Most companies have, or are developing, programs for records and information management (RIM), in-house e-discovery and the control of sensitive information such as privacy data and intellectual property. Historically, these programs have been run as separate work streams by the legal, compliance, audit or IT organizations. But within the past year, we have begun to see a trend of companies combining these initiatives into a single work stream. Killing three compliance birds with a single program stone can save time and money.
Running separate RIM, e-discovery and data privacy programs can create conflicts or extra work. For example, the records organization may be creating retention schedules that are completely different than the information security organization’s data classification standards (often discovered late in the process). Furthermore, these work streams cover the same ground. Information collected as part of a records type inventory is often very useful for data privacy, but this information is frequently collected twice.