Competing corporate programs and priorities have often tended to push the agenda for many Records and Information Management (RIM) programs aside. Cybersecurity programs, IT projects, cost-cutting initiatives, digital innovation and regular RIM operations can seem like plugging holes in a leaky dam for record managers. If this feels familiar, then perhaps it is time to take a new tact and build a 21st-century RIM program that meshes with, and supports the business objectives of the organization.
Leadership and executive sponsorship (getting the right person with the budget on board) for a RIM program facelift is important to ensure the success of your RIM program. Sometimes, the leadership is there but only for emotional support; when it comes to actual financial support, there isn’t much. If you’re responsible for a RIM program, you may have to work with the resources you have, but be mindful that by teaming up with other initiatives, like a data governance program, or conversion to a new document management system, can be a way to extend your resources. Regardless, it will take leadership to move any initiative.
Inventory and Appraisal
Traditional RIM practices include inventorying and appraisal of records to ensure proper storage, access, protections, and lifecycle management are in place. Traditional practices still have merit, but the “old school” security of knowing that offsite storage is the solution is outdated. Understanding the location of digital assets, who has access to them, and the value of that information is essential to 21st-century RIM program governance. It is also key to supporting users in their search for information. Furthermore, the potential loss of the information must be considered––beyond the loss of revenue to the organization. And regulatory fines aren’t a trend; they’re a reality. (Google “GDPR fines” or “HIPAA fines” if you’re skeptical.)
Retention and Disposition
Organizations have worked for decades to roll out a retention schedule that is clear, easy to implement, and is followed consistently by stakeholders. As cloud technology booms, legacy systems hang on, and data is transferred as if it were currency, it is more important than ever to have retention and defensible disposition. I’ve spoken to RIM superheroes who created plans to remove terabytes of data and encrypt long-term storage repositories. These plans can save on IT costs for storage and reduce the risk profile of the organization. Additionally, some organizations require their vendors have certifications to ensure the proper handling of information. In the past, vendors have skirted certification to offer a lower rate, but with the new risk landscape, those savings pale in comparison to regulatory fines. The debate over strict adherence to retention schedule rages on among RIM professionals. Many feel retention practices that often over-retain information improve an organization’s chance to defend itself (or go on the offensive in a lawsuit) because they have the information they need. However, keeping large information repositories is expensive and a risky proposition for most organizations. Proving what you have (or why you don’t have something) is more important than ever before.
Properly disposing of risky (or unused) data to save on storage isn’t the only way a records manager can save an organization money. As the collectors and keepers of information for our organizations, we can use tools to mine that information to help the organization make better decisions, save money, and find new opportunities for generating new revenue. Perhaps some of the information you collected has monetary value. Perhaps your organization will apply concepts discussed by Gartner’s Doug Laney in his seminal book, Infonomics, which explains various ways to monetize information, which eventually may end up on your balance sheet as an asset.
If your RIM program can help your organization save money, help the business operate more efficiently, and find additional information value in the process, you have yourself a 21st-century RIM program.