (such as fitness tracker, smart watches, smart clothing), telematics in automobiles, and sensors on all sorts of things, including railroad tracks, industrial equipment, and household appliances.
Information Governance (InfoGov or IG) is emerging as one of the most important challenges confronting organizations today, particularly in this age of Big Data, data breaches and other information-related liability. Effective InfoGov provides an organization with clear and uniform information policy guidelines that allow the organization to meet its information management objectives, including increased business performance and reduced costs and risks.
The Sedona Conference, which defines InfoGov as “an organization’s coordinated, inter-disciplinary approach to satisfying information compliance requirements and managing information risks while optimizing information value,” has outlined 11 Principles to guide companies in their efforts to implement effective InfoGov policies:
- Organizations should consider implementing an InfoGov program to make coordinated decisions about information for the benefit of the overall organization that address information-related requirements and manage risks while optimizing value.
- An InfoGov program should maintain sufficient independence from any particular department or division to ensure that decisions are made for the benefit of the overall organization.
- All information stakeholders should participate in the InfoGov program.
- The strategic objectives of the InfoGov program should be based upon a comprehensive assessment of information-related practices, requirements, risks, and opportunities.
- An InfoGov program should be established with the structure, direction, resources, and accountability to provide reasonable assurance that the program’s objectives will be achieved.
- The effective, timely, and consistent disposal of physical and electronic information that no longer needs to be retained should be a core component of any InfoGov program.
- When InfoGov decisions require an organization to reconcile conflicting laws or obligations, the organization should act in good faith and give due respect to considerations such as privacy, data protection, security, records and information management, risk management, and sound business practices.
- If an organization has acted in good faith in its attempt to reconcile conflicting laws and obligations, a court or other authority reviewing the organization’s actions should do so under a standard of reasonableness according to the circumstances at the time such actions were taken.
- An organization should consider reasonable measures to maintain the integrity and availability of long-term information assets throughout their intended useful life.
- An organization should consider leveraging the power of new technologies in its InfoGov program.
- An organization should periodically review and update its InfoGov program to ensure that it continues to meet the organization’s needs as they evolve.
Prudent entities are now recognizing the need for a comprehensive approach to previously siloed disciplines — including records and information management for their ESI and paper documents, ediscovery, data privacy, and information/cyber security — under the InfoGov moniker.