Summer’s coming to an end which means it’s time to wrap up our Summer “Hot” Topics series! For the last session of this three-part series, Zasio’s Consulting team will discuss the fundamentals of data minimization and approaches industry professionals are undertaking to successfully practice data minimization within their programs.
Not only is implementing the privacy principle of data minimization into your IG or RIM program a logical approach, but it’s an opportunity to reinforce shared objectives! During this session, you’ll learn the best practices in the industry and the host of benefits practicing data minimization can deliver including:
- Reduced Costs Associated with Storage and Litigation
- Mitigated Risks Associated with the Over Retention of Personal Information
- Risks of Breach
- The Overall Ability to Get a Handle on Your Information and Maintain Compliance
If you have questions about data minimization in information governance or want to gain a better understanding of the practice, then we want you to join our discussion!
Date: September 14, 2022
Time: 9:00 a.m. – 10:00 a.m. Mountain Time
Please submit any questions you’d like our panelists to discuss to Sabrina Slattery at sabrina.slattery@zasio.com. Questions submitted in advance will get priority in the live discussion.
Catch Up On Past Sessions
2022 Virtual Coffee Sessions
July 20, 2022
Theme: RIM Considerations in Planning for Litigation and Legal Holds
Topics:
- What is the who, what, when, where, why, and how of litigation hold process?
- What is the Electronic Discovery Reference Model?
- How does defensible disposition and effective RIM practices make the whole process easier?
- How important is a data map in the planning phase?
- What tools are recommended for searching and finding electronically stored data (ESI).
- Are overall eDiscovery standards formalized in respective organizations?
May 18, 2022
Theme: Best Practices for Electronic Records Management
Guest Panelist: Warren Bean, CRM, CISM, Sr. Sales Engineer and Product Development Manager
Topics:
- Are there records that should be maintained in hard copy, or both hard copy and electronic?
- What are the best practices for naming conventions, AD groups, and filing structures?
- How can you best take inventory of existing electronic records in order to know what needs to be managed?
- What are the best practices and strategies for building the necessary electronic records infrastructure and foundation?
- What tools can help transform your electronic records landscape?
March 10, 2022
Theme: Fundamentals of Artificial Intelligence for Non-Computer Scientists
Guest Panelist: Maura Grossman, J.D., Ph.D., Research Professor in the David R. Cheriton School of Computer Science at the University of Waterloo
Topics:
- How does AI work?
- How is AI being used in the industry and law today?
- What are some of the issues AI implicates, such as bias?
- What particular archival/records management processes have you identified as the best candidates for improvement through the application of AI-related technologies?
- Is it really possible for AI to replace human intelligence? Can AI be self-learning?
- What legal risks exist with AI and when do you think the law will address challenges with AI?
- How is AI transforming the record digitization process from hard copy conversion to ingestion in an electronic content management or records management system?
January 26, 2022
Theme: The 21st Century Archival Practitioner
Guest Panelist: Dr. Patricia Franks, PhD, CA, CRM, IGP, CIGO, FAI
Topics:
- Given that records and archival practice are increasingly impacted by emerging information technologies which surreptitiously put IT managers on the drivers seat, how can Records and Archival managers take the front seat deservedly so in records and archival management projects?
- Is there a difference between Historical and Archival value? Does the department that generates the record decide if they are historical, or do Records Managers, or Archivists?
- How will blockchain technology change archival preservation?
- How can Archivists successfully carry out their duties, while also increasingly working as part of a team involved with activities like cybersecurity, blockchain distributed ledger technology, digital forensics, e-discovery, and information governance?
2021 Virtual Coffee Sessions
October 27, 2021
Theme: Spooky Records and Information Management (RIM) Nightmares & How to Avoid Them
Guest Panelist: Ann Snyder
Topics:
- Tales on international misconduct, negligent information management, including landmark cases, and how they’ve impacted and promoted good Information Governance (IG) practices.
September 22, 2021
Theme: Applying Retention to Databases and Data Lakes
Topics:
- Can retention be applied to databases and data lakes, or does it only apply to the output?
- If so, how? What part of the data is considered a record, and what would be the triggering events?
- What happens when some of the data is used by other systems?
- Who owns the data if it applies to multiple systems?
August 5, 2021
Theme: Optimizing Your Records Retention Schedule (RRS) to Manage Privacy
Topics:
- How should you determine appropriate retention periods?
- What is the information collection process?
- How can you assess privacy implications for records?
- In terms of retention schedules, what is the best way to address the privacy concerns associated with using the Microsoft Office 365 meeting platform and chat messages?
- How do you incorporate privacy records into your RRS?
View Trivia Facts About Privacy
Links to DPA Ruling on Retention Periods (as discussed during the session)
June 16, 2021
Theme: Exploring RIM Privacy Concepts Through COVID Records
Topics:
- How long does OSHA or other regulations require cleaning records to be kept?
- Is there a special retention requirement for COVID-related records, particularly cleaning records?
- Is there guidance on how to deal with contact tracing and disaster response?
- How do RIM professionals handle medical records for non-medical agencies or being involved in a medical response such as vaccine administration and COVID testing?
- How are agencies dealing with collecting vaccination records for returning staff?
- Are agencies considering vaccination records as medical records or health information? What led to the decision for them to be referred to one as opposed to the other?
May 5, 2021
Theme: Best Practices for Records Retention Schedule (RRS) Maintenance
Guest Panelists: David Stephens, CRM, FAI
Topics:
- Is there a best practice to address structured data retention vs. unstructured data retention?
- What are some tips concerning refreshing a RRS with migration in mind?
- How do you balance Privacy requirements and big bucket retention?
- How do you transform an outdated paper-based, divisional structured records retention schedule to an electronic “big bucket” schedule easily?
March 24, 2021
Theme: Best Practices for Managing Redundant, Obsolete, and Trivial Information (ROT)
Guest Panelists: Warren Bean, CRM, Sr. Sales Engineer and Product Development Manager at Zasio
Topics:
- What is the best way to get metrics on ROT?
- Is there a way to calculate “cost of ownership”, per GB, of all ROT?
- Do you have examples of steps or resources to get senior management’s buy-in to addressing ROT
- How do you determine what is ROT versus what is historic or archival material, especially when employees want to keep everything forever?
- If utilizing technology is not an option, what are some manual/process-based methods organizations can use to find and sort ROT?
- What tools are people using to identify ROT? Do those tools also have the ability to automatically delete the ROT
- What is the best way to have end-users eliminate ROT from email and their assigned individual OneDrive folders without excessive amounts of dedicated time?
- What are best practices for reducing ROT on shared drives?
- What are best practices for reducing ROT from the CLOUD?
February 10, 2021
Theme: Best Practices for Email Management
Guest Panelists: Blake Richardson, CRM and Sharon Laplant, Records Manager and President of the ICRM
Topics:
- How do we create processes and procedures to make email management easy for end users, while also applying records schedules and disposition workflows to email?
- Do you have advice on how to gain management support for this type of initiative? How do others address opposition to such an initiative?
- What are some tips for how to roll out an email retention initiative?
- What sort of traps and unanticipated work arounds did you see or notice after the fact?
- Do most companies have an auto-deletion policy and then immediately delete, or do they archive for a period of time?
- What are some suggestions for cleaning up PST files?
2020 Virtual Coffee Sessions
November 18, 2020
Theme: The Certified Information Privacy Professional (CIPP) Certification
Guest Panelist: Soo Kang, Director of Producer Security at Aflac
Topics:
- What is the exam process like?
- What are some tips for effective studying?
- How many questions are on the exam?
- What are the recommended resources for information on the CIPP certification?
- What does the time commitment look like in preparing for the exam?
- For someone new to information governance, is the CIPP a good certification to start with?
- Would other certifications provide you with a better “baseline” for work within the field?
- How does the CIPP complement other certifications?
October 15, 2020
Theme: The Information Governance Professional (IGP) and Certified Information Governance Officer (CIGO) Certifications
Guest Panelist: Andrew Ysasi, MS, FIP, FIIM, CIPM, CIGO, CISM, PMP, CRM, IGP, CIP, CSAP
Topics:
- Are the IGP and CIGO certifications recognized worldwide?
- What are some tips to help prepare for the exam?
- How do these certifications compare to others in the industry?
- What materials are suggested to focus on for the exam?
- How long are the exams?
- Which certification carries more “weight” in the industry?
September 24, 2020
Theme: The Certified Records Manager (CRM) Certification
Guest Panelist: Blake Richardson, CRM
Topics:
- How does the CRM certification compare to other certifications?
- What techniques work best for studying for the exams?
- What are some good resources to help prepare for the exams?
- What was the greatest challenge during the CRM certification process?
- How will the online testing process work?
- Are there practice exams available?
- How long does each test take?
- What are some challenges in building a career as a RIM professional?
- Is there a recommended order for taking the exams?
- When is the best time to pursue a certification?
August 20, 2020
Theme: COVID and How it Relates to Information Governance
Topics:
- Is your organization collecting records of employee COVID testing as part of a return to workplace initiative?
- If COVID testing records are being collected, at what frequency are records collected?
- Is your organization collecting employee COVID testing data, how are you categorizing it in your RRS?
- Is your organization collecting employee contact tracing records?
- Is your organization collecting records of temperature checks from employees/contractors/visitors as a prerequisite for entry into the workplace?
- If you are collecting employee COVID temperature test data, how are you categorizing it in your RRS?
- Do you think organizations should log confirmed COVID cases related to the workplace as reportable under OSHA?
- Do you think workplace exposure and medical records related to COVID should be kept consistent with an organization’s exposure record series?
- With more people working remotely, are you noticing a decrease in paper records and that more documents are being “born” electronically now?
July 16, 2020
Theme: Structure Data Retention Periods and COVID Records Retention
Topics:
- Structure data retention periods
- Does your organization struggle with determining appropriate retention and disposition for structured data?
- Does your organization keep a separate retention schedule for structured data?
- For those organizations with their management of structured data, how do you determine the appropriate retention periods for that data?
- Should the appropriate retention period for structured data correlate to the retention period of the output records?
- How do you approach retention periods for applications that have various data fields? For example, one data section has employment information, another data section has company financial record information, etc.
- COVID records retention
- Is your organization currently generating/collecting/retaining employee health-screening COVID related records?
- For organizations collecting various employee health information, how is this information being categorized?
- Has your organization determined an appropriate retention period for these records?
- If yes, what has been determined the appropriate retention period?
- Do you consider employee health-screening COVID related records to contain PHI (Protected Health Information)?
June 17, 2020
Theme: RIM Policies and Records Retention Schedules
Topics:
- We are a local government agency preparing to update our records management policy and retention schedule. I am hoping to gather information to aid in the development of a records program that meets today’s environment. I would like to know about:
- Best practices/standards for records management policy
- Best practices/standards for retention schedule
- What is considered permanent record (agenda, minutes, financial statements, etc.)
- Paper versus electronic records
May 14, 2020
Theme: RIM Fundamentals and RIM/IG + COVID-19
Topics:
- How many call participants still grapple with RIM fundamentals, including but not limited to the following:
- Obtaining senior-level support
- Records retention schedules
- Physical records issues – such as onsite/offsite records storage with one vendor
- Creating RIM awareness within their organization
- Employee training
- Has your organization advanced fundamental areas to more advanced RIM areas such as IG, privacy, and electronic records and information management?
- Companies are starting to assess returning employees back to the office.
- Is your company doing this in a staged approach?
- Has your company implemented an employee health-certification to return to work?
- Have you had to deal with scheduling COVID self-certification forms from a retention perspective yet?
- Is your company determining whether “work-from-home” may be a permanent option for some functions?
April 16, 2020
Theme: Information Governance and COVID-19
Topics:
- Privacy regulations may be relaxed during a pandemic. Any suggestions on how to ensure data sharing during a pandemic will not come under scrutiny once we are no longer under a pandemic?
- Many organizations are looking for ways to improve education and keep people sharp while working from home, do you have suggestions for IG professionals?
- How are organizations with geographically dispersed field offices (plus HQ offices) managing records management activities internally along with their offsite storage vendor(s)? Have organizations put less of a priority on RIM at this point?
- With remote workers, what additional cybersecurity measures are organizations putting into place, if any?
- Are most RIM-related employees continuing to work from home? If not, what is the rationale for them working from the office? If they are working from home, have they received a timeline for reporting back to the office?
- If RIM-related employees are working from home, are they able to collaborate and work on in-progress RIM projects and initiatives or initiate new initiatives?
