In a new GDPR World, Information Governance's Time Is Now

Over the years, interest in Information Governance (IG) practices and related technology solutions within the legal industry has ebbed and flowed, primarily following the pattern of economic cycles.  We have reached a tipping point where another cycle of heightened interest from enterprise buyers is well underway.  And this time the benefits realized will live up to the hype resulting in sustained investment.

In a new GDPR World, Information Governance's Time Is Now

A History Lesson – Information Governance & the EDRM Diagram

In early drafts and in the initial public release of the 2006  Electronic Discovery Reference Model (EDRM), information governance was not included.  Instead, the boxes in the left of the original EDRM  are called ‘Records Retention’ and ‘Records Management’.  It wasn’t until 2014 release that the term ‘Information Governance’ was finally introduced.  

There is now a separate and more elaborate graphic titled the ‘Information Governance Reference Model’ (IGRM) that augments the current EDRM.

Information Governance – A Modern View

Information governance now includes several related sub-disciplines, including legal processes, records management, data privacy and security, enterprise content management, and governance, risk and compliance.  

Investment in information governance technology and their associated enabled services result from a concurrent convergence of several drivers, namely:

  • The ascension of the General Data Protection Regulation (“GDPR”) and other emerging data privacy regulations
  • Data security risk and the increasing demands of breach incident response
  • Exponential expansion in volume of electronically stored information (ESI) accelerated by the emergence of massively scaled and inexpensive public cloud storage options
  • Increased complexity of data forms and types, especially from social and mobile applications
  • The maturation of the eDiscovery industry and the associated commoditization of related technology and service offerings
  • Globalization and the accelerated demands for cross-border exchange of ESI as a propellant of business activity
  • Historically high activity in M&A and divestiture events
  • Vulnerabilities and threats presented by poorly executed information governance policies and procedures receive board-level and c-suite attention through daily media reminders.  

In comparison to eDiscovery, which is commonly regarded as an expensive, time consuming activity at the board level in most corporate enterprises, enterprise investments in information governance technology and automation present an opportunity to realize a real return on investment.  

Further, it is well-understood by eDiscovery practitioners that there is a direct connection between information governance actions that limit the amount of irrelevant ESI to process, review, and produce, which results in cost savings. 

The Promise of Emerging Information Governance Technology

Modern information governance technology platforms and their related service offerings can:

  • Auto-categorize ESI in all forms, structured and unstructured, providing enhanced insight to its enterprise value (or absence of value)
  • Identify personal identifiable information (PII), protected health information (PHI), and other highly sensitive information and allow for automated protections to reduce risk
  • Index content for search via keywords, concepts, themes, and expressed or inferred sentiment
  • Allow for flexible use cases across a corporate enterprise, e.g., HR, legal, finance, compliance, security, etc.

Thomas Bonk discusses GDPR and Information GovernanaceThomas Bonk is the Vice President of Global Professional Services at Epiq.  He has over 18 years of e​xperience in the legal services industry managing the strategic and tactical use of technology within litigation, regulatory, information governance, and investigative advisory matters. 

Filed under: esi, gdpr, information governance

The contents of this article are intended to convey general information only and not to provide legal advice or opinions.