This ACC Guide addresses creating a data retention policy that also complies with privacy requirements, and how to synchronize this policy with other compliance requirements.
This is a glossary of Information Governance terms.
Deleting emails and files is a type of initiative that looks easy at the outset but become difficult. Emails and files are retained, and month after month, can quickly year after year they accumulate creating digital layers called information horizons. These information horizons contain a little bit of everything: records, non-records, copies containing high-value value information, personal information, intellectual property, and even documents subject to legal hold.
Organization’s records retention schedules need to be synchronized with assurance current and emerging privacy laws . Records retention laws and regulations may require companies to retain records for a certain number of years, driven by literally thousands of record retention regulations. These requirements may override consumer deletion requests of their personal information.
It can be costly to hold on to information that is obsolete, expired, either legal, regulatory, and not needed for or business reasons. An organization must determine what needs to be saved (meaning, it can identify what can be disposed). Policies can be developed that include both the business justification and process for deleting electronic documents, and establish consistent, repeatable, defensible processes that allow for the routine deletion of data not under a legal hold.
In development or update of a records program it may appear that once a company has its policies and processes, roadmap, tools, and technology in place, some may believe they are done. However, here is still a critical task remaining: employee behavior change management.
This Privacy Capability Maturity Model provides a detailed maturity model for all aspects of an organization’s privacy program, including its use of Artificial Intelligence (AI) and Machine Learning (ML) using personal information.
It seeks to gauge program capability across a variety of program elements, taking a “big picture” view on an organization’s readiness to comply with these requirements.
The ACC Records Management Program Maturity model provides a detailed maturity model for all aspects of an organization’s records program.
It seeks to gauge program effectiveness across a variety of program elements, taking a “big picture” view to increase program value.