The Mirage of the GDPR Solution

On April 4, we conducted a webinar on GDPR Compliance. (What? You missed it? No worries, it’s here)

One of the key points I made during this session was that GDPR requirements are so comprehensive, no single technology or solution could possibly meet them all. And as such, any vendor who claims to be selling a GDPR Solution was either over-simplifying the path to GDPR compliance, or they were being dishonest in the marketing. There is no such thing as a GDPR Solution; if you look closely at something that claims to be one, it will vanish upon closer inspection.

“Wait! You claim GlassIG is an Information Governance Platform! How is that any different?”

Guilty as charged. GlassIG was the first technology branded as an Information Governance Platform; we’ve been flying the IG Banner for almost a decade. Our view is that IG means:

  • Defining and centralizing your policies
  • Identifying which of your information assets need to be governed according to those
  • Actively enforcing policy on these information assets

 

 

 

 

 

 

 

 

 

 

The thing is, IG is a marketing term. Not every vendor would agree with our definition of it. Once the label began to get some traction in the marketplace, every technology within shouting distance of IG began to claim it: Records Management, Retention Schedule Management, E-Mail Archiving, E-Discovery, File Analysis, even Electronic Archive Systems identified themselves as Information Governance Solutions. They still do today, and on behalf of the Vendor Community at large, I presume to apologize to the market for the confusion we have caused.

GDPR is different. There is a very clear set of standards, codified and ratified last year by the EU Parliament. GDPR spells out:

  • What is personal data?
  • What rights do individuals have regarding their personal data?
  • What responsibilities do data controllers have regarding personal data?

The answers to these questions touch on Business, Privacy, Security, Risk, IT, Legal, and yes, Records Management. In many ways, I likened this to the E-Discovery Reference Model, in that the spectrum of responsibilities spans almost the entirety of a company’s information management practices. What’s a company to do?

Well, Step 1 is to firmly reject any vendor who tells you they have a technology that will get you in compliance. I’d ask you to be polite about it… we are a Swiss company, and would never advocate rudeness. But firmness is certainly acceptable here.

Step 2 is to assess your risk profile and appetite, and begin with GDPR requirements that most specifically map to your business and potential for costly compliance violations. GlassIG can help with some of these, including:

  • Defining of your information assets should be managed according to GDPR requirements
  • Creating a cross-repository inventory of these information assets
  • Retrieving, exporting, or deleting information assets as required by GDPR and other information management regulations
  • Measuring and Auditing such activity for compliance reporting

 

Behind the scenes, we are working with one of our closest partners to build out an end-to-end GDPR Compliance Model. While I claim that no single technology can meet all your GDPR Requirements, that doesn’t rule out the possibility that a blend of cohesive platforms might do so. Watch this space for a white paper and webinar later this summer, where we will describe a full GDPR Compliance Suite.

Dates for your diary: Upcoming GlassIG Webinar Series

The GlassIG Webinar Series is designed to help you learn more about the issues surrounding Information Governance and to show you how GlassIG can help to combat these challenges.
Here is the date for your diary for the next instalment:

GlassIG Webinar Series #2: Active Policy Enforcement on SharePoint & Share Drives
Tuesday, 7th March 2017

You can also check out the first webinar in the series on the Resources page.

Don’t forget to Sign Up for our monthly newsletter, for all the latest GlassIG news.

Don’t miss the GlassIG Webinar Series – January 17th, 2017

Over the past three years working as part of the Professional Services Team at GlassIG, I have had many opportunities to transform our clients manual Retention Schedules (MS Excel or simple text files) into GlassIG centralized solution Policy Manager. The journey of helping our clients move away from the challenges of the manual process, and finding ways to enrich, optimize, and provide the tools to more effectively manage their Records Retention Policies is one of the most rewarding services I can provide to my clients. Transiting Records Retention Policies into GlassIG Policy Manager provides Corporate Record Managers with a wide variety of customizable options that are not available in a manual schedule. I work closely with our clients to find the customized solution to best meet the needs of their organizations.
Information Governance Policies define how an organization should manage its content (and information) to comply with the requirements of laws, regulations, and internal operational needs. These policies cover the rules of behavior and handling of the various types of documents and Records that are used within the numerous processes within the organization. GlassIG Policy Manager creates a digital hub of jurisdiction-specific governance policies covering all aspects of information governance including:

  • Provide a centralized location for the creation & management of your Records Retention Schedule
  • Define your policies once and then apply them to manager your information in-place over different repositories
  • Management of the policy approval process. Apply a customized workflow approval process that can be applied when a new policy is created or an existing one is modified

The new GlassIG freemium offering facilitates the starts of the journey with no constraints, no obligations, and no engagement required. During our webinar, James Amsler will share with you on how you can get started on your Information Governance Journey for free today.

To find out more about our webinar and to register your place, click here.

The First Recruits Graduate from GlassIG Bootcamp 2016

Across three days on the 12th, 13th and 14th of July we held the first GlassIG Summer Bootcamp. Attendees from three continents were able to attend two hourly sessions on each day of Bootcamp with a mix of Information Governance theory reinforced by demonstrations of GlassIG Free Edition.

The sessions included, presentations of the advantages of in place management of information, an outline of the new vocabulary of Information Governance that GlassIG is introducing, the architecture of next generation Information Governance solutions and a wider look at Information Governance features that are available to modern IG solutions. Of particular benefit was the advice on how to go about choosing a suitable Information Governance solution for your organization.

At the heart of GlassIG Bootcamp, however was the practical experience of implementing an Information Governance solution from scratch, in minutes rather than months. Participants were invited to create their own accounts in GlassIG Free Edition and encouraged to try the features for themselves. They were able to get their account up and running, invite additional users, create new information policies or modify the default set, and quickly catalogue their information assets on Google Drive or Box.com.

GlassIG Free Edition was the star of the show, allowing participants to apply Information Governance to their personal cloud drives. GlassIG Free Edition and Business Edition are pure play SaaS solutions with no set up costs, technical administration or onprem footprint required. They represent the future of Information Governance solutions, not rearranging information and attempting to move it to a centralized location, but instead bringing a layer of Information Governance to information, right to the heart of where it is created, stored and exploited by business users and business systems.

Learn more about GlassIG Editions

GlassIG Bootcamp was an amazing success, and really served to highlight the future of Information Governance.

If you missed it or would like to see it again, you can watch each day below.

Day 1

 

Day 2

 

Day 3