Improve Compliance & Data Protection

The accelerating threat of cyber-attack and a rapidly tightening regulatory environment are turning data protection and compliance strategies into business critical decisions.

Unstructured data, as the most chaotic and fluid information repository within the organization, is simultaneously the most important and the most difficult to manage for data protection and compliance teams.

The ability to first analyze the entire unstructured data footprint is an absolute requirement and can present significant technical challenges. Being able to categorize this data as record/non-record, IP/public, employee/client/subcontractor PII, inside/outside of retention period, etc. enables the organization to take the next steps. Integrating appropriate maintenance and management of these data categories into the working practices of the user population completes the process of establishing a protected and compliant file service.

Establishing robust data compliance and protection practices across the entire unstructured data footprint is a legal requirement.

Useful Resources

Data Compliance

Periodic auditing of the state of compliance is not sufficient. Organizations must strive to achieve continuous compliance; risks continuously monitored and stakeholders continuously informed.

Data Protection

A clear understanding of the current content of unstructured data repositories forms a solid foundation in preparing for the introduction of the General Data Protection Regulation.

ILM

Technology supported workflows allow for records management systems that are successfully applied to structured data to be equally well applied to unstructured data.

IT Management

Implementation and continuous monitoring of suitable workflows ensure that audit demands can be efficiently fulfilled, without the need for un-anticipated, resource-intensive and costly external services.
Northern Parklife icon

Let’s take control over your data management

We accelerate the goals of growth stage companies by providing the expertise and experience they need to hit their next stage of growth faster.

Looking for workflows that drive continuous compliance?

Data compliance must be an organic component of every organization’s standard working practices – written guidelines and periodic auditing are not sufficient.

By monitoring key risk indicators – identifying sensitive or restricted data as it stored in the file service – by reporting the presence of this data to relevant stakeholders and by guiding actions, the organization is able to continuously maintain unstructured data footprints in-line with data compliance requirements.

Northern’s Solution

Northern’s software solution enables the organization to understand how the file service is being used and to involve stakeholders in establishing and maintaining a specific pattern of usage.

To fulfill the need to establish a continuously compliant pattern of usage, Northern recommends the use of the Information Governance and Compliance solution area. This provides access to the necessary content analysis capabilities and the possibility to pass targeted information out to relevant stakeholders in a self-service portal.

The benefits

Continuous evaluation of data compliance, supported by workflows that inform and involve relevant stakeholders, establishes a culture of data compliance. The benefits to the organization center on risk avoidance.
  • Unstructured data represents the single greatest compliance risk for the organization. By establishing a culture of regulatory compliance, offering continuous support to business users in their use of the file service, organizations are able to protect themselves against potentially crippling legal penalties, financial forfeiture and material loss.
  • Periodic analysis of levels of compliance is valuable but, as a reactive strategy, it does not tackle the underlying need to adapt working practices in the organization. Continuously involving relevant stakeholders and supporting them in decision making processes establishes a proactive and collaborative approach to data compliance.

Taking responsibility for GDPR readiness?

The General Data Protection Regulation (GDPR) is a new regulatory framework introduced by the European Parliament & Council. It was passed into law in April 2016 and will be applied from May 25th, 2018. The regulation sets out a single framework for the handling of Personally Identifiable Information (PII) pertaining to European citizens. All organizations (regardless of geograhical location) that collect, handle and/or store this type of information must ensure compliance or face sanctions of up to €20m ($21m) or 4% of annual world-wide turnover (whichever is greater). GDPR presents considerable challenges and risks; organizations globally must ensure their readiness. As an unstructured data pool, with a large number of data owners and stakeholders, user data must be a key area of focus for the organization’s DPO function. If robust and cost-effective compliance mechanisms are to be introduced then file system structures must be simplified, data accountability improved, and redundant, obsolete and trivial data removed.

Northern’s Solution

Northern delivers a powerful set of capabilities that support the implementation and continuous management of compliance mechanisms.

The Information Governance and Compliance solution area provides the ability to monitor the unstructured data footprint and identify areas of possible non-compliance. These analyses can be based solely on file meta-data or on file content (text mining). Stakeholders, such as data owners or members of the Data Governance team, can then be invited to review, and inspired to act.

The benefits

The ability to continuously monitor the unstructured data footprint, identify areas of possible non-compliance, and then involve qualified stakeholders in mitigating these risks provides clear benefits to the work of the Data Protection team and the organization as a whole.
  • Regulatory compliance within unstructured data must begin with an understanding of the data footprint itself. A risk assessment of all pockets of unstructured data enables specific and relevant strategies for achieving compliance to be defined.
  • Focused reports, clear directives and the knowledge that only data owners have about the content of their files allows regulatory compliance to become an element of standard working practice.
  • Regular review of stored data, ROT removal and general house-keeping initiatives ensure efficient use of the file service. Maintaining a controlled and more transparent data footprint reduces the cost and complexity of ensuring data protection and compliance.
Contact Us