Information Governance

As the volume of information grows exponentially year-on-year, and the manner and availability of the information morphs on a near-monthly basis, the risks associated with substandard or nonexistent strategic Information Governance—the coordinated management of the information lifecycle within and without the client firewall—grow as well.

Mature concerns associated with data security, Personally Identifiable Information (PII), Protected Health Information (PHI), Intellectual Property, and E-Discovery obligations have now joined forces with the risks associated with, among others, cloud storage, social media sharing, the viral adoption of “Shadow” IT by client officers and employees, and legacy stockpiles of information with unknown provenance. The repercussions have magnified as well, with recordkeeping compliance penalties, E-Discovery sanctions, and costs associated with data privacy and security breaches sounding more frequently. Client representatives tasked with compliance duties in the Information Governance space, as well as with strategic planning related to IT asset implementation and future information, need expert advice based on industry benchmarking but tailored to specific client needs and direction. BakerHostetler is here to help.

Information and its use is the ultimate mixed blessing for client organizations. Future success depends on intelligent use of information, but the governance of that information is undergoing a dramatic and unprecedented change. BakerHostetler’s experienced Information Governance professionals work carefully to understand clients’ Information Governance profiles, and tailor solutions specific to clients’ specific needs, risk tolerances, and regulatory and industry footing. The core of the practice focuses on assisting clients in navigating changing Information Governance paradigms, reducing risk and cost, and positioning clients for future success.

Strategic Advice

BakerHostetler provides clients with organizational-level advice, providing enterprise-wide consistency, compliance with regulatory and legal requirements, and prospective guidance that evergreens for year-on-year success even with often drastic technological and client compositional change. Advice must begin with understanding, and BakerHostetler’s combined interview and investigative approach first shows clients where they stand on Day One before providing strategic alternatives to address current and future risks and concerns.

More »
Information Management—Technology & Solutions

BakerHostetler professionals assist clients with the selection and retention of technologies and services that fit client needs and risk tolerances. Information Governance professionals work hand-in-hand with clients and BakerHostetler’s Information Technology and Transactions team to develop requests for proposals (RFPs); select appropriate vendors and technological solutions; and execute appropriate contractual and procedural safeguards for the use of those solutions.

Information Use—Policies and Schedules

BakerHostetler advises clients on enterprise-wide Information Governance Policies and Schedules, and assist with the creation and modification of those Policies as well as the maintenance and overhauling of related Schedules. Proper policies and schedules provide client officers and employees with appropriate instructions for handling personal and client information, a standard to measure against audit and improvement initiatives, and a foundation upon which a client can add new internal technologies and processes.

Prospective Corporate Activity

BakerHostetler provides a component of client due diligence in the context of mergers, acquisitions, asset purchase, and divestitures to extract information of value; to assist the client in complying with existing and incipient legal hold requirements; and to cost-effectively harmonize information to existing or contemplated Information Governance Policies and Schedules.

Corporate Audit

BakerHostetler assesses and audits client Information Governance practices to ascertain gaps associated with proper information management, security, and client contractual obligations. Where appropriate, BakerHostetler may undertake efforts to address challenges directly, or assist the client with overseeing more involved compliance projects.

Legacy Remediation

BakerHostetler analyzes client information use and legacy remediation projects in the context of clients’ Information Governance Policies and Schedules, existing legal hold requirements, internal informational data analytic initiatives, and risk tolerances. Based on that analysis and client direction, we supervise the appropriate disposal of unneeded information, as well as the proper categorization of any retained information and the intelligent use of that information through new technologies and processes.

Expert, Officer and Employee Training

BakerHostetler assists clients with the identification and preparation of 30(b)(6), state analogue, and other expert and client-representative witnesses in the context of client Information Governance practices. Likewise, we train client officers and employees on the proper operation of Information Governance Policies and Schedules and their intersection with data privacy, data security, and E-Discovery issues.

Special Projects

Multinational clients demand additional expertise and varied experience. BakerHostetler’s multidisciplinary professional teams assist clients in addressing cross-discipline Information Governance projects that also involve data privacy, data security, E-Discovery, and information analytics issues.

Key Contacts

Blog

In The Blogs

Previous Next
Data Privacy Monitor
Cyber Risk Mitigation is a Year-Round Job
October 31, 2014
We enjoy the focus on cybersecurity in October as part of National Cybersecurity Awareness Month, but the risks and threats are continuous. Our Privacy and Data Protection team is excited to debut a new graphic that illustrates the...
Read More ->
Data Privacy Monitor
FCC Plans $10 Million Cybersecurity Fine Against Two Telecoms
October 30, 2014
On October 24, 2014, the Federal Communication Commission (“FCC”) took a big step into the cybersecurity regulatory space when it announced its intent to assess a $10 million fine against two telecoms, TerraCom and YourTel America...
Read More ->
Data Privacy Monitor
California Attorney General Releases 2014 Data Breach Report and Recommendations, Finding More of the Same.
October 29, 2014
Editor’s Note: The author thanks Jaysen Borja for his contributions to this post. On October 28, 2014, Attorney General Kamala Harris released the second annual California Data Breach Report.  The report detailed the nature and scope of...
Read More ->
Data Privacy Monitor
How to Respond to SEC Inquiries Concerning Data Breach and Data Security Policies
October 28, 2014
Every company, whether public or private, has exposure to potential data breach or theft of confidential information. When this occurs, various state and federal regulatory organizations have jurisdiction over ensuring that there is...
Read More ->
Data Privacy Monitor
Privacy Policies Going Digital: The CFPB’s Final Rule Ditches Requirement to Distribute Annual Paper Copies
By William W. Hellmuth
October 28, 2014
On October 20, 2014, the Consumer Financial Protection Bureau (“CFPB”) announced that it had finalized a rule that alters the way that financial institutions provide privacy policies to their customers. Under the Gramm-Leach-Bliley Act of...
Read More ->