Information Governance
LEGALLY COMPLIANT GLOBAL INFORM ATION GOVERNANCE PROGRAM –
BARRIERS AND BENEFITS
It is becoming increasingly difficult for organizations to manage their data. On a global scale, it is
estimated that data generated and copied annually will reach 44 zettabytes (or 44 trillion gigabytes)
by 2020. An organization can effectively manage its rapidly increasing data by implementing a legally
compliant information governance (IG) program. Legally compliant organizations minimze their risks
and costs and maximize the value of their information. Optimally, organizations should assess their
legal compliance issues, address challenges and barriers, and develop a solutions-based approach to
mitigate risks associated with legal non-compliance.
Key Challenges for Global Organizations
•
Legal Complexities: Many global organizations operate in dozens of jurisdictions. There are
unique local legal requirements across different jurisdictions. Legal landscapes are constantly
evolving, particularly in jurisdictions such as, China, Russia and Ukraine. It is crucial for a global
organization's IG program to remain dynamic and to capture shifting legal requirements.
IG - Heatmap
1
•
IG Complexities: There are a growing number of compliance challenges in areas such as privacy,
data storage, cross-border datatransfer restrictions, and media/format requirements. Global
organizations must be aware that a failure to comply with data protection regulations such as the
new EU General Data Protection Regulation can have long-termfinancial and reputational
implications.
•
Rising Operating Costs: Storing information outside the scope of an organization's business
needs for lengthy periods of time is costly, and may be unnecessary or even risky from a legal
standpoint. According to a 2014 study from Enterprise Strategy Group, it costs between US $4
and US $100 to store a single gigabyte of data over the course of its lifetime.
Solutions for Global Organizations
In a perfect world, there would be turn‐key solutions. However, each organization is unique, has its
own compliance standards, runs different systems, and operates in specific markets.
•
Project Scoping: Compliance with a wide range of differing laws and regulations depends on how
global organizations are regulated locally. Understanding an organization's business activities and
the local regulations of the jurisdictions in which it operates is key. It will ensure that information is
dealt with securely, efficiently and effectively based on legal, tax, data privacy and business
requirements.
•
Guiding Principles: Well defined guiding principles and methodologies that follow global industry
best practices and comply with local legal requirements will satisfy an organization's operational
business needs.
•
Life Cycle Analysis: Conducting a life cycle analysis to determine how information is created and
used is essential. Without a life cycle perspective, an IG program would be costly and inefficient.
•
Ongoing Compliance: To ensure ongoing legal compliance the IG program must be designed to
facilitate changes in the legal landscape.
2
IG - Dashboard
Contributors - Lisa Douglas, Catherine Chen and Nadia Rauf
Contact Partner
Theo Ling
3