In order to have a successful IG (Information Governance) program, one of the eight (8) Information Risk Planning and Management step is to develop metrics and measure results. From your required readings, discuss the value that metrics brings to the organization, and identify critical measures of success that should be tracked.
At least one scholarly source should be used in the initial discussion thread. Be sure to use information from your readings and other sources from the UC Library. Use proper citations and references in your post.
Read the following learning materials.
Alves de Freitas, Andrade dos Reis, E., Senra Michel, W., Gronovicz, M. E., & de Macedo Rodrigues, M. A. (2013). Information Governance, Big Data and Data Quality. 2013 IEEE 16th International Conference on Computational Science and Engineering, 1142–1143.
Tallon, Ramirez, R. V., & Short, J. E. (2013). The Information Artifact in IT Governance: Toward a Theory of Information Governance. Journal of Management Information Systems, 30(3), 141–178.
Tallon. (2013). Corporate Governance of Big Data: Perspectives on Value, Risk, and Cost. Computer (Long Beach, Calif.), 46(6), 32–38.
Turel, Liu, P., & Bart, C. (2017). Board-Level Information Technology Governance Effects on Organizational Performance: The Roles of Strategic Alignment and Authoritarian Governance Style. Information Systems Management, 34(2), 117–136.
Simberkoff. (2016). 5 best practices for information governance and risk management. KM World, 25(8), S30–S31.
Unit 1 Seminar
Why do YOU need to know about Information Governance (IG)?
Manage risks, reduce costs, and maximize value of information
Definition of Information Governance
“The specification of decision rights and an accountability framework to encourage desirable behavior in the valuation, creation, storage, use, archival and deletion of information. It includes the processes, roles, standards and metrics that ensure the effective and efficient use of
information in enabling an organization to achieve its goals.”
The key terms?
Accountability framework for information
Processes, roles, standards, metrics
Effective, efficient use of information to achieve goals
Keeping information safe
Confidentiality is defined as the right of the patient to know that information given is not shared freely either within the organisation where there is no need, or between agencies. Generally information can only be shared when there is consent.
9 Copyright © AIIM | All rights reserved.
Establish an IG Framework
Records are important to any organisation; they are the means of providing evidence and information about that organisation. In simple terms without them there is no way to know who has done what.
Records Management is the term used to cover the processes the Trust has in order to meet its legal and regulatory requirements. This covers any record generated whether paper or electronic and includes staff, corporate and health related records. Record keeping is also a requirement of professional practice e.g. e.g. General Medical Council and Nursing and Midwifery Council.
Good record keeping practices ensures we have accurate and up to date records and that staff can work efficiently and don’t waste time searching for documents. It is important that records management processes are documented and are included in new staff inductions and as part of their continued personal development.
Records management covers the full lifecycle of a record from creation through to disposal. Whether it is a policy, contract, personnel or health record there must be an efficient means of finding it when required. Old records must be retained for set periods of time and then destroyed under appropriate confidential conditions.
Good record keeping is the responsibility of all staff
The Need for Information Governance
Digital data is growing & moving beyond the enterprise
Business value & risk is often unknown & unmanaged
Sharing information with partners &
suppliers is routine
Social networking & mobile access is prevalent
Risk of security breach or data loss is growing
Data Privacy Laws (vary by state)
Freedom of Information Act
Payment Card Industry Data Security Standard
Industry specific regulations (HACCP)
Federal Rules of Civil Procedure
Strategy for IG
Manage all information, not just records
Connect legal, privacy and regulatory retention obligations to relevant information
Retention periods must take into account the business value of information in addition to legal and compliance value
Identify where information is located
Ensure that retention and disposal obligations are communicated and publicized in a language that stakeholders can understand
Allow for flexibility to adapt to local laws, obligations and limitations
Include a mechanism that allows legal and IT to collaborate in
executing and terminating legal holds
Identify and eliminate duplicate information
Update in real time to account for changes in laws, to business and in technology
Information Management Compliance = legal requirements + industry standards + organizational policies and guidelines, and more…
Finding and retrieving information on demand
Controlling access and confidentiality
Monitoring and reporting for enforcement
Secure retention and destruction
Manage Information Risks