As we put 2020 behind us and look forward to 2021, InfoGovANZ reflected in an interactive virtual discussion forum on the key IG learnings from the past 12 months and the insights and actions we now need to be taking to make the most of the opportunities and challenges on the road to recovery in 2021.
We’ve seen the different ways governments have responded to the COVID-19 pandemic and the results in managing the pandemic. Similarly, organisations have had to adapt to the changes and, in particular, to faster digital transformation. Robust governance of organisations and of information has never been so important. Increased cyber risks and the importance of access to real-time and accurate data for decision-making, both at the board level and throughout the organisation, are now critical issues.
Given the expected ongoing complex and uncertain operating environment in 2021, robust information governance is needed to provide a system for the effective control and management of information assets to enable access to real-time and accurate information, as well as optimise data assets and value-generating activities while minimising risks.
This will enable the optimum:
- Board oversight with access to real-time information and data for decision-making - COVID-19 highlighted the need for access to real-time information for decision-making, notwithstanding ongoing complexity of operating environments.
- Integration of information security and regulatory compliance -a holistic strategic IG framework is needed to govern and effectively align data, information, compliance and technology together with policies, processes and people.
- Data optimisation through complete and accurate data - organisations need to be focused in investing in the data that is critical to advancing digital transformation and driving transformation initiatives.
7 Information Governance takeaways for 2021
- Implementation of AI responsibly - governance processes must adequately embed dynamic risk management and impact assessments to ensure better oversight of AI technology and properly mitigate risks to achieve compliance by design.
- Cybersecurity will continue to be a significant challenge with increasingly sophisticated attacks on organisations - working from anywhere has increased cybersecurity risks and ensuring employees have regular cyber and privacy training is essential to creating and maintaining a culture of data privacy, data protection and security with full compliance of policies and procedures.
- The explosion of data being collected and generated by organisations, together with the relentless nature of cyberattacks, will continue to pose substantial risks to organisations, particularly in the event of a data breach - it is essential that information be governed through its lifecycle – collection, protection and use, security, archive and disposal. In 2021, the combination of regulations, data volumes and the increasing focus on understanding what data to optimise and what is ROT will lead to an increased understanding and action in secure disposal to minimise organisational risks.
- Development of new technologies, particularly those that enable increased collaboration, will continue to rise and create efficiencies with work productivity - be mindful that they also present information governance challenges and are already resulting in rising eDiscovery costs in legal proceedings.
- Organisations and law firms will need to be smarter in how eDiscovery is approached - investing in earlier strategic work in the discovery process to prevent the cost and burden spiralling out of control.
- Working from anywhere has highlighted the importance of physical interaction for incidental learning, mentoring and social interaction - this requires careful planning for future workplace design and governance of systems and people.
- Changing privacy regulations will continue toward the EU’s GDPR standard - in addition to the review of Australia’s Privacy Act 1988 (submissions received in response to the Issues Paper are available here) and New Zealand’s updated Privacy Act coming into force on 1 December, the following has occurred so far in 2021:
- China’s Civil Code took effect on 1 January providing a statutory right of privacy for individuals and establishing data protection principles
- Indonesia’s Personal Data Protection Bill was submitted to the House of Representatives
- Singapore’s Amendments to the Personal Data Protection Act (PDPA) took effect on 1 February, with accompanying regulations published on 29 January 2021 - strengthens organisational accountability and consumer protection while enabling organisations to use personal data for innovation
- India’s Personal Data Protection Bill 2019 is expected to be tabled in an upcoming parliamentary committee budget session.
The sped up digital transformation of 2020 gave us an insight to the workplace of the future and the importance of robust information governance and both online and physical connectivity.
Moving into 2021, InfoGovANZ calls on information governance professionals working across the information, data, regulatory and technology facets to step up and ensure that systems and governance in their organisations are adequate, integrated and enable information assets to be maximized while risks are minimized.
You can read the insights from the rest of our expert panel in our InfoGovANZ Key Learnings from 2020 – Action and Insights for 2021 Report. The report was developed from a virtual forum discussing the impact of COVID-19 and IG implications for organisations on data, access to information, trust, transparency and accountability, cybersecurity, global privacy regulatory developments, eDiscovery, ethics and artificial intelligence.
You can also watch the recording of the 28 January 2021 webinar here.
Susan Bennett (LLM(Hons), MBA, FGIA, CIPP/E) is the Founder and Executive Director, Information Governance ANZ and Principal, Sibenco Legal & Advisory