Law Technology Today From the ABA Legal Technology Resource Center
Related Articles
In today’s digital world, organizations are dealing with more enormous data and information sets than ever before. IDC predicts that by 2025 worldwide data will grow 61 percent to 175 zettabytes. As data volume continues to grow, companies have less and less transparency into their data environment. This lack of visibility and the inability to manage and act on data effectively lead to inefficient, costly and high-risk solutions when dealing with information governance challenges. Making things more difficult are the ever-changing and complex regulatory requirements that dictate how organizations need to manage their data.
Imagine if you were asked to identify documents from multiple data sources containing PII. Chances are, you would not begin to know all the places this information might be. Now imagine having to do this for large volumes of data in the shortest time frame possible while aiming to achieve high levels of accuracy with your investigation. Are you already feeling overwhelmed? You are not alone!
While data is growing, the regulatory landscape governing it is also becoming increasingly complex. As new regulations continue to emerge, companies are struggling to keep up and frequently finding themselves diverting time and money away from their core business operations to effectively manage their information. At the same time a lack of visibility into data leads to ineffective decision-making that wastes significant time and money.
In order to best manage data, organizations must make significant investments in information governance to ensure security, compliance, sound data management and best business practices. Historically, IG efforts have largely involved manual processes that are unsustainable today considering the larger volumes and more complex regulations.
Technological advancements and modern systems are rapidly changing the face of IG and will continue to shape it well into the future. Artificial intelligence has come to play a major role in the future of IG, but it’s not the only factor making an impact. Equally important is the software that identifies, organizes and accesses the data as well as the hardware infrastructure and system architecture that power and support this software. A company’s processes, protocols and policies driving IG efforts are additional keys to success.
AI and machine learning provide companies with the ability to analyze data and gain insights on a mass scale. While humans will always remain the architects at the center of any successful IG ecosystem, AI and other technologies are crucial to ensuring compliance, reducing time and costs and mitigating the risk inherently involved with manual human processes.
The Fundamental Challenges of Data Management
According to a recent Gartner study, 84 percent of companies self-identify at a low maturity level when it comes to data governance readiness. Most companies today have made minimal or no IT investments in analytics or data management software designed to deal with large data sets, yet they’re still storing and utilizing ever-accumulating amounts of data.
Increased reliance on electronic systems means more data than ever and more data types than ever. As humans use those systems, they’re usually focused on the best and easiest way to get work done, not data organization. All of this results in massive amounts of disorganized complex data stored in different places by different users.
An additional challenge of data management is security and protection. It is essential for companies to know where they are storing sensitive or confidential information so that they can successfully protect it.
AI’s Role in Information Governance
Effective information governance involves a complete ecosystem of modern technology with humans at the center. AI is just one part of that ecosystem, although an important one. The key benefits of AI in IG include its ability to analyze data on a mass scale and automate tasks traditionally performed through time-consuming manual labor. With the introduction of AI, IG has seen exponential improvements in efficiency, creating streamlined workflows that allow an organization to act on compliance and other matters much more quickly than was previously possible.
Machine learning and analytics technologies are already helping companies efficiently perform data analysis on a small scale, as in the case of e-discovery solutions. AI and other modern technologies will help organizations apply the same principles on a much larger scale across an enterprise, allowing an organization to make more proactive decisions based on quantifiable information. In the near future, AI will significantly change the way humans interact with information, with the automation of data identification, classification, retrieval, archiving and disposal all within reach.
How can organizations best capitalize on the advances in AI and technology to improve IG? The answer lies in identifying the right technology to implement, monitor and control the policies, processes and workflows set up by humans.
Data Protection Obligations
As the regulatory landscape continues to change, knowing your obligations and complying with applicable rules regarding personally identifiable information and the global transfer of data are no small feat. New laws have expanded the definition of PII to include a vast range of data types. Managing those new data types on top of the massive amounts of data the average company already has is extremely challenging when relying on manual processes.
The EU’s General Data Protection Regulation has had a huge impact on information governance and data privacy. Under the GDPR, data subjects have the right to ask companies for details of the information companies have on them, as well as demand that the data be handled in certain ways or deleted entirely. For companies to comply with the GDPR, they need to be able to show that they are in full control of their data and data practices.
The GDPR should not be taken lightly. For example, recently the ICO announced it intended to fine British Airways a record £183.39 million over a data breach that compromised the personal information of approximately 500,000 customers.
Another force of change will be the California Consumer Privacy Act, taking effect January 1, 2020, which grants California citizens the right to know what confidential information companies collect about them, why and whether and to whom it will be sold or shared. Consumers will also have the right to access that information or request that businesses not sell it to third parties. In order to comply with the CCPA, companies will need to have clear insight into what data they have and how it is being handled at all times.
The more data organizations deal with, the more challenging it becomes to determine ownership, control and management of any given piece of personal data. AI and other modern technologies help to organize data sources and transform the data into an accessible form for humans to easily consume. Machine learning, deep learning and other AI technologies are designed to sift through massive data sets and efficiently identify PII and other sensitive information in order to allow organizations to effectively and efficiently meet the data protection obligations established by regulations governing the use and handling of PII.
The Takeaway
Data volumes are growing and continually encompassing new data types. At the same time, regulations are becoming increasingly complex and require significant efforts if companies want to ensure compliance. The status quo of human processing for dealing with these requirements is not only time-consuming and expensive but can fail to get the job done.
When it comes to compliance, speed is critical. Companies need to gain the necessary fundamental understanding of where their data is stored, take control of that data and know the content, how it is used and who has access to it to ensure regulatory compliance and mitigate risk. AI and other modern technologies allow companies to understand their data in order to make timely decisions.
Humans will always remain central as the architects of the system, but technology is there to aid them in the process when dealing with the enormous data sets that are now the norm. Intelligent information governance starts with clearly defined data policies, standards and processes. AI then helps companies adhere to those policies, standards and processes. With investment in the right technologies, companies will be well on their way to achieving the sound information security and data management practices that ensure compliance.
Having AI and modern technology in place will allow people to spend more time on meaningful work versus busy “nuts and bolts” work. The future state of IG is not about changing what is being done or wanting to get done, but how it is being done. This philosophy coupled with the principles of Infonomics for measuring, managing and monetizing data will lead to an effective IG strategy and an approach that acknowledges the value of an organization’s information assets. As Peter Drucker famously said, “you cannot manage what you cannot measure.”
