A Message from President Gene Stakhov, CRM, CDIA+
The title of our November ARMA@Nite dinner meeting was "GDPR, CCPA & Recordkeeping: Things Just Got Real”. In the aptly named presentation, Jason C. Stearns discussed the steadily encroaching reality of privacy regulations, and how that reality has finally made its way to the very forefront of the American business model.
I suppose it’s no surprise to many of us who saw the writing on the wall from sensationalized media coverage of massive breaches like Marriott and Equifax (among so many others). Information governance professionals and those “in the know” were among the first to predict that the fallout from sweeping initiatives like GDPR would eventually make landfall here across the pond as well. But how many of us truly anticipated the swift and bold action that states like California - and others to follow suit - have undertaken in the name of privacy?
In many ways our profession offers a looking glass into business viability in an information-centric world. And in many ways, CCPA is an acknowledgment that information has changed the way business is done. It needs to be managed, governed and protected. It’s an acknowledgment that good data management is good business.
A sound governance program is just as important as the often-revered principles of sound finance. And in fact, information value movements like Infonomics seek to codify that idea in a more literal sense. Things are changing.
So my message to you, the member/reader/practitioner/evangelist is simply this … stick with it! Make your voice heard in this burgeoning field that will be a vital component in shaping the business and regulatory climate of tomorrow. There is no better way to do that than to be actively involved in associations like ARMA.
Issue 1 | Volume 51 | Fall 2019
Dedicated to providing RIM and IG Professionals with opportunities to advance their professional development
Inside This Issue
Chapter News Page 2
Chapter Member Achievements
Professional Development Opportunities
Featured Article: Managing Information Assets in a Complex IG World Page 3
Confirm.NYC Conference Page 4
Featured Video: GDPR, CCPA & Recordkeeping: Things Got Real Page 5
Board of Directors and Chapter Page 6
Welcome New Members!
Chapter Immediate Past President Mary Sherwin, CRM, IGP, FAI, CIPP/US was inducted into the ARMA Company of Fellows
Jennifer A. Best, CRM, J.D. (Chapter VP-Marketing and Social Media) for earning her Certified Records Manager designation
Professional Development Opportunities
ARMA Metro NYC Exclusive Webinar: Memorial Sloan-Kettering Cancer Center Case Study Webinar- Preparing Your Platform for Artificial Intelligence
Thursday, December 19th, 12:00 p.m. EST
Presented by Gene Stakhov, CRM, CDIA+, IG Solution Architect at enChoice, and President of the ARMA Metro NYC Chapter and Paul Cortellesi, Medical Records System Administrator, Memorial Sloan-Kettering Cancer Center
ARMA@Noon: Content Classification and Data Mapping
Tuesday, December 10th, 12:00 p.m. EST
Presented by Mary Sherwin, FAI, CRM, IGP, CIPP-US and Jennifer Best, CRM, J.D.
Do you enjoy helping others, a desire to share your RIM knowledge with others, looking for a way to become more involved with the ICRM?
Volunteer to become a Mentor and earn CMP credits. For information contact: email@example.com
The regulatory environment for how businesses manage information continues to grow in complexity and uncertainty. Information and records management professionals are now tasked with understanding the implications of laws and regulations such as GDPR, CCPA, HIPAA, SOX, FCPA and AML, and evolving standards such as the Generally Accepted Recordkeeping Principles, the Information Governance Body of Knowledge (IGBOK) and international standards from ISO and other regulatory bodies.
In addition to defining their own IG policies to comply with standards, many organizations face cybersecurity, data privacy and records retention requirements from clients, business partners and vendors that enact strict guidelines and frequent privacy and cybersecurity audits. In this environment, companies may no longer be able to accept the risks associated with an approach to IG which is tantamount to: “Keep it forever because computer storage is cheap, and so is offsite hard-copy storage.”
Concurrently, the amount of information generated and gathered by corporations is growing at an incredible rate as our world becomes more connected and access to information becomes easier and more pervasive. Organizations gather and send electronic data to and from the cloud, the edge, on-premises, data centers, mobile devices, and the Internet of Things.
Meanwhile, many companies face the challenge and risk of massive amounts of information stored in hard-copy formats that make accessing and using that information difficult. Identifying and managing a company’s information assets is a huge challenge for information governance professionals, and there appears to be no end in sight.
The silver lining for records management and information governance professionals is that this presents a significant opportunity for records management and information governance professionals to apply their knowledge and expertise in new and creative ways to manage and enforce compliance. We see evidence of this today as roles such as the chief data officer and chief privacy officer, and the specialists supporting them, grow in demand.
And while the mountains of information in companies are getting larger and more diverse, the good news is that the core principles of the profession have not changed. The days of document type, forms, and records inventories performed with pen-and-paper while walking around a warehouse may be coming to an end, but modern enterprises can take advantage of an information asset mapping approach by capitalizing and expanding on best practices that have been in use for years.
An information asset mapping process can be an effective way to build or modernize an information governance program while also providing value to back-office functions. Identifying information repositories and classifying the information assets they contain in light of regulatory compliance requirements provides a means to apply information governance principles across the enterprise.
At the same time, stakeholders in IT, Legal, Finance, and client-focused departments benefit from a holistic view of where the information they use originates and where it goes after they use it. Further, an information asset map serves as a basis for measuring and mitigating risks to information assets. Finally, when maintained systematically as part of an overall information governance program, the information asset map is a powerful tool for the modern IG professional to reduce information mountains into manageable molehills.
In Part 2 of this article, we’ll discuss how to design and implement a modern information asset mapping process.
About the Author
Jeff Pierantozzi, CRM, PMP, is an information governance and data analytics consultant at InOutsource, a consulting firm specializing in law firm information management. He has over 20 years of experience working with large consulting firms providing services to Fortune 500 companies in various industries including energy, transportation, media and hospitality, as well as government entities and investment organizations such as private equity firms and hedge funds. A frequent speaker on information governance topics, Jeff also serves as an adjunct professor of software engineering at Rowan University. Jeff has a B.S. in Computer Science from Drexel University.
Making mountains into molehills (Part 1):
Managing information assets in a complex IG world
By Jeff Pierantozzi, InOutsource
ARMA@Nite Exclusive: GDPR, CCPA & Recordkeeping:
Things Just Got Real
A Presentation by Jason C. Stearns, CRM, IGP, CIPP/US
Interested in seeing similar content? Check out the Chapter's website for future ARMA@Nite and ARMA@Noon meetings.
Left to right, Gene Stakhov, CRM, CDIA+ (President); Glenn Fischer, IGP (Exec. Vice President); Mary Sherwin, CRM, IGP, CIPP-US (Immediate Past President), Jennifer Best, CRM (VP- Marketing and Social Media); David Smythe (VP- Professional Development)
Left to right, Rishi Maharaj (VP- Events & Special Projects); Andrew Corridore (VP- Membership); Stephen Cohen (VP- Information Technology); Alex Geroev (VP- Sponsorship); and Derick Arthur (VP- Treasurer). Unpictured:
ARMA Metro NYC Board of Directors
Jennie Catherine Dubin-Rhodin (Secretary)
exchange is a publication of the ARMA Metropolitan New York City Chapter, Inc. (ARMA Metro NYC), P.O. Box 740, Grand Central Station, New York, New York 10163. The publication provides a wide range of content. An annual digital subscription to exchange is included as a benefit of membership. Opinions and suggestions of the authors do not necessarily reflect the opinion or policy of ARMA Metro NYC or ARMA International. Additionally, acceptance of advertising does not constitute official endorsement of the product or service.
For more information about exchange, please contact Editor-in-Chief Jennifer A. Best at firstname.lastname@example.org.
About the ARMA Metro NYC Chapter
ARMA Metro NYC is a local Chapter of ARMA International, a not-for-profit community of professionals in the information management and information governance industry that provides educational resources and networking opportunities.
The Chapter supports its members through educational seminars, events, an annual educational conference, and its publication exchange. Its members are RIM and IG Professionals, as well as individuals who work in related fields, such as technology and law.