<< back Page 2 of 2

CCPA Forces Modern Approaches to Customer Information Governance

Technology Streamlines Compliance and Security

With a firm grasp of their information assets, organizations can begin leveraging technology in a smart manner. A few of the technology-based practices businesses will begin to use as they grapple with information security and privacy include the following:

  • Consolidating Information in Place—Previously, businesses that wanted a single view of their customers, for instance, needed to pull and combine data from multiple systems for each inquiry. The solution to the manual headaches these efforts created was to migrate data from multiple systems into a single repository. But this can be a costly and time-consuming activity that disrupts business users’ workflows as they are forced to learn new tools.

?Federated governance hubs use pre-built connectors and APIs to bring together information from common business platforms and create a single interface for applying information management rules. Hubs can even be extended beyond enterprise systems to local drives so that documents stored on desktops are managed and properly secured. As a result, existing business user applications are not disrupted. Not only does the federated hub streamline information management, it also provides organizations with a single interface for responding to ediscovery requests. One study found document review and analysis made up nearly three-quarters of ediscovery costs, resulting in an average cost of $18,000 per gigabyte. Automating this process can significantly reduce those litigation and regulatory expenses. 

  • Tapping AI—IDC has predicted that there will be 175ZB of data by 2025. AI and machine learning are helping businesses quickly cut through this staggering amount of information to provide greater control of document classification, retention, and security.

?For instance, machine learning algorithms can cull through 40 years of scanned insurance documents to quickly identify and obfuscate social security numbers and tag documents with the appropriate security level. The same exercise can be applied to other PII—addresses, phone numbers, etc.

  • Automating Compliance and Security—Automation is one of the most effective strategies for reducing the burden and minimizing the risks of information management. With an effective automation program in place, compliance happens seamlessly in the background with very little or no intervention. Instead of requiring business users to understand records management, business rules and metadata ensure records are created, managed, and archived or destroyed on schedule.

?In the previous example of documents with Social Security numbers, the AI-generated security mark can be used to automatically limit who has access to the document internally. Automation settings can also provide varying levels of information access—allowing some individuals to view the full Social Security number while limiting others to the last four digits.

?In addition to the time-saving benefits, organizations that automate information management throughout the entire lifecycle reduce their vulnerability and liability. AIIM has estimated that up to 70% of the data in unmanaged servers is redundant, obsolete, and trivial (ROT)—in other words, information clutter. Holding onto it impairs businesses’ abilities to demonstrate compliance with regulations and slows down fulfillment of discovery requests. ROT is also typically unmanaged and unknown, contributing to a greater likelihood of theft or breach. 

With CCPA at businesses’ doorsteps and other regulations quickly following behind, the time for companies to take action and clean up their information act is now. While it is a challenging process, the risks are too great for businesses to stand idly by. Thankfully, modern approaches supported by technological advances from the last 10 years can help to streamline information governance and, ultimately, compliance.

<< back Page 2 of 2


Subscribe to Big Data Quarterly E-Edition