New regulations and increases in both data, and data breaches, have provided IT decision makers and records managers with the perfect reason to get a watertight records management policy in place.
It is thought that by 2020 this opportunity may have gone.
1. Data management
Managing data effectively begins with knowing what data you have and then establishing a robust, compliant and well-implemented retention schedule. This is a good place to start.
2. Devise a process
Globalisation, social media, increased digital processes and greater interaction with customers are feeding the growth of data. So the task of managing data is only going to become more difficult. Acting now can help you take control. If you don’t have one already, consider appointing a records manager or data protection officer.
3. Audit your data
Don’t be overwhelmed by the problem; not knowing where to start is not an excuse not to start. Instead, approach the task in bite-sized chunks, document type by document type or department by department.
4. Data management policy
Make the application of your information management schedule part of your employee induction programme and part of your disciplinary process. This will clearly state how important keeping data safe is to the company. Embed records management into your day-to-day business, ensuring there is Board-level buy-in.
5. Staff training and engagement
Conduct regular staff training and updates; a persistent reminder of the importance of data is an effective guard against human error.
6. Review your retention strategy
Remember, a retention schedule is not a tick box or a static solution – it evolves and should be reviewed periodically to take into account changing legislation and court decisions. All data in whatever format should be subject to retention schedule review – today’s transactional data is tomorrow’s vital record.
7. EU General Data Protection Regulation
With the EU General Data Protection Regulation on the way, pay particular attention to retention schedules for personal data – there will be an increasing need to know where personal data is, how you access it, how you can prove you can correct it or delete it, and have permission to use it for certain purposes.
8. Future proof your organisation
Futureproof the line of business systems you have from an information management perspective. In the future all data processes and data related systems will need to have in-built privacy by design.
9. Data accessibility
Consider how easy your data is to access. If you want to improve access to physical data (paper), one way of doing it is by scanning the hard copy and hosting it via an online application whereby users can access the data from any web-enabled device 24-7.
10. Data compliance
Data retention is often viewed as being all about compliance, risk management and avoiding fines. But the real challenge is to look at data management not in terms of business cost or business risk, but as a business opportunity. In future, companies with a good record of handling personal data will be more attractive to consumers; it may well become one of the most important ways they compare businesses.