It's no surprise that the amount of digital data is expanding exponentially, and will continue to do so. Experts have talked about it, and we have reported it, for years now. Unfortunately, according to a recent study conducted by the Compliance, Governance and Oversight Council, companies aren't getting better at managing the information they have now. For instance, the survey found that though 98 percent of Fortune 500 executives who participated in the survey acknowledge that "rigorous discovery" and defensible disposal of information is the most powerful outcome of information governance efforts, only 13 percent are able to effectively dispose of data.
Chances are then, adding more data to the equation will only complicate matters unless companies take a different approach to information management. Not long ago, I had the chance to speak with Deidre Paknad, CEO of PSS Systems. The company, which specializes in information management software, is a founding member of the CGOC, and Paknad has also participated in the Electronic Discovery Reference Model Information Management project.
Paknad told me the survey, which included responses from legal, records management and IT representatives, revealed "some pretty big disconnects between the legal department, the records management department and the IT department..."
Of particular concern, Paknad said, are the divergent views respondents had regarding who is responsible for disposing of data that is no longer needed. She told me:
[W]e asked, "Is the records management organization responsible for defining and managing the disposal of data and information?" Sixty percent of the records management respondents said yes. Sixty percent of the IT respondents said no, it's not records management's job.
That's why it's important to get representatives of all three departments involved in designing, implementing and carrying out information management processes, she said. Technology plays an important role, but the technology can't do what needs to be done until the policy, regulatory and e-discovery requirements are defined and responsibility is allocated. That's where the information management reference model comes in, according to Paknad. "It's really a responsibility model," she told me. Even if a company decides not to implement the model suggested by the project, it can at least serve as a starting point.