Information Compliance Governance

Information Compliance Governance and Information OverkillInformation Lifecycle Management

Companies of all sizes are grappling with the compliance laws and issues of how to properly manage the sensitive information (and documents) they generate and use in daily operations. According to a whitepaper published by the Compliance, Governance and Oversight Council, the issue of information lifecycle management now requires a comprehensive management approach to address everything from compliance issues to records information management to privacy and security concerns.

With the unprecedented volume of information, both printed and digital, being created, the challenges continue to grow. At the same time, they must deal with increasingly sophisticated and creative blackhat operators who are seeking to mine this massive amount of information for use in harmful ways. Unfortunately, headlines about data breaches and identity theft are becoming more and more commonplace.

Of course, the efforts to develop and implement proper procedures are first concerned with protecting employees, vendors, and customers from such information theft. However, there are an increasing number of rules and regulations that warrants appropriate attention. The 8th biennial 2013|2014 Information Governance Benchmarking Survey report released by AIM and Cohasset Associates shows that many companies are setting themselves up for failure in this area.

According to this report, only 8 percent of the 87 percent of the survey respondents claim to have effective record information management programs; this elite group has statistical measures in place to rate the success of such programs. Moreover, the survey shows that a mere 17 percent of these companies actually conduct audits of their efforts.

As the number of laws and regulations dealing with information and corporate record security continue to proliferate, companies are struggling with ways to remain compliant. This important challenge has given new significance to the concept of information compliance governance, making it a concern of all C-level executives.

Information Compliance Governance: More than Planning

The management principle that people do what is inspected, not what is merely expected applies to this situation. A lack of effective auditing of information compliance efforts indicates serious deficiencies in many corporations when it comes to both compliance and planning.

The first step is understanding that Records & Information Management (RIM) is only a tactical component of overall information compliance governance. From this point, a new level of attention is required in developing and implementing overall governance strategies that are effective and regularly monitored.

We’re proud of our role at Sergeant Shredder in assisting many Southern California companies comply with RIM policies as a part of their overall information compliance governance strategies. As a NAID member, we follow strict protocols for document destruction. We take it an extra step by only hiring shredding technicians with a military, law enforcement or firefighting background. Not only are they trustworthy, they are specially trained to keep your information safe.

Shredding as Part of Information Compliance

Shredding is a key element to information compliance. Many of our clients must prove that hard-copy documents are secure throughout its lifecycle. It’s starts with training employees to keep sensitive information within secure areas and under their control.

Once those documents are no longer useful or necessary, provide locked bins located in convenient locations throughout your office. As a premier shredding provider, our specially trained technicians will escort your sensitive documents directly to our truck where it is shredded on site. We can also provide a Certificate of Destruction if you need to retain for compliance proof.  Lastly, an All-Shred Policy will make it easy for employees to comply. All of these steps provide auditable management for compliance.

What are you thoughts about Information Compliance Governance?