Information Governance Day

There is no doubt that AI presents an unprecedented amount of opportunity, from harnessing more value out of data to the detection of risks. The presence of AI has meant that there is a clear shift on how we handle information, but this transformation does not come without associated risks such as data quality, biases and privacy infringements. A whitepaper by AvePoint found that the top 3 concerns of AI implementation in organisations are Data privacy & security (71%), Quality & categorisation of internal data (61%), and Integration complexity (59%). 

With 144 countries enacting national data privacy laws, it is no wonder that 71% of respondents had data privacy and security concerns, as those data privacy laws mean that approximately 6.64 billion people fall under the protection of some form of national data privacy legislation. Therefore, organisations must prioritise the tracking and governing of global AI governance and data privacy laws and the associated policies surrounding these areas.  IAPP “Global AI Law and Policy Tracker” is a useful source to keep abreast of changes within this area as constant monitoring is required as new legislative developments are created. 

Whilst keeping abreast of the changing and evolving legislation is necessary, so is a holistic and integrated Information Governance Strategy that integrates technical, legal and strategic considerations.

The development of a robust and tailored Framework not only supports an organisation to meet their legal requirements and obligations, but it:

• Champions strategic oversight by removing silos and inconsistencies
• Improves reputation, accountability and integrity through the mitigation of risks
• Protects data privacy by embedding Privacy-By-Design throughout the lifecycle  
• Supports environmental, ethical and operational goals
• Optimises data value and reduces costs

In a recent PICCASO Lab Workshop “AI and Information Governance in Action”, attendees discussed practical strategies for managing data and compliance. The group collaborated on how best to develop and implement practical and comprehensive strategies to Information Governance, some key takeaways included:

• Start with the basics of understanding the current state of information, including knowing what data you have, where it is located, where the risks/gaps are and what opportunities exist. 
• Know the compliance and control obligations based on industry, location, policies and legal requirements. 
• Consider the culture and risk appetite of the organisations and ensure executive sponsorship. 
• Break down silos and foster collaboration across departments.
• Remediate legacy data and information.
• Develop a program for ongoing management and monitoring, including training and awareness.

For further insights on this topic, please download the “Managing risks and unlocking potential of data through Information Governance” Whitepaper.