OfficeLabs and Information Governance and Compliance
Operating your business within or according to a set of rules for the way you, your employees or your colleagues handle information is a necessity of doing business. It doesn’t matter if you are the business owner, senior manager, leader or team member – data compliance, information security compliance and data governance are your responsibility.
Being compliant doesn’t have to be an arduous process. Most regulation applies to any type of business, from human resource regulations, health and safety and data security through to financial services. There is a consistency that applies to every organisation and the rules can be readily found for your business sector.
One overarching legislation that now applies to all businesses that store any form of personal data is the introduction of the General Data Protection Regulation (GDPR). This has helped to shine a light on the subject of information governance as a whole – this in itself is a good thing.
However, it also highlights the fact that many organisations find themselves in a position where their records or knowledge management teams have created general information management policies. These policies include a retention and deletion schedule that in theory should be defensible and address legal hold and compliance needs.
Realistically, the policies cannot be practically implemented or maintained across digital or paper information. Often there isn’t the will, capability or understanding of how to put the policies in place and maintain them. This results in a set of well-defined and necessary policies that do nothing apart from exist without having any effect.
OfficeLabs has the knowledge and the tools to apply those policies to your information. If you store data as paper documents, in file shares, in SharePoint, in Dropbox, or in many other common repositories both on premises and in the cloud, OfficeLabs has the answers to how to apply your existing or business sectors rules across all of your data stores.
By using Microsoft’s powerful Office 365 and Azure Information Protection platforms we can identify the data you are storing and apply rules to move or destroy unwanted or expired data. If you are an organisation that must process Freedom of Information (FOI) requests, you can reduce the time taken to respond by reducing the volume of information that you store and have to search through. Alternatively, you can categorise and hold information in appropriate containers which can be searched quickly and accurately. Controlling how data is managed can result in significant saving of costs and effort.
What do we mean by information management?
The life-cycle of data is how your organisation can get the most value and minimum risk from the data you hold. Keep it too long and you risk financial penalty, delete it without keeping auditable records and you risk prosecution.
Consider the life-cycle stages of data:
Collection: How do you receive data? Through asking your customers to complete a form giving personal information? Questionnaires? Is this a record of purchase for product warranty? Or do you collect and pass information on to a third-party organisation?
Processing: What do you do with the information as part of the business process? This can be the necessary process as part of a transaction or the process that generates income. Are processes automated for efficiency and appropriate classification of that data?
Persistence: How long do you keep the data? How much? Is it disposed of as soon as it loses its value, and if so, are you aware of when that is? Unless there is a legal reason to keep data for a specified length of time, why store it? Storage is cheap, but administration, support and security of that data is not.
Access: Do you know who is accessing your data, when and why they want access? Without quality and appropriate reporting in place and the tagging of data you simply won’t know how staff are using and potentially sharing that data.
Security: Is your current data storage platform secure, and if so, how secure? How can you be certain? Are your security measures tested and assured? What process do you have in place in the event of a breach or data loss? Who in your organisation is responsible for your data security?
Destruction: When and how is data destroyed? Can you be certain that correct data is being deleted? Or is your organisation one that keeps everything just in case – and probably in user mailboxes? When data is identified for deletion can you provide destruction certificates for audit purposes?
How can OfficeLabs help you?
OfficeLabs are the UK partners, resellers and product specialists for Gimmal’s suite of powerful applications that can get you prepared for information compliance. Gimmal’s Policy Suite for example, can take the dormant information policies that have been written and largely ignored and apply them directly across all your storage repositories, giving absolute control over all files.
Gimmal software can provide full life-cycle management including reporting for monitoring and auditing, knowing when information has outlived its value, destroying unwanted data and providing destruction certificates.
All of this power is made available to the organisation’s record and information managers – they will not have to make a request to the IT department to make a change or wait for someone else in the business with technical knowledge and access to apply a change to a policy.
OfficeLabs, in co-ordination with Gimmal and Microsoft, gives your organisation the ability to appropriately control the life-cycle of its data. If your business does not have a records manager, then we can provide information assurance expertise to work through how to manage your data in line with your business sector.
We also provide training services for those in the role who are looking for better ways to manage data. They can make your knowledge workers and users aware and inform the business of how and why they should be adhering to data policies and how serious the consequences can be for those who don’t. More often, the penalties for data loss and misuse are not absorbed by the organisation – instead individuals are found to be responsible and ultimately accountable.
Reduce the risks by doing everything possible to make your organisation compliant through the application of the market leading technologies and partnering with OfficeLabs – the information management experts.
These are just some of the benefits that OfficeLabs information managers can offer your company. When you book an appointment with an OfficeLabs consultant, they will talk to you in depth about your business needs, and how best to utilise the power of technology and policies. Remember, information management is just one of our capabilities. Making sure your business runs as smoothly and efficiently as possible is why OfficeLabs has been chosen by both FTSE 250 companies and huge public sector bodies, and our no-jargon approach will let you talk to us with confidence about your requirements.