Brian Tuemmler is Information Governance Solution Manager at Nuix. He and I recently recorded a webinar called 9 ways to comply and get ahead. Its theme is that organisations face increasing requirements from all sides and in all jurisdictions, with new regulations defining appropriate ways to conduct business and not just in financial and health-related activities.
Our over-arching point was that the technology and the skills developed to face eDiscovery challenges are now required for proactive identification of data. Where once the requirement was a retrospective search for data which was “relevant” to the dispute, we now need to identify data before it became a problem. The once unfashionable concept of information governance is now having its day. The speed of technology (like the Nuix engine) is important not just for speeding up a retrospective investigation but for identifying current risk and alerting relevant people.
Privacy has become a brake on keeping and distributing personal data, and security has become a positive reason for knowing what you have got and what is in it. Cyber risk and GDPR demands (for example GDPR’s Data Subject Access Requests) have moved us from the relatively leisurely deadlines of discovery to urgent proactive identification. The GDPR is relevant to many US companies, and the Californian Consumer Privacy Act is bringing similar (though not identical) responsibilities to the US.
In 55 minutes, Brian Tuemmler and I range widely over the topics which matter to those who are responsible for an organisation’s data. There is more information and a link to the recording here.