Episode Transcript
[00:00:00] Speaker A: If you've ever wondered what's actually hiding in your shared drives, Trailblazer Insight scans your files locally for PI, hipaa, PCI and other compliance risks. No cloud, no IT ticket, just answers. Search Trailblazer Insight in the Microsoft Store.
[00:00:20] Speaker B: Hello, thank you for joining us. Every organization hides a story and its data contracts. Nobody reads policies, nobody follows files nobody can find.
This is what Counts, the podcast that digs into the governance problems people inherit, ignore and discover too late. I'm Lee and in each episode, my co host Maura Dunn and I bring to you the hard earned lessons from the room where the real work happens.
So, Maura, in our last episode we walked through how to keep counterparty data from proliferating again.
The unique persistent id, the central system, process mapping the choke points. And I think all the listeners probably heard that and thought, great, all that makes sense.
What is information governance and why would that be next?
[00:01:12] Speaker A: Well, the segue is a question.
Why would we go from cleaning up counterparty data to what is information governance?
We could have gone the other direction, but just like with our clients, we go where the projects lead us.
And we were focused on, we are focused on making your contracts work for you and making contract data more accessible. And one of the critical things you have to do to make your contracts more useful and usable is understand your counterparties. So that's why we dove into that last week and a couple of weeks in a row, actually, because it's complicated.
But now we're going to take a step back or a step up and we're going to talk about information governance.
And I was thinking about this topic, getting ready for today's recording and thinking, over the years, the words we use have changed around this subject that we've devoted our professional lives to, both of us, but the ideas haven't changed.
So. So up until now, kind of, we'll go with the trend, we'll move forward. We did have a left turn there for a little while where we tried to coin our own phrase. Remember information design?
[00:02:33] Speaker B: Yeah, that was trailblazers.
[00:02:35] Speaker A: Yes, that was trailblazer. We were trying to make it information design.
I just got a text from some patent or copyright, you know, one of those collectors saying, did you know that your information design application was invalid? We did know that because those are just words and we weren't able to copyright them.
And the concept behind them wasn't unique. It was just us trying to find a new way to talk about this thing that everybody talks about.
So that was clear as mud. As you would like to say as you are, what to say. Is it actually, here's where I want
[00:03:13] Speaker B: to sing, or is it. Is it these things?
[00:03:17] Speaker A: These things.
So I want to start by talking about some terms. So we have management and governance, and those are not the same, even though they are often used interchangeably. And I think the distinction I want to make is that governance is more strategic.
It incorporates the goals of what you're trying to accomplish.
So not just the rules, the systems, the processes, but also why management is execution. It's making it happen, following the rules, auditing the processes, being able to demonstrate that you followed the processes.
So we have those two terms to start with kind of at the base of our vocabulary problem.
Records management is the term that we grew up using.
I learned it in library school. We worked on that for a long time, you and the law firm. Me, as a consultant to the federal government.
[00:04:20] Speaker B: I worked in the records center, joined up.
[00:04:23] Speaker A: You worked in the records center. I managed a lot of records centers.
And you. And we still talk about records retention schedules.
So the broadest definition of records management is the creation, protection, management, use and disposition of all records that are important to running an organization, whether that's a company, a government or a nonprofit.
All records. So then you have to go to the definition of a record.
And the definition of a record that's probably pretty well accepted is that a record is any collection of information that is recorded or capable of being recorded that you have to be able to write it down or record it in some other fashion. It's a picture, it's video, it's an audio recording. It was hammered into stone by the Sumerians. It was written on a scroll.
[00:05:21] Speaker B: They had to do that, didn't you?
[00:05:24] Speaker A: I just had to do it.
But the record documents something. It provides evidence of something, and it's a very specific something. It provides evidence of the policies and processes and decisions, actions and transactions taken by that organization.
And it is evidence that can be used to demonstrate that this is what happened, this is how it happened, when it happened, why it happened. This. We are. We've carried out the obligations of the contract.
We have completed the actions of a corrective action. We have.
We are in compliance with the appropriate or applicable rules and regulations. So it's very concrete, the world of records management.
And when the ability to create information was also fairly limited.
I mean, hammering cuneiform into tablets is pretty hard to do.
And even creating paper and writing on paper was hard to do for a long time.
Scrolls are hard. Handwriting was hard. Not a lot of people could do it. Ink was hard to create.
Then it got easier. We had the ability to make carbon copies or Xerox copies or print things, things from an electronic information source.
Then we ran into this problem of we were trying to make everything recyclable, and all the ink and all the paper were so able to be recycled that they actually disintegrated early, which meant it was hard to hang on to records for a while.
So we've been through a lot, but it was really very tied. The world of records was very tied at the beginning to the scarcity and the difficulty of creating a record.
The Federal Records act is the first time that the US government allowed records to be destroyed because creating them was so hard that if you were going to commit something to paper or some other form of recording, it had to be worth it. It was by definition worth it because the process was expensive.
But in our age, creating information is the cheapest thing you can do. It takes 10 seconds and you've typed something and sent it out to it.
[00:07:52] Speaker B: Everybody does it.
[00:07:52] Speaker A: Yes, everybody does it. And consequently, the value of any particular piece of information is hard to discern, to say the least. And most of it is not valuable at all.
So does that mean records management is out the window? We're done?
No, the principles are still there. That principle of is it worth recording? Does it provide evidence of policy, process, decision, transaction or action?
Those principles still apply, but you have to. You can't just focus on the small percentage of information that meets those principles because it's lost in the mix. So. So that's where people started talking about information governance, data governance, or first it was information management and then it went to data governance, and now we're at information governance. And I think that, at least the way I'm looking at it is that's broader and it's going to help. The goal of it is to help us understand how do we fight through the noise.
What. How do we manage all of the information that is being created? And I don't mean manage in the same execution style of apply all the rules, but how do we deal with it, is what I'm saying.
How do we deal with it so that we can focus on the small percentage that has the value that's needed to run your company or run your organization or that's needed to make good decisions?
That small percentage that demonstrates compliance with the applicable rules and regs, how do you find it in that mix?
And the philosophy almost of information governance is how I think we go about Finding that that philosophy is built on those principles of records management, but the execution is completely different now. What do you think about all that?
[00:09:54] Speaker B: No, that's heavy.
Seriously. I mean, I was listening and getting a history lesson at the same time as just, you know, soaking in everything that you were saying. And, and you're right.
There's so much information that comes at you. How many times do you look at your email and you just click it, open, click and delete? Because it's just noise, right? How do you know when you actually get a record in your email? That. Oh, that one I need to keep. That one I need to file. That one I need to be able to find later because it proves, as was a transaction done, that my business did. I mean, it's, it happens every day, but it's not.
You got to think about it. You have to have some, some process behind it.
[00:10:40] Speaker A: You have to have some tools to sort through the noise because so not for the business, but personally speaking, if I make donations and I make a series of donations that are monthly, they all come into one of my personal accounts along with 11,000 ads.
And so I noticed at the end of the year when I was trying to collect all the receipts and I thought that I was collecting them monthly, as they would come in, I would grab them, I would save them.
But I was missing three or four months of different receipts, not all in a row, not four months, just of one group, but four total across all of the different runs of monthly donations. I couldn't find them anywhere because at some point last year I had to start deleting things out of my personal email because it was overrun with ads.
So the concepts around information governance are how can we automate moving that, that noise out, out of the way? So if you're in business and you have used to be, you would have somebody run a report every week, say an operations report, or an outstanding AP report or an outstanding AR report or some sort of construction status report. And somebody had to go collect the data. They had to create the report. And they would first, beginning in the old times, hand you a piece of paper, hand the executives all a piece of paper. Later it would be an email to every executive.
But now some of those things are kind of set and forget. And they're still sending all those emails. And I've seen over the years, and you probably have too, a lot of executives who just have a rule in their email that all those things get sent to a mailbox and nobody ever looks at them.
That's not where they go for their information, but it's just piling up over here.
And let's say you're in the energy industry and your construction report actually contains critical infrastructure information and you've created a store of data that nobody's looking at. It's just piling up, waiting to be breached. So not only is it taking up space, it's a potential risk sitting out over there. So how can we.
So we come in and we think about how can we make this information work better? And this is what everybody in the information space is trying to do right now. How can we make information in a business work better for you? Well, principle number one to me is stop making copies.
Don't send things via email.
Make people go to a source.
But you have to make it easy because people don't want to go to the source. They don't want to look for things. They don't want it. They like it coming to their inbox. They've gotten used to that. I understand, I understand that.
But it's a risk. And so you got to make it easy enough and you have to make them aware enough of the risks and balance the two. Look, this is a risk. If we just keep sending you things and you don't look at them and they pile up.
This is.
But we've made it easy. All you have to do is we're going to send you a link every week instead of sending you an attachment, you click the link, you can read it on your phone. It's right here. You can read it on your phone, and then you get updated information, up to the minute information. Because when we send the email out, when we have to do a formatted report, we do it on Friday. You don't get it till Sunday night or Monday morning. Who knows what happened over the weekend. We send you the link, you go straight to the dashboard. It's pretty, it's graphic, it's. You can drill down and find the details, and it's always up to the minute updated. So you balance out making the information more valuable, making it easy enough to get to, and reducing risk to your organization.
And that's true throughout. So contract management, that's our topic. I mean, for a while now, because there's so much in there, there's so much that's important about managing contracts.
It's the way you create value in your company.
Contracts govern the revenue that you bring in and they govern the way you spend money going out.
Even if the contract is as simple as a purchase order and a sales invoice. It's still a contract. It's just got a short life and it's easy to fulfill. You hope so. The applying the principles of information governance, there you look at, okay, standardize the terms and conditions, standardize the exceptions, automate the workflow so that if it's a standard terms and conditions and it fits within the approved parameters, it can just flow through and be approved. It doesn't need extra scrutiny.
That means you have to understand what are your terms and conditions, what are your standard parameters, what is okay to go through without excessive or additional approvals and reviews.
And you focus on the real value.
This is an unusual contract. There's high risk here, there's high value here, there's some unusual clauses. We need to be able to free that from the noise of the standard ones and focus our senior legal folks on that, focus our senior business folks on that. So they are spending their time where the company stands to benefit the most.
And so the principles of information governance help you do that by identifying what's valuable in your company from a business perspective and how is that reflected in your information by looking at your terms and conditions, looking at the variations and are they meaningful or not? Can you standardize on a set of terms and conditions and not vary for stylistic sake or something?
Or you vary but only to an approved degree.
It's discipline, it's analysis, it all happens up front. But then the tools we have today can carry that out very efficiently.
So to me that's the evolution we've taken from Work is Done, documents are created and then we apply retention to them, which is really the life cycle From a records management perspective, when it started to okay, we need information to do our business.
How does the information that we are creating and receiving reflect the goals of our business and how can we make that better? That's what I think information governance is here to do.
[00:17:33] Speaker B: Okay, I was going to ask you for a wrap up summary, but that was good. You did it.
[00:17:39] Speaker A: Thank you.
Well, I feel like I just stated a whole new goal for information governance in the world. So stay tuned and you'll learn more about my thoughts on where information governance is going from here.
[00:17:53] Speaker B: If you have any questions, please send us an email at inforailblazer.us.com or look us up on the web at www.trailblazer.us.com or check out the Learning Academy at trailblazer learningacademy.com thank you for listening. Please tune in to our next episode if you like this episode. Please be a champion and share it with people in your social media network or like or subscribe to the podcast. As always, we appreciate you the listeners. Special thanks goes to Jason Blake created our music.
[00:18:25] Speaker A: Thanks everyone.
