Heads Up: COVID-19 Disruptions Can Add to Data Woes
Disrupted data environments may lead to unwanted data accumulation
As the COVID-19 pandemic displaced employees from office buildings to living rooms, the corporate data landscape began an inevitable metamorphosis. An array of communications channels (think Zoom and Slack) has proliferated to enable continued collaboration. Data has been rerouted. New data sources have been created or accessed. Workflows have been revised.
Nearly a year into the pandemic, many organizations still confront a hodge-podge of official and unofficial remote applications that will undoubtedly add to the growing accumulation of corporate data stockpiles, assuming, of course, that companies can corral it in the first place. Some of it may be critical to operations and will need to be retained and managed. Much of it, however, will likely be redundant, obsolete, and trivial data, colloquially known as ROT, which presents an ongoing challenge for most organizations today.
ROT takes both an obvious and subtle toll. According to the Compliance Governance and Oversight Council’s (CGOC) 2018 Information Governance Benchmark Survey, 60% of the volume of enterprise data then had no business, legal, or regulatory value — a number which is bound to be on the rise, given current circumstances.
Retaining important data is crucial, of course. Retaining unneeded data makes it more difficult for business people to make evidence-based decisions and comply with regulations. From a litigation and investigations standpoint, the more data there is to find, process, and review for potential discovery, the greater the cost and risk in pursuing those efforts. ROT also increases the downside fallout from a cybersecurity breach.
COVID-19 isn’t helping.
In truth, we don’t know COVID’s true impact on ROT yet, but we can make an educated guess. The pandemic has led to a sudden expansion of remote work, often necessitating patchwork solutions for companies to address their own and their customers’ needs. As the pandemic persists, distributed teams are turning to any number of new ways to collaborate, oversee projects, close contracts, and manage budgets, creating ever more sources of data.
With employees working from home, it may be difficult to track those who are using personal computers, additional external devices, email accounts, texting applications, or third-party sharing sites, such as Slack, Zoom, Microsoft Teams, Google Meet, Google Chat, Trello, Basecamp, WhatsApp, Viber, Snapchat, Facebook Messenger, Google Drive, and DropBox, any of which may or may not be sanctioned by the enterprise. As any data stream grows, so does the ROT it contains, which could ultimately end up in the corporate stockpile.
Litigation on the rise.
At the same time, the potential for increased litigation and investigations is a threat for many organizations as COVID-driven misbehavior continues to rise, impacting possible preservation efforts that will involve larger and larger data collections. Finding what matters is made more difficult in data stores bloated by ROT.
No matter what, employees will create new data every day and inevitably some of it will be worthless past the moment. Reducing ROT comes down to accurately defining what data has business, regulatory, or legal value and what can be defensibly disposed of.
Re-evaluate Info Gov processes.
Whatever information governance plan an organization had in place before COVID, it is time to re-evaluate. Many companies face the over-accumulation of data due to information governance processes that are immature or, because of COVID, need revision. The likelihood of COVID-related litigation and discovery makes improving data governance and reducing ROT data a priority.
To prevent the additional accumulation and storage of ROT, in-house legal and IT departments would be wise to take a hard look at the way their in-house programs are operating now to determine whether a COVID-driven data buildup is in the offing.
Monitor adherence to policies.
To the extent possible, in-house teams should carefully monitor whether employees are using approved devices and secure data locations. Limiting where workers create and store data helps to avoid over-accumulation of ROT from the start. Reviewing these channels should coincide with potentially revising and communicating company policies on approved applications consistently and effectively. Leaders should make sure employees are aware of official channels, how to best use them, and the risks of creating data on unsupported applications.
Review classification systems.
Organizations with data classification systems in operation may require adjustments for COVID-related litigation. Information that was once non-characterized may be relevant now to claims involving discrimination, whistleblower retaliation, workplace safety, workers’ compensation, the Families First Coronavirus Response Act (FFCRA), the Family and Medical Leave Act (FMLA), the Worker Adjustment and Retraining Notification (WARN) Act, and wrongful termination.
Look to automation.
Given the amount of data businesses generate across myriad applications, in-house and IT departments benefit from moving away from manual processes. Implementing an advanced technological solution that classifies, retains, and eliminates data based on established rules ensures the organization preserves valuable data while eliminating ROT.
When COVID litigation and investigations go into full swing, an organization’s information governance program, backed by expertise, quality control, and testing, will enable a timely response to discovery requests and, should a challenge arise, effectively defend its retention and disposal policies. Getting rid of ROT, or finding ways to limit its accumulation, can only help such efforts.
Click here to download more information about ROT.
For information on H5 can assist with data classification, click here.