Maintaining Electronically Stored Information

CHALLENGE

Across Europe and beyond, data protection/privacy regulations require organisations to have a strong handle on how electronically stored information (ESI) is maintained, with a clear understanding how the same ESI flows through its various digital environments.

Whether protecting personally identifiable information (PII), responding to a regulatory requests or meeting discovery obligations of the court, having a well-defined Information Governance Policy in place assists in avoiding the “I don’t know” answers when being asked to disclose particular information, no matter what the setting.

iDS regularly assist in:

Identifying the various data types and evaluating that which is deemed “difficult” or carries with it some level of risk
Coordinating internal as well as consultative external resources to create efficiencies across project deliverables
Developing a data map, company-wide, outlining current and proposed future ESI lifecycles.

Solution

iDS work closely with instructing clients and collaboratively evaluate the overall network environment to better understand the entire universe of ESI to be considered.

Data is then prioritised from essential to disposable, allowing organisations to develop internal policies designed to reduce risk. This is achieved through:

A project plan was drawn up which included:

Identifying data essential to the legitimate business interests of the organisation and retain in accordance with need and/or obligation
Identifying duplicative data that can be purged based on redundancy of purpose
Identifying non-essential ESI, evaluate use and/or risk, followed by an organised procedure for destruction
Instituting mechanisms to halt all processes as needed should certain “holds” be needed as related to investigations/litigations

Result

By creating a pathway for data to follow, organisations are able to maintain the necessary information essential to daily operations and/or reporting needs.

This is done while simultaneously putting into place avenues for data disposition/destruction, facilitating a roadmap to ESI minimisation and an overall reduction in risk. Whether protecting data subject rights, building a digital evidentiary audit trail in litigation, or creating efficiencies of process during an internal or external investigation, understanding and organising one’s data network provides clear advantages well beyond simple “house” cleaning.