Gartner Blog Network


All Content Is Equal In the Eyes of the Law

by Marko Sillanpaa  |  October 22, 2019  |  Submit a Comment

One of the common misconceptions I hear from organizations is that they do not need to worry about records management. This is from both end-users and vendors. Once content has completed the business process, they feel they can do “anything” they want with the content. When a contract expires, delete it. When an employee leaves, delete it. When taxes have been filed, … well those documents we need to keep.

Gavel of the Law

Records management is the big stick of managing content. The easiest time to get buy in for a records management program is after a member of C-staff, in a court or a deposition, is unable to produce a requested document. Many records management systems have been implemented after such scenarios. Records management is reactive. Many executives have forgotten that there is a business reason why organizations create content. This also means there’s a business reason to keep it.

Content, that is evidence of a business transaction, a customer interaction, or response to an event, has legal standing. Federal, state, and local government regulations generate reasons to manage content. Content generated in on-boarding and off-boarding can have evidentiary value. As processes cross local and national boundaries the legal and regulatory roles of content becomes more complex.

Controlling your organization’s content is not an option. It’s a requirement. There is no difference between electronic and paper documents. A lost document can result in adverse action in audits or litigation. Organizations can’t simply say, “we don’t know where that document is located.” Yet we continue to build application silos that don’t take this into consideration.

Today, it’s about protection of content. The GDPR, in Europe, and CCPA, in California, makes protecting content that has personally identifiable information a requirement. By asking your customers for their personal information, your organization now has the responsibility to protect that content. Not knowing where this content is located and that it’s protected can put your organization at risk of fines.

Organization need to take an active role on governing their information. Organizations need an inventory it’s content, know why it’s kept, where it’s located, and how it’s protected. Without this information you are creating organizational risk. It’s an area of risk that can easily be managed with a formal information governance program.

Here are more posts from the CuSP.

Additional Resources

Stage Planning a Business-Outcome-Driven Enterprise Architecture

Enterprise architecture and technology innovation leaders recognize the need to focus on business outcomes but lack a structured approach to guide both project and digital product execution. Creating a stage plan will provide the structure to guide, mature and build a world-class EA capability.

Read Free Gartner Research

Category: application-leaders  enterprise-architecture  

Tags: content-services  csp  ecm  records-management  rm  the-cusp  

Marko Sillanpaa
Sr Director Analyst I
1 year at Gartner
25 years IT Industry

Marko Sillanpaa is a Research Director within the Digital Workplace, Content and Insights group. Mr. Sillanpaa has extensive knowledge of content services platform (CSP) (formally, enterprise content management [ECM], content collaboration platform (CCP) (formally, enterprise file sync and share [EFSS], and legal document technologies. He has more than 20 years of experience in information technology focusing on ECM technology. He has worked for various ECM vendors and consultancies, advising on product strategy, ECM strategy for various industries. He has a deep understanding of the capabilities and challenges in implementing complex solutions and he applies this in his advice to clients, offering pragmatic guidance to complex tactical and strategic problems.Read Full Bio




Leave a Reply

Your email address will not be published. Required fields are marked *

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.