7 ways organizations can improve information governance
As federal and state legislative bodies push for stronger protection of data in an era of persistent threats, new laws are coming on the books and information governance has never been more important. With the right governance systems and practices in place, healthcare organizations and other companies can simplify compliance, says Tara Combs, an information governance expert at Alfresco, a vendor of platforms to support information governance programs for multiple industries, including healthcare. Combs offers seven ways to improve information governance, applicable to healthcare organizations and other industries.
Create a data map
Pinpoint the systems that store content with personally identifiable information. This will give a much clearer view of the organization’s data universe, enabling faster response to data requests from consumers.
Manage records in place
Providers and other organizations often have legacy systems with many years’ worth of processes built out on them. A more effective approach is to manage records in place. Providers can quickly add governance to many disparate information systems and keep complex workflows intact.
Delete data in a defensible way
Many cybersecurity and consumer data privacy regulations include a disposal provision. This is where automated records management comes in. Using configurable disposition schedules, providers can automate and log the deletion of regulated content.
Build in process automation
Providers will need to respond to consumer’s requests for information on how their personal data is being used. It is much more efficient to manage these responses using an automated digital process than with email or spreadsheets.
Use advanced security controls
Software that automatically identifies and redacts personally identifiable information limits the disclosure of sensitive information such as names and Social Security numbers. The organization can further protect consumer privacy by using security marks and security classifications to restrict content access.
Auto-classification technology can discover and tag personally identifiable information in terabytes of unstructured content. Auto-classification is fast, consistent and works across a range of systems and formats.
Consider the cloud
If a hacker hits an application in the cloud, the breach is contained to that app. A hacker who breaks into a corporate data center can attack any system on the network.