Category: Data Governance

Data Governance GRC Privacy

New Podcast: #GRC and Me – The Blessing of #CCPA

By Rafael Moscatel, CIPM, CRM, IGP on

EPISODE SUMMARY:

Rafael Moscatel, managing director at CAPP, joins GRC & Me to discuss how his background in law and consulting ultimately led him to the world of GRC. He shares how one tweet led to a watershed moment in compliance and privacy, and tells his deeply personal connection to California adoption records. Rafael also explains how CCPA should be viewed as a blessing that helps better understand what’s “under the hood” of your company.

EPISODE NOTES:

Top 3 Quotes

  • “The more that you can show your customers that you’re being a good steward with their data, the more they’re likely to trust you. And from a reputational standpoint and a branding standpoint, that’s always one of the best benefits and one of the reasons that consumers will choose one product or service over the other.”
  • “And I think if you look carefully, the CCPA is quite a blessing. It helps reduce expenses and monetize the information life cycle because you have a better understanding of what’s under the hood in your company.”
  • “…you know there’s not one silver bullet when it comes to preparing data for an information governance strategy, IG is essentially a multidisciplinary type of approach.”

Show Highlights

[01:28] Rafael’s background in law and consulting
[02:35] Discussing Rafel’s company and beginnings
[04:36] The “Olympics of Privacy”
[05:59] A watershed moment in Compliance and Privacy
[08:05] Rafael’s personal connection to records in California
[09:05] The incredible moment Rafael received his birth records
[12:00] The “blessing” of CCPA
[14:11] Rafael’s personal opinion of CCPA
[16:19] Best practices for privacy and policy management
[19:30] Policy management systems
[21:04] How to read more about Rafael’s thoughts on these issues
[22:58] The Little Girl With The Big Voice
[24:03] Vendor Risk Management
[25:00] Being mindful of what’s outside your company walls as well as what’s within them

Resources:

Posted in: , , , ,
No comments
Business Processes Data Governance Privacy Records Retention Policy

7 Ways To Prepare Data In The Age Of Privacy and Information Governance

By Rafael Moscatel, CIPM, CRM, IGP on

7 Ways To Prepare Data In The Age Of Privacy and Information Governance

7 Tips for Data Preparation in the Age of Information Governance

Content may still be king, but now the rights to some of it may belong to the people! In response to the EU’s General Data Protection Requirement (GDPR) and recent stateside efforts to enshrine data protection including the California Consumer Privacy Act (CCPA), organizations are revisiting the efficacy of their Data and Information Governance (IG) programs. Laws and regulations vary by industry and company size but each intend to protect consumer’s personal data by prescribing technical and governance standards backed by stiff penalties for non-compliance.

Notably, while many companies are already familiar with records retention laws, these latest controls also introduce a duty to destroy data once no longer required for a legitimate business purpose. For entities that have grown accustomed to leveraging cheap digital storage, this new responsibility presents a number of logistical hurdles.

However, directives on how you may use your customer’s data or any other information you store doesn’t necessarily have to be burdensome. In fact, these new guardrails present numerous opportunities to implement better governance, monetize the lifecycle of information assets and foster trustworthy relationships that can actually enhance the customer experience.

These 7 tips can help prepare your data to support an IG strategy:

  1. Automate Retention Schedules – Legal and compliance requirements are the cornerstones of corporate governance programs. Yet tracking the multitude of historical and emerging state, federal and international laws and regulations that affect your data decisions can be a monumental task that even the most robust law departments aren’t prepared for. Consider leveraging SaaS software to keep your Risk, Compliance and Legal staff current on the latest citation changes to these nuanced instructions. These tools empower you to defensibly destroy and cleanse costly data no longer useful to your organization.
  2. Cover Your Assets – Satisfying new compliance requirements like GDPR and CCPA means it’s not enough to simply know what kinds of records you keep, you need to know what systems they’re kept in and how that data flows between them. That’s why Chief Data Officers and Enterprise Architects are increasingly embracing asset management tools that not only perform diagnostics on their application stack but allow them to inventory their attributes and map related processes that inform long-term strategic roadmap planning. Tools like these also help support application rationalization projects which in turn aid in classification and disposal of unneeded data.
  3. Introduce Big Buckets – The biggest challenges with enforcing retention across an enterprise are “event triggers” that complicate how long sets of records must be retained. For example, an employee file might be held X years following a termination “event.” Big Bucket strategies allow you to simplify and group “like” records together to support more efficient destruction actions while assuming some risk. Work with your governance partners to determine reasonable standards for a Big Bucket policy and quantifying the acceptable amount of risk your company is willing to assume to achieve cost and efficiency benefits.
  4. Enforce Legal Holds – Cleansing your data lakes and silos to save costs and minimize risk is an exercise in defensible destruction but requires awareness of outstanding legal holds. A company that spoliates evidence subject to a legal hold, even without malice, can be fined and suffer adverse inference litigation rulings resulting in unfavorable judgments. Additionally, healthy oversight of records under a preservation hold doesn’t just make good legal sense, it can also help better identify opportunities for even more defensible destruction, cost reduction and risk mitigation.
  5. Activate File Analysis – The tricky thing about new laws like the CCPA is that they require companies to find and produce data for the consumer wherever it exists. That can be a cumbersome test for many entities that have hundreds or thousands of repositories. Luckily, advanced File Analysis tools can plug directly into your network and help quickly identify sensitive and personally identifiable information (PII). They can also help you deduplicate records and find redundant, obsolete and trivial data clogging your systems, also known as ROT. These tools produce a tangible ROI that management can point to as a prime example of why IG works.
  6. Embrace Content Migrations – Unless you’ve only lived in one home your entire life, you’ve probably experienced the cathartic process of cleansing your old wares in preparation for a move. Bringing in a new content management system is not much different and it’s a unique opportunity to apply retention to your data, discard ROT and provide employees with more accurate knowledge resources.
  7. Bake-in Best Practices – Information Governance is not a “one and done” proposition, it’s a rinse and repeat discipline that only works when management sees to it that organizational culture is along for the ride. These days a basic understanding about data handling is vital for every new hire. Concepts like records retention, data protection and privacy should be part of any overall corporate training plan.

By complementing policy frameworks and toolsets with the types of Information Governance approaches noted here we can better enable our workforce to hone their knowledge skills, achieve defensible destruction and improve audit outcomes. In effect, we are future proofing ourselves for a business world destined to face increased scrutiny and under siege from data breaches and privacy issues with seemingly no end in sight. IG is the bright light at the end of that tunnel.

Rafael Moscatel, CRM, IGP, is the Managing Director of Compliance and Privacy Partners, LLC. Reach him at 323-413-7432, follow him on Twitter at @rafael_moscatel or visit http://www.capp-llc.com to learn more.

Originally published in Document Media Magazine, July 2019.

Posted in: , ,
No comments
Data Governance Information Governance Information Technology Professional Development

Document Strategy Forum Next Week! My Session – Executing the Information Governance Strategy for the Post-Cloud World

By Rafael Moscatel, CIPM, CRM, IGP on

Content. Communication. Strategy.

I’ve attended and spoken at many different “information management” conferences over the years and each has their strengths and weaknesses. But I’m especially excited to speak at DSF ’19 this year, sponsored by companies like OpenText, Quadient, Adobe, PitneyBowes and Doculabs. Why am I so thrilled? Besides the fact that I get to share my thoughts and experiences for the first time representing Compliance & Privacy Partners, this conference is practitioner driven, with a stellar board of advisors that has spent time with its presenters, making sure the content fits the program tracks AND elevates the conversation.

At the very heart of all the buzz surrounding “big data and artificial intelligence (AI) lives a universal truth- Information is the critical asset of every organization. Information flows through people and applications at such a rapid pace that it demands effective management. Enterprises are flying blind if they don’t have an information management strategy. It is impossible to understand customer needs and improve their experiences without the right information feeding decision making systems. Without proper management of info, employee engagement is doomed. The bottom line is that effective information management will dictate critical decisions for both internal and external facing processes that bring the intersection of employees and customers into context. –David Mario Smith in the latest Document Strategy Magazine

I’ll be presenting a best practices deck on Executing the Information Governance Strategy for the Post-Cloud World in the Automation of Information track, covering Records Compliance, Legal Hold Software and Enterprise Architecture Tools.

Agenda:

  • How to build and automate your Information Governance strategy using the right policies, technology, and stakeholders
  • How to recognize the right collaboration opportunities and strategically partner on the projects most likely to support and advance your agenda
  • What approaches to take when introducing your plans to senior leadership and how to effectively manage the optics around your contributions to your company’s bottom line

Tickets may be available if you act now but the event is quickly selling out. You can learn more here.

This slideshow requires JavaScript.

Posted in: , ,
No comments
Artificial Intelligence Data Governance GDPR Information Governance Interview Privacy Records Retention Policy

Harnessing Analytical Insights and Illuminating the Physical Realm of Dark Data – An Interview with Markus Lindelow of Iron Mountain

By Rafael Moscatel, CIPM, CRM, IGP on

Harnessing Analytical Insights and Illuminating the Physical Realm of Dark Data – An Interview with Markus Lindelow of Iron Mountain

Eighth in a series of in-depth interviews with innovators and leaders in the fields of Risk, Compliance and Information Governance across the globe.

Markus Lindelow leads the IG and Content Classification Practice Group at Iron Mountain, the world’s largest information management company, where he’s been pioneering breakthrough analytic techniques for over a decade. He holds a Master of Science degree in Computer Information Systems from Saint Edwards University and consults across a broad set of industries. I interviewed him in November to discuss his thoughts on the evolution of metadata, content classification, AI, and how organizations are using the new pillars of data science to break down their silos, help customers get lean and discover the hidden value in their big data sets.

Markus, you work with all kinds of companies to help them better understand and address the often incomplete metadata tied to some of their most valuable information assets in the form of historical paper records and materials retained over decades. In many cases, institutional memory has been completely lost and they’re struggling to figure out whether to dispose of these business records, balancing costs of over retention with risks of untimely destruction. How does your team leverage diagnostic, predictive and prescriptive analytics to make sense of what little data they might have to make informed decisions?

Our content classification process focuses on making the best use of the available metadata. This means classifying records with meaningful metadata as well as analyzing the classified inventory in order to create classification rules for records with little or no metadata. We have identified a number of attributes within the data that tend to correlate with classification conclusions. We assess the classified records associated with an attribute to create a profile that may inform a rule to classify the unclassified records sharing that same attribute…

If, for example, there are 100 cartons associated with pickup order XYZ, 90 of those cartons have been classified, and furthermore all 90 are classified to ABC100, can we create a rule to classify to ABC100 the 10 unclassified cartons belonging to pickup order XYZ? Clients may need to weigh the risk when applying this type of classification rule and the process may include a random sampling of cartons for physical inspection in order to verify the classification.

There’s usually a disconnect between the needs of information managers and legislatures which set retention periods for records. We see this in regulations where the granularity of both fixed and event based retention triggers complicates the practical management of records. Over the years, strategies like “big buckets” have attempted to lessen this challenge but even the best efforts are imperfect and carry their own risks. What can be done to better bridge the divide between the need for due diligence in retaining records and the business case for a more practical solution?

There are two pieces to the puzzle of records management: classification and retention. A records retention schedule needs to be straightforward enough to implement so that users can apply record codes to records. But the retention periods for the record classes need to be specific enough so that some types of records are not being over or under-retained because they are being grouped with other records…

Read the entire interview and more in my new book on leadership in the information age, Tomorrow’s Jobs Today.

Posted in: ,
No comments
Artificial Intelligence Data Governance Ethics Information Governance Information Technology Professional Development

Book Review: Infonomics – How to Monetize, Manage, and Measure Information As An Asset For Competitive Advantage by Douglas B. Laney

By Rafael Moscatel, CIPM, CRM, IGP on

Are CFO’s finally ready to heed the advice of their Chief Data Officers and begin adding information assets to the balance sheet?

Although the commonly used quote “There is nothing more powerful than an idea whose time has come.” is regularly and erroneously misattributed to Victor Hugo, originating from his account of the French coup d’état of 1851 that brought Napoleon III to power, I feel it’s almost appropriate for Douglas B. Laney’s passionate argument on Infonomics. It’s an idea he’s been meticulously developing and arguing for almost two decades and has at last fully articulated in his latest book published by Taylor & Francis entitled Infonomics: How to Monetize, Manage, and Measure Information As An Asset For Competitive Advantage. Laney previously published his thoughts on Infonomics in Forbes back in 2012.

This brilliantly researched book, supported by industry giant Gartner, is steeped in both a mastery of information technology as well as economics, in particular accounting methodology and complementing business disciplines that range from supply chain economics to compliance frameworks.

Laney, with brevity and unfailing pragmatism, weaves his impressive understanding of the business of information, it’s flow and it’s enormous potential into a convincing pleading that I believe is a must read for not just the aspiring digerati, but any CFO, Chief Data Officer or executive hoping to survive and thrive in the Information Age.

Continue reading “Book Review: Infonomics – How to Monetize, Manage, and Measure Information As An Asset For Competitive Advantage by Douglas B. Laney”

Posted in: ,
No comments
Data Governance Ethics GDPR Information Governance Privacy

The Olympics of Privacy in Brussels!

By Rafael Moscatel, CIPM, CRM, IGP on

Debating Ethics: Dignity and Respect in Data Driven Life, the 40th Annual Conference of Data Protection and Privacy Commissioners

Two Americans walk into a EU Privacy Conference…

Just a few weeks ago, a colleague reached out and reminded me “the Olympics of Privacy” were being held at the EU Parliament in Brussels in late October, and also if I’d like to attend. Well, how the heck am I supposed to turn down an invitation like that? After all, this is the year of GDPR, the NYDFS, the new California Privacy legislation and the ICDPPC has leaders like Mark ZuckerbergSundar Pichai, Tim-Berners Lee, Jagdish Singh Khehar and even the King of Spain all lining up to share their thoughts.

We want to stimulate an honest and informed discussion about what digital technology has done and is doing to do to us as individuals and as societies, and to consider future scenarios. We want to better understand the impact of technology on people of all generations, in all parts of the world, including the way people think, interact with others, develop their opinions, create art and write, how they buy and sell and how they participate in civic life.  – Privacy Conference Statement

Mark and Sundar are likely showing up because they realize the stiff penalties now associated with data security and privacy violations and the rest of the speakers realize that we are on the cusp of a digital and ethical revolution of sorts, one which will affect generations to come. In fact, Debating Ethics: Dignity and Respect in Data Driven Life is probably the most important privacy conference of the 21st century. My wife Abby Moscatel, an attorney and ethicist heard about this lineup and quickly said, yeah… I’m coming with you to this one!

Continue reading “The Olympics of Privacy in Brussels!”

Posted in: ,
No comments
Business Processes Data Governance Information Governance Interview Privacy Professional Development Records Management Records Retention Policy

Navigating The Global Digital Economy – An Interview with April Dmytrenko, CRM, FAI

By Rafael Moscatel, CIPM, CRM, IGP on

Navigating The Global Digital Economy – An Interview with April Dmytrenko, CRM, FAI

Seventh in a series of in-depth interviews with innovators and leaders in the fields of Risk, Compliance and Information Governance across the globe.

April Dmytrenko - Information Governance Perspectives

April Dmytrenko, CRM, FAI is a recognized thought leader in the field of information management, governance, compliance, and protection. As both a practitioner and consultant, she works with global organizations on key initiatives and best practice approaches for the enterprise; developing sustainable solutions; integrating legally compliant programs focused on information/digital assets; motivating and facilitating multi-disciplined groups to collaborate on achievable goals; and building strategic partnerships with internal and external teams. She serves on industry action committees and governing and editorial boards, and is an active industry speaker, trainer, and author. I had the pleasure of sitting down with April this September to discuss privacy, the role of industry associations and key concerns for leaders navigating the global digital economy.

April, almost five years ago I asked what the next big frontier would be for those of us managing data, and more importantly where the jobs would be. You wisely predicted that privacy would be on the horizon. Well we now have a number of legislatures drafting regulations and CPO positions can’t seem to be filled quickly enough. Do you believe there is still time to enter this emerging field and make an impact?

Right now we are experiencing an amazing transformation of the business environment based on many things but particularly the evolution of technology and the global digital economy. It is indeed an exciting time but we are acutely “headline news” aware of the impacts of compromised data security and privacy, including financial impact on brand and reputation, litigation, and the overall burden and distraction on the business. The exponential growth rate of incidents of data theft, damage, loss or inadvertent disclosure continues to expand not only in frequency but scope, and complexity. While privacy concerns gained attention over 100 years ago, and became topical about 15 years ago, it is still truly in an infancy state. Privacy offers IG professionals a rich and important opportunity to expand their leadership or advisory role in maturing a unified approach to protection, compliance with laws and regulations, and incident response and recovery.

April Dmytrenko - Governance - Not Taking Risks
Courtesy ARMA International

In your role as a fellow of ARMA International, you’ve helped to connect organizations with practitioners who truly understand the discipline and benefits of Information Governance. How has this evolved over the years and what steps do you think organizations like ARMA and the ICRM need to keep taking to remain relevant?

This is a great question as the core IG professional organizations have been dealing with an identity crisis for some time, and still struggle to have a clear and concise “elevator speech” on mission and value. IG, while it has a wide breath, has many in the industry confused, and still is a term that does not universally resonate with senior management. These associations have tremendous value and passionate support but numbers speak volumes and membership and conference attendance have been decreasing for years. We are seeing the technology vendor market taking over a leadership role and may serve as the new defining force in setting direction and guiding the industry – self-serving yes but it could be what is needed going forward. I am not concerned about relevance as it will continue to be all about information and technology, and the management, protection and leveraging of information asset. While the role of a traditional Records Manager may not continue to be relevant, I don’t find it concerning – the relevance is in the work and it evolves…

Read the entire interview and more in my new book on leadership in the information age, Tomorrow’s Jobs Today.

Posted in: ,
No comments
Archives Data Governance Ethics GDPR Information Governance Information Technology Privacy

You Think You Don’t Know Enough About GDPR? You Are Right and Here’s How

By Rafael Moscatel, CIPM, CRM, IGP on

The EU has taken the first step in protecting the data and privacy of its residents. Through the enactment of the General Data Protection Regulation (GDPR), people are now able to have the protection they are looking for online. This means changes for businesses everywhere that are planning to reach consumers in the EU.

Companies need to look at the way that they are handling the personal data of their customers and have an action plan in place to ensure their privacy is protected. Without a strong understanding of what the GDPR means and how it affects your business, you could find yourself in a situation with the EU that you didn’t count on.

Fifteen members of Forbes Technology Council discuss some of the more unexpected consequences of the new GDPR regulation. Here’s what they had to say:

1. Restriction Of Privacy And Innovation

GDPR is the latest version of Y2K compliance — long on speculation and fear, short on reality. In my opinion, regional enforcement of global technology is an impossibility and will restrict — not enhance — privacy, freedom and innovation. The result will be regions of non-compliance (GDPR havens), enormous expense and uncertainty. – Wayne LonsteinVFT Solutions

2. Roadblocks For Blockchain Data Storage

GDPR could impact the decisions and data sets being stored and collected in emerging private and public blockchains. This may create roadblocks for companies looking to embrace blockchain to store any data that may fall under GDPR. – Aaron VickCicayda

3. Opt-In Fatigue

One of the most unexpected consequences of GDPR is the wave of new regulations in jurisdictions outside of Europe, including California, New York and perhaps soon in Asia. Another unintended impact is “check the box” fatigue where opt-in consent language is presented so frequently on websites and apps that consumers don’t read the consents and just check the box, waiving their privacy rights. – Silvio Tavares, CardLinx Association

4. Poor Customer Service

One GDPR byproduct distortion or unintended consequence is excessive regulation leading to poor customer service. The pendulum has swung too far and will be moderated by citizen feedback. – Jeff BellLegalShield

5. Small Businesses Getting Hurt

The companies that are best prepared for GDPR are the big ones: Facebook, Google, Amazon — those that have the money to pour into their tech and legal teams for ultimate compliance. The small and medium-sized businesses, however, may be less prepared, making them more vulnerable to potential fines and penalties. – Thomas GriffinOptinMonster

6. The Slow Death Of Free Services

If a service is free, then your data is the product. We all love using Facebook, YouTube and the many other social media platforms. However, we fail to realize how these businesses operate. If regulations strangle business, then the alternative is a paid model. Just look at YouTube and how it’s strugglingwith its paid subscriptions. – Daniel Hindi, BuildFire

7. Talk About Similar Regulation In The U.S.

The most unintended consequence has been the multitudes of discussions about a similar impending regulation in the U.S. In fact, reading between the lines of Facebook’s testimony to Congress, it is clear to me that tech leaders realize more care ought to be given to sensitive data, and users should have more rights. They are preparing for coming regulation stateside. – Michael RoytmanKenna Security

Read more on Forbes:

https://www.forbes.com/sites/forbestechcouncil/2018/08/15/15-unexpected-consequences-of-gdpr/#2ce5537f94ad 

 

Posted in: ,
No comments
Data Governance GDPR Information Governance Interview Privacy Professional Development

Using Blockchain for the Common Good – An Interview with Ashish Gadnis of BanQu

By Rafael Moscatel, CIPM, CRM, IGP on
BanQu - Information Governance Perspectives

Using Blockchain for the Common Good – An Interview with Ashish Gadnis of BanQu

Sixth in a series of in-depth interviews with innovators and leaders in the fields of Risk, Compliance and Information Governance across the globe.

Information Governance Perspectives - Ashis Gadnis of BanQu discusses Blockchain

Ashish Gadnis is CEO of BanQu, Inc. and a recognized thought leader in the blockchain community. He chairs the Financial Inclusion Working Committee for the Wall Street Blockchain Alliance and travels the world explaining how this revolutionary new technology is transforming the way we think about supply chain economics. He holds an MBA from the University of Minnesota’s Carlson School of Management and graduated from the Global Leadership and Public Policy program at the Harvard Kennedy School of Government. I spoke with him this July about blockchain, business administration and professional development.

Ashish, you recently spoke at the MER conference where the theme was “Records for Humanity,” how data governance impacts the human condition. And your company, BanQu, offers a unique solution to the challenge of extreme poverty by leveraging blockchain. With BanQu, people ensure their economic identity with an immutable record of their transactions in a system benefiting the entire supply chain. But how exactly do you, your clients and big brands set about prioritizing and realizing these goals?

Over the last two and a half years we’ve realized that 2.7 billion people, that includes refugees displaced and those in extreme poverty zones, participate in some sort of a supply chain. That can mean you’re the poorest farmer in Congo growing coffee, cacao or shea butter, you know, the ingredients that go into cosmetics, and your contributions show up in brands like eight dollar lattes and expensive body lotions. And in examining this, we realized that that current models for getting people out of poverty have failed. Those models have failed because they look at the ability to help people out of poverty separate from enabling people in poverty to participate in the supply chain. And so we actually took the other route. And nobody had ever done it. We said, “What if the people who are absolutely in that last mile, if they get to equally participate?” Then the value for the brand is suddenly more relevant.

Let’s use a simple example. If you’re buying cacao in Ghana and you’re a large chocolate company, there’s a good chance today that your last mile farmers are extremely poor and also invisible. No matter much traceability, transparency or fair trade you implement, until and unless that farmer can participate in his data, to know for example “I’m selling 40 kilos every other week to this big brand,” then that farmer will continue to live in poverty. And this is kind of a long answer, but the detail is important because that poor farmer today has everything stacked against him or her, especially if conditions are so rough. I was just in Zambia a week and a half ago and I saw firsthand some of this problem, which was that women farmers have to borrow at a higher price point.

Women farmers are always at the short end of the stick because they’re not allowed in many cases to prove their history. So what happens if you happen to be selling 40 kilos upstream and there are seven middlemen… after I sell my coffee… somebody picks it up, then brings it to somebody else, the next one goes to the warehouse and eventually you’ve lost the ability to track. And while the internet has come to people in poverty it hasn’t pulled people out of extreme poverty permanently. There’s mobile money, there’s big data, AI, etc., but none of those models actually have ever allowed that mother, that farmer, to participate equally.

When I say participate equally, it’s very basic. To me participate equally means that one, she has a physical (stored digitally) copy of that transaction that nobody can ever steal or manipulate. Two, she has the ability to prove her transaction history which legitimizes her existence in that supply chain. And three, it allows her to now leverage that data in a way that reduces her cost of borrowing. It allows her to be portable. That’s how we decided to look at blockchain and nobody in the world has ever done this. People keep talking about how they’re going to use blockchain for good and we’re the only ones doing it everyday, taking a commercial approach while being simultaneously deeply purpose driven. We started a for profit, for purpose software company and now the largest brands are coming to us because it solves two sides of the problem for them. One side is that the supply chain now becomes more cost effective and efficient. They get better visibility into the supply chain in terms of quality, market access and forecasting which enables an ecosystem for crop insurance, climate protection, education. And the other side of the coin is now they can start addressing issues like gender equality, labor rights and other important issues.

Read the entire interview and more in my new book on leadership in the information age, Tomorrow’s Jobs Today.

Posted in: ,
No comments
Business Processes Data Governance Information Governance Professional Development Records Management Records Retention Policy

Less is more, gaps are opportunities and relationships matter: A Case Study in Information Governance at #AIIM2018!

By Rafael Moscatel, CIPM, CRM, IGP on

AIIM 2018 is just around the corner and I’m thrilled to be presenting my Case Study at this great conference which takes place April 10-13th, in San Antonio! Hope you can join me and so many like-minded in San Antonio this year or later in May when I’ll also be speaking about a program which was recently honored by ARMA International with its Excellence for an Organization Award!  Here are a few slides from my session which will be held on April 12th at 5PM.

This slideshow requires JavaScript.

Posted in: , ,
No comments
Business Processes Data Governance Ethics Information Governance Interview Professional Development Records Management

Directing The Flow Of Information – An Interview with Jones Lukose of The International Criminal Court

By Rafael Moscatel, CIPM, CRM, IGP on

Directing The Flow Of Information – An Interview with Jones Lukose of The International Criminal Court

Second in a series of interviews with leaders in the fields of Risk, Compliance and Information Governance across the globe.

Jones LukoseJones Lukose, MBA, PhD is the Information Management Officer for the Criminal Court in the Hague and has over twenty years of experience developing and implementing strategies to achieve operational effectiveness and regulatory compliance for engineering firms, in energy and utilities sectors as well as for international and judicial organizations in Africa, Europe and the Americas. I interviewed him this past February to learn more about his unique insights into information management fundamentals and our future.

Jones, your work and research has taken you to many corners of the world including Kenya, Rwanda, Botswana, Jamaica, Uganda, the UK and now the Netherlands. It’s there you presently direct an important Information Governance program for the International Criminal Court.

What do you consider the most common theme in the information management challenges you’ve faced across so many unique cultures and how has that experience shaped how you think about solutions for international organizations?

I have worked in organisations where data is everywhere but the common challenge has been that it seems no one is directing its flow. There is a lot of evidence of information collected and stored that does not fit with the organisation’s strategy. The organisation may say that it is going in a particular direction but the data it holds does not provide the required evidence or proof.  My experience in this regard has led me to reconsider my role in the organisation as an Information Manager. In such environments, it is my first priority to help determine the real purpose and value of data to the organisation. In other words lend a hand in crafting the strategy of the organisation by leveraging information management.

How can we, as information management practitioners, as data stewards, effectuate best practices in our workplace in the face of constant, sometimes paradigm shifting changes in technology?

We now live in a world where small sets of information can alter the economies of the most powerful organisation and states on the planet. It is a world, where small streams of sensitive information can digitally leak and cause violent reactions from people living far and beyond the source. Tiny words or images transported via exotic technology can lead to wide-spread panic across whole populations even wars. A world where information is fragmented infinitely raising an infinite number of world views and identities. It is a world where the same information is interpreted differently in space and time. It is a world where information is presented in constant flux with the only constant being surprise.

Whatever your personal convictions, I challenge you to consider that we need a new way of looking at information management. It won’t help to retreat to our old maps and models because the more frustrated we become. We need new information management techniques to navigate the chaos, filter the wrong and point us to the significant. The new information manager will thrive and even love to embrace the chaos of information by applying new lenses and insights. He or she should be ready to be inspired to experiment and try out new ideas and solutions.

Read the entire interview and more in my new book on leadership in the information age, Tomorrow’s Jobs Today.

Posted in: ,
No comments
Data Governance Information Governance Records Management Records Retention Policy

Farmers Insurance Wins Trade’s Highest Award For Records And Information Governance

By Rafael Moscatel, CIPM, CRM, IGP on

Earlier this month, Farmers Insurance Group, Inc. was honored with the highest award for Records Management and Information Governance, “Excellence for an Organization,” by ARMA International. The award recognized the achievements that our organization has made in the implementation and enhancement of our Records and Information Governance program as defined by the Generally Accepted Recordkeeping Principles® and the ARMA Maturity Model®. ARMA announced the award in InfoPro Magazine and at the ARMA Live Conference in Orlando.

ARMA 8

Posted in:
No comments