One of the common misconceptions I hear from organizations is that they do not need to worry about records management. This is from both end-users and vendors. Once content has completed the business process, they feel they can do “anything” they want with the content. When a contract expires, delete it. When an employee leaves, delete it. When taxes have been filed, … well those documents we need to keep.
Records management is the big stick of managing content. The easiest time to get buy in for a records management program is after a member of C-staff, in a court or a deposition, is unable to produce a requested document. Many records management systems have been implemented after such scenarios. Records management is reactive. Many executives have forgotten that there is a business reason why organizations create content. This also means there’s a business reason to keep it.
Content, that is evidence of a business transaction, a customer interaction, or response to an event, has legal standing. Federal, state, and local government regulations generate reasons to manage content. Content generated in on-boarding and off-boarding can have evidentiary value. As processes cross local and national boundaries the legal and regulatory roles of content becomes more complex.
Controlling your organization’s content is not an option. It’s a requirement. There is no difference between electronic and paper documents. A lost document can result in adverse action in audits or litigation. Organizations can’t simply say, “we don’t know where that document is located.” Yet we continue to build application silos that don’t take this into consideration.
Today, it’s about protection of content. The GDPR, in Europe, and CCPA, in California, makes protecting content that has personally identifiable information a requirement. By asking your customers for their personal information, your organization now has the responsibility to protect that content. Not knowing where this content is located and that it’s protected can put your organization at risk of fines.
Organization need to take an active role on governing their information. Organizations need an inventory it’s content, know why it’s kept, where it’s located, and how it’s protected. Without this information you are creating organizational risk. It’s an area of risk that can easily be managed with a formal information governance program.
Stage Planning a Business-Outcome-Driven Enterprise Architecture
Enterprise architecture and technology innovation leaders recognize the need to focus on business outcomes but lack a structured approach to guide both project and digital product execution. Creating a stage plan will provide the structure to guide, mature and build a world-class EA capability.Read Free Gartner Research
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.