Webinars      Login/Register      Cart

InfoGovANZ

Information Governance Think Tank

Information Governance

7 Information Governance Takeaways for 2021

by

 

As we put 2020 behind us and look forward to 2021, InfoGovANZ reflected in an interactive virtual discussion forum on the key IG learnings from the past 12 months and the insights and actions we now need to be taking to make the most of the opportunities and challenges on the road to recovery in 2021.

We’ve seen the different ways governments have responded to the COVID-19 pandemic and the results in managing the pandemic. Similarly, organisations have had to adapt to the changes and, in particular, to faster digital transformation. Robust governance of organisations and of information has never been so important. Increased cyber risks and the importance of access to real-time and accurate data for decision-making, both at the board level and throughout the organisation, are now critical issues.

Given the expected ongoing complex and uncertain operating environment in 2021, robust information governance is needed to provide a system for the effective control and management of information assets to enable access to real-time and accurate information, as well as optimise data assets and value-generating activities while minimising risks.

This will enable the optimum:

  • Board oversight with access to real-time information and data for decision-making - COVID-19 highlighted the need for access to real-time information for decision-making, notwithstanding ongoing complexity of operating environments.
  • Integration of information security and regulatory compliance -a holistic strategic IG framework is needed to govern and effectively align data, information, compliance and technology together with policies, processes and people.
  • Data optimisation through complete and accurate data - organisations need to be focused in investing in the data that is critical to advancing digital transformation and driving transformation initiatives.

7 Information Governance takeaways for 2021

  1. Implementation of AI responsibly - governance processes must adequately embed dynamic risk management and impact assessments to ensure better oversight of AI technology and properly mitigate risks to achieve compliance by design.
  2. Cybersecurity will continue to be a significant challenge with increasingly sophisticated attacks on organisations - working from anywhere has increased cybersecurity risks and ensuring employees have regular cyber and privacy training is essential to creating and maintaining a culture of data privacy, data protection and security with full compliance of policies and procedures.
  3. The explosion of data being collected and generated by organisations, together with the relentless nature of cyberattacks, will continue to pose substantial risks to organisations, particularly in the event of a data breach - it is essential that information be governed through its lifecycle – collection, protection and use, security, archive and disposal. In 2021, the combination of regulations, data volumes and the increasing focus on understanding what data to optimise and what is ROT will lead to an increased understanding and action in secure disposal to minimise organisational risks.
  4. Development of new technologies, particularly those that enable increased collaboration, will continue to rise and create efficiencies with work productivity - be mindful that they also present information governance challenges and are already resulting in rising eDiscovery costs in legal proceedings.
  5. Organisations and law firms will need to be smarter in how eDiscovery is approached - investing in earlier strategic work in the discovery process to prevent the cost and burden spiralling out of control.
  6. Working from anywhere has highlighted the importance of physical interaction for incidental learning, mentoring and social interaction - this requires careful planning for future workplace design and governance of systems and people.
  7. Changing privacy regulations will continue toward the EU’s GDPR standard - in addition to the review of Australia’s Privacy Act 1988 (submissions received in response to the Issues Paper are available here) and New Zealand’s updated Privacy Act coming into force on 1 December, the following has occurred so far in 2021:
    • China’s Civil Code took effect on 1 January providing a statutory right of privacy for individuals and establishing data protection principles
    • Indonesia’s Personal Data Protection Bill was submitted to the House of Representatives
    • Singapore’s Amendments to the Personal Data Protection Act (PDPA) took effect on 1 February, with accompanying regulations published on 29 January 2021 - strengthens organisational accountability and consumer protection while enabling organisations to use personal data for innovation
    • India’s Personal Data Protection Bill 2019 is expected to be tabled in an upcoming parliamentary committee budget session.

The sped up digital transformation of 2020 gave us an insight to the workplace of the future and the importance of robust information governance and both online and physical connectivity.

Moving into 2021, InfoGovANZ calls on information governance professionals working across the information, data, regulatory and technology facets to step up and ensure that systems and governance in their organisations are adequate, integrated and enable information assets to be maximized while risks are minimized.

You can read the insights from the rest of our expert panel in our InfoGovANZ Key Learnings from 2020 – Action and Insights for 2021 Report. The report was developed from a virtual forum discussing the impact of COVID-19  and IG implications for organisations on data, access to information, trust, transparency and accountability, cybersecurity, global privacy regulatory developments, eDiscovery, ethics and artificial intelligence.

You can also watch the recording of the 28 January 2021 webinar here.

Author

Susan Bennett (LLM(Hons), MBA, FGIA, CIPP/E) is the Founder and Executive Director, Information Governance ANZ and Principal, Sibenco Legal & Advisory

Accountability & IG – Sonya Sherman

by

As we put 2020 behind us and look forward to 2021, we reflected in an interactive virtual discussion forum on the key IG learnings from the past 12 months and the insights and actions we now need to be taking to make the most of the opportunities and challenges on the road to recovery in 2021.

We’ve seen the different ways governments have responded to the COVID-19 pandemic and the results in managing the pandemic. Similarly, organisations have had to adapt to the changes and, in particular, to faster digital transformation. Robust governance of organisations and of information has never been so important. Increased cyber risks and the importance of access to real-time and accurate data for decision-making, both at the board level and throughout the organisation, are now critical issues.

Our expert panel included InfoGovANZ Advisory Board member, Sonya Sherman, with over 20 years’ experience is a highly regarded subject matter expert in public records, information access and information governance.

Sonya has held senior public policy and advisory roles, developing legislation and international standards, providing strategic policy advice and implementing sector-wide reforms in areas such as digital transformation, data sharing and open government, in Australia and internationally.

She is a member of the cross-jurisdictional, cross-sector Data Sharing Taskforce convened by the Australian Computer Society (ACS); and a member of the International Organization for Standardization ISO/IEC JTC001/SC32/WG6 Joint Technical Committee Working Group on Data Usage. Sonya’s passion is helping people create, find, use and share information, for better business and more connected communities.

Sonya’s insights:

At last year’s Roundtable, Sonya pointed out three priorities for information governance:

  • Connectivity - had to do with maintaining business as usual during the shift to digital and remote working.  Organisations in 2020 quickly realised that access to reliable information was just as important as access to technology. Rapid digital transformation has been broadly successful in knowledge industries and laggards did a lot of catching up over the past year. But we also saw innovative use of data and technology in sectors that previously relied on in-person interaction. Think about orchestras and choir groups; personal trainers; real estate auctions; Cabinet meetings; and Parliament.  Moving forward, we’re seeing connectivity transition to creativity, with new types of digital products and services coming into play. This is going to have flow-on effects for information governance and regulation.
  • Sustainability - ensured the systems and processes put in place last year will help maintain good governance across a remote workforce and a distributed information ecosystem for the longer term.  The jury is still out on this one. Rapid transformation in some cases will mean data and information have ‘slipped through the cracks.’ It’s likely some organisations are suffering major challenges with version control, with increased risks of data leakage or data breaches. It’s likely we'll never go back to working the way we used to, but this doesn't mean we will all remain working remotely.
  • Accountability - recognised the critical importance of keeping records during the crisis, even though it may seem more difficult than usual.  Last year, Sonya noted that every decision and action would potentially come under scrutiny and we’ve certainly seen a lot of inquiries already, with, no doubt, more to come. We've also seen the benefits of keeping records, to learn from and adjust our actions through successive virus waves.  Accountability will transition to transparency and organisations or governments that communicate very openly with staff or citizens and provide regular, reliable information will build trust that helps them meet their goals.  Trust will break down when information is withheld or people have doubts about it.

We are also seeing the advantages of sharing data and information to enable contact tracing and to rapidly develop vaccines. It's really important that people can trust systems and processes to maintain data integrity and protect their personal information at this time.

There will be growing awareness of the value IG brings to organisations, government and communities. The pandemic is having a huge impact on the way we live, the environment and global politics.  Maintaining accessible records and data about this period in history continues to be vitally important for our future world.

Questions for leaders

  • Connectivity and creativity: Given the new types of digital products and services coming into play, are you ready for the flow-on effects for information governance and regulation?
  • Sustainability: You will see sustainability transition to scalability. Will your IG systems and processes support a hybrid workplace, where some people are in the office and others are anywhere else.
  • Have you carried out a reconciliation, that is, cleared out the redundant, obsolete and trivial (ROT) and duplicates?
  • Accountability and transparency: Have you got a communications culture that builds trust? Information sharing leads to better business outcomes.

You can read the insights from the rest of our expert panel in our InfoGovANZ Key Learnings from 2020 – Action and Insights for 2021 Report. The report was developed from a virtual forum discussing the impact of COVID-19  and IG implications for organisations on data, access to information, trust, transparency and accountability, cybersecurity, global privacy regulatory developments, eDiscovery, ethics and artificial intelligence.

You can also watch the recording of the 28 January 2021 webinar here.

Collaboration & IG – Bryn Bowen

by

As we put 2020 behind us and look forward to 2021, we reflected in an interactive virtual discussion forum on the key IG learnings from the past 12 months and the insights and actions we now need to be taking to make the most of the opportunities and challenges on the road to recovery in 2021.

We’ve seen the different ways governments have responded to the COVID-19 pandemic and the results in managing the pandemic. Similarly, organisations have had to adapt to the changes and, in particular, to faster digital transformation. Robust governance of organisations and of information has never been so important. Increased cyber risks and the importance of access to real-time and accurate data for decision-making, both at the board level and throughout the organisation, are now critical issues.

Our expert panel included InfoGovANZ International Council member,  Brynmor Bowen, Principal Consultant at Greenheart Consulting Partners, and a Board Director of MCCG Guyana, a management consulting company based in Guyana. Bryn is a Fellow of the College of Law Practice Management and Past President of the ARMA Metro NYC chapter. He is also a founding Steering Committee member of the Law Firm Information Governance Symposium, an organization dedicated to providing IG guidance to the legal industry through published white paper guidance.

Bryn is formerly the Director of Information Services at Schulte Roth & Zabel LLP, a New York-based law firm, where he established an information governance (IG) program in addition to overseeing the new business intake (NBI), conflicts/risk, record and information management, research/library services, and knowledge areas. Prior to that, Bryn was Director of Legal Systems and Information Management at Greenberg Traurig LLP, a large US law firm, where he established a global IG and records management program and reengineered the NBI conflicts and risk programs, and at the referenced millennium (2000), was Head of New Business and Conflicts at Clifford Chance, a newly transatlantic and transpacific merged of 3,200 lawyers.

Bryn’s insights:

  • 2020 was certainly a year of acceleration of some long-awaited advances in how technology could be used to improve metadata enrichment and analysis.  We saw the knowledge-related workforce become largely virtual, which led to the rise in the deployment of collaboration platforms along with the attendant IG issues, ranging from intra and extra enterprise security considerations to access rights management and the need for proper provisioning to reduce information proliferation.
  • We also saw project realignments to reflect shifting priorities brought on by the pandemic, such as accelerated infrastructure moves to the cloud and the already mentioned increased digitisation. We also saw the use of AI enabled technology to mitigate effects of the shifting workforce stance, such as virtual support functions around knowledge workers and vastly improved functionality, like task suggestions in Office 365, empowering the governance of information in a significant way.
  • There will be an acceleration of the changes already started in 2020, particularly with added functionality to collaboration replacement tools and the governance considerations and requirements that will need to be put in place.
  • For new organisations, there will be an increased level of awareness of the need for IG frameworks, as this becomes more of a foundational necessity due to the virtual workforce.  This will also lead to more thoughtful implementation and adoption of technology, with a greater focus on end user needs and overall user experience.
  • Virtual workplace collaboration among knowledge workers has grown exponentially due to the restrictions demanded by logical response to the pandemic.  Even after the pandemic subsides, significant virtual collaboration will be part of the new normal.

Action for leaders

  • In order to ensure maximum positive effect and also take advantage of some of the value-added elements of virtual collaboration, a thoughtful, well-guided creation of a proper IG framework is critical.

You can read the insights from the rest of our expert panel in our InfoGovANZ Key Learnings from 2020 – Action and Insights for 2021 Report. The report was developed from a virtual forum discussing the impact of COVID-19  and IG implications for organisations on data, access to information, trust, transparency and accountability, cybersecurity, global privacy regulatory developments, eDiscovery, ethics and artificial intelligence.

You can also watch the recording of the 28 January 2021 webinar here.

Trust & Information Insights – Sarah Auva’a

by

As we put 2020 behind us and look forward to 2021, we reflected in an interactive virtual discussion forum on the key IG learnings from the past 12 months and the insights and actions we now need to be taking to make the most of the opportunities and challenges on the road to recovery in 2021.

We’ve seen the different ways governments have responded to the COVID-19 pandemic and the results in managing the pandemic. Similarly, organisations have had to adapt to the changes and, in particular, to faster digital transformation. Robust governance of organisations and of information has never been so important. Increased cyber risks and the importance of access to real-time and accurate data for decision-making, both at the board level and throughout the organisation, are now critical issues.

In the world of data privacy, unfortunately trust and confidence in the way that organisations use data was already low leading into 2020. In New Zealand, Privacy Commissioner research showed only 32% of people trusted companies with their data in 2018, while Pew Research Center in the U.S. found that 79% of Americans have concerns about how their data is used, with 81% perceiving the risks of data use outweighing the benefits.Then add to that the events of 2020 which led to unprecedented levels of sharing, collecting and using sensitive personal information due to COVID-19 and contact tracing, working from home and to the need to control and prevent protests and civil unrest.

Our expert panel included InfoGovANZ International Council member Sarah Auva’a who is Lead Digital Trust Partner at Spark New Zealand, where she is responsible for designing privacy, legal compliance and governance strategies and frameworks that enable customer trust. Experience in telecommunications, digital services, data analytics, banking and regulatory sectors has shaped Sarah’s pragmatic and customer driven approach to unlocking the value of data in an ethical way.

Sarah’s insights:

  • The potential for data sharing to provide benefits to individuals and communities, but also raised questions to consider. Do we share sensitive information about our health status, location and contacts with organisations and governments to help fight COVID-19 and potentially benefit ourselves and others? Do we trust governments to use the information effectively to battle COVID-19 and to keep it safe from potential loss, misuse, or abuse?
  • Poorly designed or hastily constructed COVID-19 data collection initiatives (from businesses creating contact registers to organisations attempting to repurpose data sets, such as location data collected for other reasons, to governments failing to consider how contact tracing data may be reused) can not only fail to achieve the desired outcome, but can undermine the confidence of individuals in contact tracing systems more generally.
  • Surveillance became a hot topic with employers seeking ways to monitor the performance of millions of people working from home.  Invasive surveillance techniques by employers can undermine relationships between employers and employees, and fears of unemployment and a recession helped to subdue employee resistance.
  • It’s possible for governments to harvest and repurpose personal information in ways that violate human rights, harm people and drive civil unrest, particularly with the assistance of artificial intelligence (AI) and facial recognition technology.

As we step into 2021, we are more dependent than ever on digital technology and are creating bigger digital footprints. Data sharing will continue to play a key role in mitigating COVID-19. Not only will contact tracing continue to be a focus, but sharing of immunity and vaccination status information, as well as validation of that status, will become hot privacy topics in 2021. Most people accept that data sharing is inevitable, but people are also looking to their government to make it safer.  In 2020, 65% of New Zealanders and 75% of U.S. respondents support additional privacy regulation.

Key questions for leaders

•      What would it take to rebuild trust in your organisation to enable safe data sharing to benefit us all?

•      What do you think governments and regulators need to do to enhance regulatory frameworks to provide individuals with confidence, autonomy, and safeguards to facilitate data sharing?

•      How will your organisation showcase compliance with data and privacy regulations and provide stakeholders with confidence that systems work and companies can be trusted?

•      What are you doing or not doing that will impact the trust that individuals are willing to place in you going forward?

•      How can you further use privacy enhancing technologies to minimise information collection and impact?
Given what’s at stake, 2021 is the year to tackle the question of trust as if our lives depend on it.

You can read the insights from the rest of our expert panel in our InfoGovANZ Key Learnings from 2020 – Action and Insights for 2021 Report. The report was developed from a virtual forum discussing the impact of COVID-19  and IG implications for organisations on data, access to information, trust, transparency and accountability, cybersecurity, global privacy regulatory developments, eDiscovery, ethics and artificial intelligence.

You can also watch the recording of the 28 January 2021 webinar here.

Privacy Developments in ANZ – Daimhin Warner

by

As we put 2020 behind us and look forward to 2021, we reflected in an interactive virtual discussion forum on the key IG learnings from the past 12 months and the insights and actions we now need to be taking to make the most of the opportunities and challenges on the road to recovery in 2021.

We’ve seen the different ways governments have responded to the COVID-19 pandemic and the results in managing the pandemic. Similarly, organisations have had to adapt to the changes and, in particular, to faster digital transformation. Robust governance of organisations and of information has never been so important. Increased cyber risks and the importance of access to real-time and accurate data for decision-making, both at the board level and throughout the organisation, are now critical issues.

Our expert panel included InfoGovANZ International Council member, Daimhin Warner, who is a Director of Simply Privacy, a NZ consultancy providing privacy advice, strategy and training to business and government, and NZ Country Leader for the International Association of Privacy Professionals (IAPP). He’s a privacy professional with over 15 years' privacy and related experience in both the public and private sector.

Daimhin worked with the Office of the NZ Privacy Commissioner for 7 years, ultimately managing the Commissioner's Auckland Investigations Team. Daimhin then moved to NZ’s largest life insurer, where he created and headed a Privacy Team and programme, before co-founding Simply Privacy in 2015.

Daimhin’s insights:

The evolution in global privacy regulations will continue - since the EU’s GDPR, we witnessed the phenomenon of ‘GDPR-isation,’ the development of myriad privacy laws around the world intended to meet or exceed the high-water mark set by the GDPR.  Examples include India’s upcoming Personal Data Protection Act, Brazil’s General Data Protection Law, and, of course, the UK’s GDPR (designed to mirror the EU’s GDPR post-Brexit). This explosion of privacy regulations is essential for the maintenance of a functioning global economy, fuelled by the sharing of personal information across borders.

 

In NZ

  • ANZ was no exception - the NZ Privacy Act 2020, which commenced in December 2020, moves NZ further along the regulatory spectrum, introducing mandatory privacy breach notifications, limitations on cross-border data transfers and extraterritorial effects, and providing the NZ Privacy Commissioner with increased enforcement powers. 2021 will be all about the bedding in of this new Act.
  • We will see increased enforcement action from the Privacy Commissioner as he flexes his new regulatory muscles - importantly, we will also learn in 2021 if NZ has retained its EU Adequacy status. This coveted status means that organisations in the EU may transfer personal information to NZ organisations in compliance with the GDPR without having to put any other measures (such as Standard Contractual Clauses) in place. This is critical to NZ’s rapidly growing community of innovative start-ups and the software as a service (SaaS) products they develop for a global market.

And in Australia

  • The Australian Privacy Act 1988 is under review, with lawmakers considering a host of major changes intended to bring the Australian law up to global standards.  Possible amendments will include removing the somewhat unbelievable small business and employee exemptions, thereby broadening the reach of the law to cover most, if not all, organisations and individuals in Australia.  The review will also reflect on the operation of the mandatory breach notification regime introduced in 2018 to ensure it is meeting its objectives. We can expect an update in the coming months, reflecting submissions received from public and private sector agencies across the country.
  • In both Australia and NZ, we are also likely to see further developments in the areas of data portability (referred to this side of the world as the ‘consumer data right’), ethics in AI and algorithms, indigenous approaches to privacy (led by efforts to better understand and address Maori data sovereignty in NZ), and the regulation of big tech companies, such as Google and Facebook.

Actions for leaders:

  • Organisations and the experts supporting them need to learn the new laws and ensure your processes and procedures comply.

You can read the insights from the rest of our expert panel in our InfoGovANZ Key Learnings from 2020 – Action and Insights for 2021 Report. The report was developed from a virtual forum discussing the impact of COVID-19  and IG implications for organisations on data, access to information, trust, transparency and accountability, cybersecurity, global privacy regulatory developments, eDiscovery, ethics and artificial intelligence.

You can also watch the recording of the 28 January 2021 webinar here.

Hindsights and Insights Report – Information governance reflections on 2020 and insights for 2021

by

As we put 2020 behind us and look forward to 2021, we reflected in an interactive virtual discussion forum on the key IG learnings from the past 12 months and the insights and actions we now need to be taking to make the most of the opportunities and challenges on the road to recovery in 2021.

The forum featured leading expert practitioners sharing their experiences and views for the year ahead including Susan Bennett, Sarah Auva’a, Ronke Ekwensi, Sonya Sherman, Dr Peter Chapman, Aurelie Jacquet, Richard Kessler, Bryn Bowen, Andrew King, Daimhin Warner, Dean Gonsowski and Enzo Lisciotto.

You can read the insights of our expert panel in InfoGovANZ Key Learnings from 2020 – Action and Insights for 2021 Report, which is available for download here.

The recording of the webinar on InfoGovANZ Key Learnings from 2020 – Action and Insights for 2021, which took place on 28 January 2021, is available for download here.