InfoGovANZ

Information Governance Think Tank

Latest News

Cleansing and Organizing Unstructured Data Stores in Preparation for Migration – ActiveNav

by

Background

Regional wholesaler and largest supplier of treated water in the United States serving 19 million people, The Metropolitan Water District of Southern California (The “District”) had accumulated 80 TB of data over 30 years of file share use. With 1800 employees, the process to clean up the data was not only a technical feat, but also a daunting organizational project.

A District-wide employee assessment determined the legacy file systems were not meeting the District’s needs for sharing information among staff and stakeholders. Staff reported they could not readily find information needed for daily operations and much of the data appeared obsolete.

To improve information access and governance, the District planned to migrate its file share data to the cloud and tag it with searchable metadata. However, they realized that first the data needed to be understood, cleansed, and better organized.

At a Glance

ABOUT

  • Public Sector Utility 1800 Employees
  • 17 Major Business Units

CHALLENGES

  • 80 TB of content
  • more than 5 million folders
  • 200+ file shares
  • File system data had become an obstacle to productivity

RESULT

  • Indexed 40+ million files
  • 40% of data was ROT or duplicated
  • Restructured to align with business operations

PROCESS

  • Discover what data existed on the file shares
  • Decide what had no operational value
  • Sustain compliance and record management requirements

Setting Up for Success

To ensure a successful cloud migration the District planned a two phase strategy:

  1. Discover: The District’s more than 200 file shares were, among other things, an obstacle to productivity. The first step was the daunting task of discovering what data existed on the file shares so then, they could decide was worth keeping.
  2. Decide: In order to decide the value of maintaining data or discarding it, ActiveNav met with over 400 stakeholders across 190 sub-business units and teams. Once the decision to keep the data was made, it was then prepared for migration to the cloud.
  3. Sustain: Cloud migration and metadata tagging of 40 million files / 80 TB meant that the District was set up for sustainable records compliance.

Originally, the District’s data comprised over 40 million files which included:

  • Engineering drawings
  • Photos
  • Videos
  • System files
  • All manners of office documents from every department

The District knew it needed automated tools and expert assistance to discover the data and facilitate its cloud migration strategy. It selected the ActiveNav file discovery and management system and engaged professional services for consultation.

“I’m confident today that by using and partnering with ActiveNav, the work over the last few years has positioned us well for taking the next step of deploying an ECM system and actually having that technology work as intended because of the foundation built and the prep work ActiveNav allowed us to do,” said Steve Gonzales, Information Governance and Enterprise Content Management Manager.

Making Sense of the Data

During phase 1, Discovery, the District’s information management specialists team and ActiveNav’s consultants indexed over 200 file share name spaces. The team conducted data review sessions with business units to evaluate suspected ROT data identified by Discovery Center’s out-of-the-box ROT rules.

During phase 2, Decide, ActiveNav worked with more than 400 stakeholders from business units to decide on the value of the indexed data. Some business units identified as much as 40% of their file share data as being ROT, redundant, obsolete, and trivial (ROT) data and had no operational value and was no longer subject to record retention. This ROT would be excluded from migration to the cloud and deleted after final governance review. ActiveNav helped business units restructure their folders to consolidate them and decide what aligned with present day operations. The result was a streamlined and logical folder structure containing files cleansed of ROT. Business units enthusiastically participated, saying they had wanted to do file cleanup for years but did not have the tools required.

Gonzales added, “Change management was also a big piece. We’ve been doing things the same way for a very long time. The technology made it easy so we could truly focus on change management. One of the most successful outcomes of this project to date is how quickly peoples’ behavior changed. I’d say the vast majority bought in very early on, even people that were nervous about this project.”
One of the most successful outcomes of this project to date is how quickly peoples’ behavior changed. I’d say the vast majority bought in very early on, even people that were nervous about this project.

In addition to data cleansing and restructuring, ActiveNav’s file content analysis capabilities were used in support of other information governance objectives, including:

  • Identifying terminology used by business units to help update the District’s records retention schedule.
  • Identifying and categorizing documents related to specific elements of the District’s vast infrastructure such as pumping stations, water treatment plants, dams, hydroelectric plants, reservoirs, pipelines, and canals.
  • Identifying duplicate and overlapping folder paths leading to the same file content.

“I want to emphasize that I look at ActiveNav as having a multifaceted approach to our project in particular. It wasn’t only the software that got us to where we are today, but the capabilities of the ActiveNav team and how we really, truly depended on that to have success in this area,” says Steve Gonzales. “We refer to ActiveNav as our strategic partner and think the combination of their services and its technical solution is really what made us successful.”.

Meeting Future Needs

With ActiveNav Governance, the District was able to complete discovery and prepare to take the next step toward cloud migration. The District plans to further utilize ActiveNav in migrating the cleaned-up file shares into its new cloud repository. Once migrated, the District will use ActiveNav’s file analysis capabilities to categorize, tag and sustain files.

ActiveNav’s combination of services and technical solutions set the District up for the future compliance sustainability, which includes remaining compliant and meeting record management requirements. The District recognized how ActiveNav’s repeatable process of discovering, deciding and sustaining their information governance helped them get their employees to change their behavior and encouraged them to adopt plans and strategies for the future.

The Bottom Line

Again, without ActiveNav I don’t know that our organization would be ready today to take those next steps. Thankfully, it was a very enjoyable project because of those outcomes, and certainly the highlight of my career that, again, I was able to enjoy thanks to that partnership and the outcomes and success that we accomplished together.
Steve Gonzales, Information Governance and Enterprise Content Management Manager at The Metropolitan Water District of Southern California.

Originally published at ActiveNav here.

Privacy Act Review Report

by

The long awaited report reviewing Australia’s Privacy Act 1988 has been released by the Australian Government, proposing significant changes including individual rights modelled on the GDPR, such as the right to request erasure, and notification of databreaches to Office of the Australian Information Commissioner within 72 hours.

Attorney-General Dreyfus’ statement releasing the report says, ‘the Privacy Act has not kept pace with the changes in the digital world. The large-scale data breaches of 2022 were distressing for millions of Australians, with sensitive personal information being exposed to the risk of identity fraud and scams.’

In relation to security, destruction and notifiable databreaches the report states, ‘recent large-scale data breaches have highlighted the vast amount of personal information that is collected and retained by entities, and the need for entities to put in place stronger protections to prevent unauthorised access to Australians’ information. The best way to protect personal information is for entities to minimise the amount of personal information they collect and retain. The Act already requires entities to only collect what is reasonably necessary and to destroy personal information when it is no longer required. This requirement would be reinforced through enhanced OAIC guidelines for entities on the reasonable steps they should take to destroy or de-identify personal information so that they can be in a better position to meet their obligations. In addition, this Report proposes that entities should determine, and periodically review, the period of time for which they retain personal information. There should be a further review of legal provisions outside of the Privacy Act that require certain forms of personal information to be retained. This further work should determine if those requirements appropriately balance the intended policy objectives with the privacy and cyber security risks of entities holding significant volumes of personal information. The Report also proposes enhancements to the Notifiable Data Breach scheme (NDB scheme) so that, when a data breach occurs, quick action can be taken to minimise harm to affected individuals. Proposed new data breach reporting obligations, including notifying the Information Commissioner (IC) within 72 hours of becoming aware of a data breach, would assist with this objective. The Report also proposes further work to better facilitate reporting processes for entities with multiple reporting obligations.’

The Government is now seeking feedback on the 116 proposals in this report before deciding what further steps to take.

Submissions on the report are due on 31 March 2023.

Read the report here – https://bit.ly/3YAZ9b7

Information Lifecycle Management: what is it and how it reduces risk?

by

Most organisations are collecting and generating exponentially increasing volumes of data each year.  However, many organisations struggle to safely and efficiently dispose of data that is no longer needed for regulatory retention requirements or for legitimate purposes, as required, for example, under the Australian Privacy Principles (APPs), the General Data Protection Regulation (GDPR) and the Californian Privacy Rights Act (CPRA). On top of the complexity of keeping track of data within the organisation, the perception that data is ‘the new oil’ and increasingly cheap storage costs are typical reasons why data is not actively managed and disposed of when no longer required. The Optus Data Breach and the increasing number of decisions by regulators in the US and EU underscore the risk and consequences of over-retention of data for organisations.  Most of these decisions on over-retention of data arise from inadequate cyber security and have resulted in monetary sanctions and, […]
Member only content (join now)

ChatGPT Proves a Mediocre Law Student

by

[Note: InfoGovANZ thanks Craig Bell for permission to republish his article here, which was first published on Ball in Your Court] I recently spent a morning testing ChatGPT’s abilities by giving it exercises and quizzes designed for my law and computer science graduate students. Overall, I was impressed with its performance, but also noticed that it’s frequently wrong but never in doubt: a mechanical mansplainer! If you’re asking, “What is ChatGPT,” I’ll let it explain itself: “ChatGPT is a large language model developed by OpenAI. It is a type of machine learning model called a transformer, which is trained to generate text based on a given prompt. It is particularly well-suited to tasks such as natural language processing, text generation, and language translation. It is capable of understanding human language and generating human-like text, which makes it useful for a wide range of applications, such as chatbots, question-answering systems, and […]
Member only content (join now)

OECD Declaration on Government Access to Personal Data held by Private Sector Entities

by

On 14 December 2022, the OECD members adopted the Declaration on Government Access to Personal Data held by Private Sector Entities. It is an intergovernmental agreement on common approaches to safeguard privacy and other human rights and freedoms when accessing personal data for national security and law enforcement purposes, and seeks to promote trust in cross-border data flows, a critical enabler of the global economy. The scope of the declaration consists of three main sections: Legitimate government access on the basis of common values Promoting trust in cross-border data flows Principles for government access to personal data held by private sector entities You can read the Declaration here - OECD Legal Instruments
Member only content (join now)

OECD Declaration on a Trusted, Sustainable and Inclusive Digital Future

by

On 15 December 2022, the OECD members adopted the Declaration on a Trusted, Sustainable and Inclusive Digital Future. The Declaration calls on the OEDC through the Committee on Digital Economy Policy (CDEP) to develop policy standards and guidance for a trusted, sustainable, inclusive digital future for our countries that reflect shared values and put people at the centre. The background to the Declaration is the accelerated digital transformation, particularly since the COVID-19 pandemic, which has brought opportunity and risk, requiring policy makers to develop whole-of-government policy response and manage related risks. The list of actions is extensive and wide-ranging – you can read them here OECD Legal Instruments .
Member only content (join now)

NIST AI Framework

by

The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) released its AI Risk Management Framework (AI RMF 1.0) a guidance document for use by organisations designing, developing, deploying or using AI systems to help manage the many risks of AI technologies. It was released along with a companion NIST AI RMF Playbook, AI RMF Explainer Video, an AI RMF Roadmap, AI RMF Crosswalk, and various Perspectives. To get an overview of the AI national and international regulatory landscape at October 2022, you can read the NSW Information and Privacy Commissioners high-level analysis and overview here - AI National and International Regulatory Landscape - InfoGovANZ
Member only content (join now)

Changes to Australia’s Privacy Act: Overview and Preparation Checklist

by

In the wake of the recent wave of high-profile data breaches at Optus, Medibank and MyDeal, the Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022 was passed by Federal Parliament on 28 November 2022. The Attorney-General referred to the data breaches as having highlighted ‘the potential to cause serious financial and emotional harm to Australians’ and that the Bill sends a clear message that the government takes privacy, security and data protection seriously.

Penalties have been significantly increased under the Privacy Act 1988 (Cth), and the Privacy Commissioner now has increased powers to resolve privacy breaches. The Notifiable Data Breaches Scheme has also been strengthened.

Increased penalties

Penalties for a serious or repeated breach of privacy have significantly increased from a maximum of $2.22 million to not more than the greater of:

  • $50 million;
  • three times the value of any benefit obtained through the misuse of the information; or,
  • if the value of the benefit obtained cannot be determined, 30% of a company’s domestic turnover in the relevant period, which is a minimum 12 months.

In the Second Reading Speech, the Attorney-General stated that, ‘penalties for privacy breaches cannot be seen as simply the cost of doing business. Entities must be incentivised to have strong cyber and data security safeguards in place to protect Australians.’

Strengthened Notifiable Data Breaches Scheme (NDB Scheme)

The existing NDB Scheme has been strengthened in two significant ways:

  • Empowering the Privacy Commissioner to assess an entity’s compliance with the Scheme’s requirements.
  • Providing the Privacy Commissioner with new information-gathering powers in regard to the Scheme’s reporting and notification requirements.

Enhanced enforcement powers

The Bill has also improved the powers available to the Privacy Commissioner to:

  • resolve privacy breaches by empowering the Commissioner to publish notices about specific breaches of privacy or otherwise ensure those directly affected are informed;
  • compel entities to undertake external reviews to improve their practices to reduce the likelihood of them committing a breach again; and
  • provide new information-gathering powers to conduct assessments and new infringement notice powers that can be used if an entity fails to provide information when required, without the need to engage in litigation.

Extraterritorial powers

The Privacy Act’s extraterritoriality provisions have been amended, so that foreign organisations which ‘carry on a business’ in Australia must meet the obligations under the Privacy Act. In the second-reading speech, the Attorney-General explained that the purpose of this amendment is ‘to ensure Australia’s privacy laws remain fit for purpose in a globalised world and to ensure the Privacy Act can be enforced against global technology companies who may process Australians’ information on servers offshore’.

Greater information sharing arrangements

The Privacy Commissioner has the express power to publish a final determination following a privacy investigation as well as information about their final assessment report. The Commissioner is able to publish information about other matters, such as an update about an ongoing privacy investigation, if it is in the public interest.

The Commissioner is also able to share information with enforcement bodies, alternative complaint bodies and privacy regulators for the purpose of the Commissioner or the receiving body exercising their functions and powers. The Australian Communications and Media Authority also now has better powers to share information within government for enforcement purposes.

The aim of the improved information sharing arrangements is to ‘drive better cooperation between regulators in order to deliver better outcomes for Australians’.

 

PREPARATION CHECKLIST

Review the checklist below to see how well prepared your organisation is to demonstrate compliance with the Australian Privacy Act 1988 (Cth).

1. Policy Compliance

Check that Privacy Policies and Notices are up-to-date and compliant.

  • Audit whether your Privacy Policy is being adhered to within the organisation.
  • Audit whether the collection of personal data accords with the Privacy Notice.

2. Data Minimisation

Check – what personal data does your organisation really need to collect?

One of the critical risks to finally receive attention in Australia arising from the Optus and Harcourt data breaches is the over-collection and over-retention of personal data.

Review Privacy Notices and audit personal data being collected to assess whether it is reasonably required to provide a service or to be collected in accordance with a regulatory obligation to collect and retain that personal data.

3. Data Over-Retention

Check the process for securely disposing personal data.

Audit whether personal data is being disposed of when it is no longer required to be retained in accordance with the organisation’s Records and Archiving Policy or with regulatory requirements to retain records.

In light of the recent high profile data breaches, the over-retention of personal data poses a significant risk for organisations in the event of a serious data breach.

4. Data Map

Ensure there is an up-to-date data map showing where data is stored, particularly personal data, which is essential for:

  • robust information lifecycle management, including disposal of data that is no longer required to be retained;
  • responding efficiently to a serious data breach by being able to quickly identify types of data that have been subject to unauthorised access;
  • demonstrating the measures in place to protect and secure personal data in accordance with the requirements of the Privacy Act.

Check whether it includes identifying and locating personal data in all the organisation’s systems including cloud storage and any third-party systems listed on the data map identifying all the locations where personal data is stored.

5. Data Security

Ensure the organisation is prepared to defend against and respond to cyber-attacks and incidents by assessing whether:

  • Organisational IT policies (BYOD, password, data management, IT procurement, network access) are up to date and being complied with (check via audit).
  • Necessary steps have been taken to protect personal data in the custody of the organisation – e.g. encryption being applied to all personal data both in transit and at rest as required.
  • User, application and backend access controls are correct and up to date. Personal data is being held in locations with limited or just-in-time access.
  • Local, cloud-based and third party controlled applications used by the organisation have been tested for security suitability and approved for use.
  • The organisation has fit-for-purpose security software and hardware to assist in the prevention, detection and response to security incidents (e.g. multi-factor authentication on critical systems particularly those with external access, anti-virus/mal-ware suites, actively managed proxy firewalls, intrusion detection systems, enterprise incident response applications).
  • Proactive steps to build security culture and awareness within the organisation are taking place (e.g. training, education, phishing and social engineering exercises).
  • Relevant security information and performance metrics are being reported to executives and the board.

6. Data Breach Incident Response Plan

Check if your data breach incident response plan has been reviewed and updated. Consider the following elements:

  • Are roles and responsibilities during a data breach clearly laid out and up to date?
  • Are there clear escalation procedures and established arrangements to activate internal or external incident response specialists?
  • Does the plan have sufficient detail and guidance to address both deliberate and accidental data breach incidents, as well as internal and external originating threats?
  • Are there protocols in place for the capture and analysis of logs and other records from critical systems in the event of a suspected breach?
  • Does the response plan provide sufficient guidance on how to approach internal and external communications, particularly with media and customers?
  • Has there been a recent data breach response training exercise carried out involving executives, Board and key players listed in the response plan?

7. Robust Information Governance

Implement and/or review the Information Governance Framework and policies to ensure adequate holistic information governance reporting, identifying and monitoring privacy compliance across the organisation, including the various areas of privacy and legal, IT and cybersecurity and records and information siloes.

A robust enterprise-wide information governance framework provides a mechanism to coordinate and collaborate across the organisational siloes and to promote an information and data protection culture led from the top-down to minimise privacy and data breach risks.

At least one-third of all data breaches are caused by human error and many other successful cyberattacks are greatly enabled by human error from within an organisation.  Robust information governance can greatly assist in both minimising data and information risks as well as enabling organisations to maximise data and information value.

Authors: Susan Bennett, Founder and Executive-Director InfoGovANZ and Dr Peter Chapman, Forensic Technology Expert and InfoGovANZ Advisory Board

NSW introduces Mandatory Notification of Data Breaches

by

On 16 November 2022, the NSW Parliament passed amendments to the Privacy and Personal Information Protection Act 1998 (PIPA). The amendments to the PPIP Act aim to strengthen privacy legislation in NSW by:

  • creating a Mandatory Notification of Data Breaches (MNDB) Scheme which will require public sector agencies bound by the PPIP Act to notify the Privacy Commissioner and affected individuals of data breaches involving personal or health information likely to result in serious harm; and
  • applying the PPIP Act to all NSW state-owned corporations that are not regulated by the Commonwealth Privacy Act 1988 

The MNDB Scheme will require agencies to satisfy other data management requirements, including to maintain an internal data breach incident register, and have a publicly accessible data breach policy.  Read the media release and statement here from NSW Privacy Commissioner, Samantha Gavel on guidance and resources to prepare for the new Scheme to ensure the required systems, processes and capability is in place.

The amendments to the PPIP Act can be accessed on the NSW Parliament website here.

InfoGovANZ is delighted to announce a new platinum sponsorship with Ansarada

by

Ansarada is a global information governance platform that companies, advisors and governments rely on for securely managing their critical information in high-stakes processes like deals, risk, compliance, board governance and infrastructure procurement. Ansarada is the software relied upon by business professionals in over 180 countries worldwide.

As businesses grow and get more complex, processes are often the first thing to slip. Ansarada puts an end to inefficient, chaotic, outdated and risky systems by providing a comprehensive toolkit for all things governance. Run everything from risk and compliance to ESG programs to audits in one centralised hub. A little more order, a lot less risk.

Ansarada believes when information and processes are structured correctly, organisations gain the insight and confidence required to achieve better outcomes.  Ansarda’s mission is to protect and raise every company’s potential and we are delighted that Ansarada are committed to working the members of InfoGovANZ and to support the community in achieving global best practices in information governance and innovation. Together we can seek to ensure that the professional discipline of information governance is recognised as a key component of governance strategies to effectively govern, align and manage the risks and opportunities arising from the exponential growth of data in the information age.

We look forward to Ansarada becoming a valued member of the InfoGovANZ community.

RIMPA and InfoGovANZ announce continued alliance

by

InfoGovANZ and RIMPA Global Signature

RIMPA and InfoGovANZ are delighted to announce their continued alliance.

RIMPA has been aligned with InfoGovANZ for some years enabling members to embrace and learn from InfoGovANZ leaders in information governance.

The term ‘information governance’ brings together a broad range of professionals from information and records management, legal, privacy, eDiscovery, cybersecurity and information security, AI, data analytics and infonomics.  InfoGovANZ continues to lead the region on information governance thought leadership, innovations and global best practices through its international community.  RIMPA brings a rich history and expertise in records and information management to the InfoGovANZ community.   Our organisations provide important forums for the latest  learning, education and collaboration for our respective members.

Working towards a global framework, RIMPA embrace what InfoGovANZ represent as the leaders in our region bringing together information governance thought leaders globally to promote best practices.

We look forward to the continued alliance and a range of learning opportunities for our respective members in 2023.

Susan Bennett, Executive Director, InfoGovANZ and Anne Cornish, CEO, RIMPA 

7 December 2022

InfoGovANZ releases the Information Governance Primer

by

Susan Bennett, Executive Director of Australian based think tank, Information Governance ANZ (InfoGovANZ), is delighted to launch the Information Governance Primer, which provides a wide-ranging overview on the fundamentals of good information governance.

In today’s digital environment, the growing number and complexity of challenges associated with data and information have outpaced traditional information and records management practices.  The Information Governance Primer address these challenges by providing a guide to developing a holistic enterprise-wide system to mitigate risks and maximise opportunities.

“The COVID-19 pandemic has highlighted the importance of access to accurate and real-time data for decision-making by senior executives and boards, access and reliability of organisational systems and information for employees to carry out day-to-day work and for decision-making at all levels throughout the organisation and information security and the increasing cyber risks arising from working remotely and the increasing use and reliance on third-party platforms and software.”

The Information Governance Primer was developed to address these unfolding issues and provide practical guidance in how organisations can implement robust governance to mitigate risks. It assists professionals to develop a well-executed IG framework and program, with appropriate leadership to deliver effective security and control of data and information by reducing costs of holding information and maximising the value of information held by the organisation.

The Information Governance Primer not only articulates persuasively the rationale for implementing good information governance, but aims to equip IG practitioners with the knowledge required to build and improve information governance across a range of organisation types including government, corporates and not-for-profits.

Ms Bennett explained, “InfoGovANZ’s mission to build the knowledge of IG, best practices and innovation led to the development of the Information Governance Primer which addresses the critical issues and challenges the IG community faces in creating and deploying effective governance”.

The Information Governance Primer provides a general overview of information governance, covering a range of important factors including the key drivers of IG, benefits of successful IG implementation, an outline of IG models and frameworks plus the role of IG leadership in establishing robust information governance.

The Information Governance Primer is free for InfoGovANZ members and is available here. New InfoGovANZ members receive a free copy when they join. Find out more about membership, including a range of benefits here.

Announcing new InfoGovANZ membership model

by

We are launching an exciting new InfoGovANZ membership model.

The new model provides even greater value for our members with global thought leadership, access to experts, exclusive events, IG insights and resources.

Membership will help keep you up to date with and on top of current thinking on important topics in the IG world, together with the opportunities to connect with the fast growing IG community.

You can find out more about the new InfoGovANZ membership options here.

Key findings from the 2021 IG Industry Report

by

This is InfoGovANZ’s third survey collecting the opinions of practitioners and industry participants charting the development of information governance over the past five years.  The survey engaged 338 participants and highlights the status, priorities and challenges of information governance for organisations in 2021. The IG Report highlights that implementing and maintaining an IG framework is the most important priority for organisations for nearly half of industry professionals, with the three main enterprise-wide drivers of IG projects identified as external regulatory, compliance and or legal obligations(74%); good business management practices(68%); and internal technology restructuring or transition(50%). “While only one in five respondents indicated that COVID had been a driving factor for IG projects, there was a notable increase since our last survey in data breaches, lawsuits and investigations acting as a driver for IG projects – particularly in the corporate sector” said Peter Chapman, KPMG Director, Forensics Technology expert and InfoGovANZ […]
Member only content (join now)

InfoGovANZ Announces Insights 2021 Report

by

Executive Director of Australian based think tank, Information Governance ANZ (InfoGovANZ), Susan Bennett, is delighted to launch the InfoGovANZ Hindsights and Insights Report.  The report sets out the recommendations for actions for leader from leading practitioner experts. The report can be access here - Hindsights and Insights Report - Information governance reflections on 2020 and insights for 2021 - InfoGovANZ. About InfoGovANZ InfoGovANZ is a member based think tank that brings together professionals from different disciplines across all types of organisations to develop and promote information governance best practices. For further information Susan Bennett, Executive Director, InfoGovANZ Ph: +61 2 8226 8546
Member only content (join now)

Information Governance ANZ welcomes three new International Council members

by

Information Governance ANZ (InfoGovANZ) is delighted to announce that Denise Backhouse, Aurelie Jacquet and Richard Kessler have joined its International Committee.   “Denise, Aurelie and Richard are accomplished senior leading practitioners and bring a wealth of experience in their diverse areas of expertise to the Council. I’m excited that they are joining us and I’m looking forward to working closely with them on the latest information governance developments,” said Susan Bennett, InfoGovANZ’s Founder and Executive Director. A recognised leader and innovator in the field of international discovery, US-based Denise Backhouse is a Shareholder and eDiscovery Counsel at global employment and labor law firm, Littler. She is recognised for developing new procedures, leveraging data protection principles and technology to address often conflicting legal and regulatory obligations in local and cross-border employment matters. She is a frequent lecturer and sought-after author and presenter on information governance and cross-border data protection issues. Admitted […]
Member only content (join now)

IG Industry Survey 2021 now open

by

InfoGovANZ has launched our third industry research survey, which has been tracking the development and trends in information governance over the last five years. The purpose of this survey is to collect the knowledge and opinions of practitioners and industry participants in relation to their organisation’s development of IG. We want to know what you think about IG, what IG means to your organisation, what drives your IG projects and your thoughts about IG in 2021. This is a great opportunity for you to share what you think and the industry experiences you’ve had. The IG Industry Report 2021 and the insights obtained from this research survey will be shared with our InfoGovANZ members in the April edition of The Governance of Things. If you are not already a member, you can join here. If you’d like to see the results from our previous surveys, take a look at our 2019 report and our 2017 report. […]
Member only content (join now)

Announcing InfoGovANZ’s International Council

by

Executive Director of Australian based think tank, Information Governance ANZ (InfoGovANZ), Susan Bennett, is delighted to announce the formation of an International Council to bring together leaders and experts with a global perspective from the various multidisciplinary areas that comprise information governance. New International Council members are Sarah Auva'a, Barclay T Blair, Brynmor Bowen, Dr Pietro Brambilla, Ronke Ekwensi, Carol Feuerriegel, Ilana Lutman, Lynne Saunder, Tarun Samtani, Dr Pieter Van Der Walt and Daimhin Warner. Ms Bennett said, ‘In what is increasingly becoming an interconnected space, the new Council will unite leading information governance practitioners internationally to advocate for good information governance.  Talking about best practice and encouraging dialogue, exchange and transmission of knowledge and expertise across national borders makes it better for all of us and is a vital part of developing information governance best practice’. In the months since COVID-19, the world took a collective step forward to embracing […]
Member only content (join now)