By 2025, the global datasphere is expected to exceed 180 zettabytes. That’s 1 sextillion (1,000,000,000,000,000,000,000) bytes. To put this into perspective, if one zettabyte were equivalent to one second of high-quality audio streaming, then 180 zettabytes would allow you to play music continuously for over 5.7 million years without repeating a single song.
In short, we’re all generating a lot of data — and it’s overwhelming many organizations.
But data volume isn’t the only problem; data is also increasingly diverse. On average, large enterprises use 211 different applications, all of which generate data. Almost all of that data (90%) is unstructured, and according to IDC, 70% is never analyzed. That means organizations are sitting on a pile of data with no idea what’s in it. Is it a gold mine of useful corporate knowledge? Or a landmine of potential liability and other data risks? Perhaps both?
The likelihood and consequences of data chaos have never loomed larger. This chaos threatens to trap legal teams in an endless loop of frantically searching for the data they need for litigation, investigations, compliance efforts, data privacy requests, and security breach responses. On the flip side, the advantages of effective data management are substantial, offering significant benefits across these same domains.
However, legal cannot do it alone. This was a recurring theme in our recent webinar, “Declutter your data: Strategies for efficient data risk & risk reduction,” presented in partnership with EDRM. Here’s what we discussed.
Rather watch than read? Check out the full webinar on-demand now.
The need for cross-functional collaboration
Cross-functional collaboration between the legal, IT, engineering, information governance, and info security departments is the cornerstone of effective data governance. Collaboration ensures that everyone understands the organization’s data landscape and facilitates the development and implementation of strategies to handle emerging challenges.
Collaboration helps legal teams navigate an intricate web of regulations and compliance requirements and refine data retention policies. But it also helps IT understand and translate legal requirements into technical solutions, enabling proactive adjustments and enhancing the organization’s compliance with evolving regulations. And while information security and governance teams play a pivotal role in data mapping and ensuring the security of sensitive information, effective collaboration with legal helps them appreciate the nuances of retention policies and security measures.
How do organizations achieve that kind of collaboration?
Actionable tips for effective collaboration
Improving data management through cross-functional collaboration requires proactive, thoughtful planning. Use these tips to strengthen data management and collaboration in your organization.
Make friends with your IT and engineering teams
Angie Nolet, Senior Corporate Counsel of Litigation at Redfin, observed that there’s often an uneasy relationship between an organization’s legal, IT, and engineering teams. “Sometimes lawyers are scared to engage because we’re not well-versed in technology. But these teams are an incredible resource.”
Building these relationships takes time, but the payoff is worth it. Nolet said, “Sometimes I just put time on the IT or tech people’s calendar to ask about data and how it affects their lives. These relationships are essential to legal. We can’t do our job without them, so it’s important to recognize their value.”
As you build these relationships, pay attention to semantics, cautioned Allison Keane, Manager of Solution Architects at Onna. “Boil concepts down to something simple. Use day-to-day language that makes sense to all groups and avoid acronyms and terms of art. For example, don’t say ‘custodian’; say ‘user.’” Putting everyone on the same footing helps to avoid issues down the line.
Engage your internal partners when building a data map
Collaboration is particularly useful to organizations as they figure out what data sources they have and establish evergreen data maps. Members of the legal, privacy, engineering, information governance, and information security departments as well as various business units will all have meaningful insights into how the organization is generating and using data.
Collin Miller, Managing Director at FTI Consulting, advised teams to categorize data sources according to their purpose, such as productivity, messaging, platform as a service, storage, and the like. He also noted that it’s critical to put rules around the software that employees are using. “If you don’t require employees to ask before adding software, they’ll just start using tools that make their work easier and bring in new data formats unknowingly.” This shadow IT leaves organizations in the dark about potentially critical data sources.
Work with partners to establish and adapt information governance policies
When it comes to retaining data, legal, privacy, IT, and other stakeholders are often at cross-purposes. Legal may want to keep everything, while IT argues that it can’t absorb that cost. On the other hand, IT may want to retain code from a decade ago to inform future projects, but legal objects that it will introduce unnecessary risks. Or legal may be focused on preservation obligations that conflict with the privacy department’s concerns about compliance with global data protection regulations.
The key is harmonizing each team’s needs and views in your records retention policy. “It takes a constant conversation among different drivers of the ultimate policy. You don’t want to make changes all the time, but you have to be ready to make changes when called for,” Genaro Lopez, an Information Governance Lead at Google, observed. He recommended, “Create those forums where you can have collaborative, holistic conversations so that everyone’s views are represented and understood. Then distill those conversations down to actionable discussions for those administering the tools. Otherwise, you’re going to consistently end up trying to retrofit something that wasn’t quite right at the beginning.”
Keane agreed. “If you have all the key stakeholders involved from the beginning, then you know who to have conversations with as you establish policies.”
Lopez added the critical role that privacy plays in communicating the rationale behind information governance strategy and policy. “Privacy instills the need to keep what’s useful information-wise and then remove data once it’s past that phase.” That’s an important counterbalance. “Many of us work in organizations with a hoarder mindset; people want to keep stuff just in case. But privacy can make the case for why we must be more proactive and think differently about this.”
Evaluate how tool updates will affect retention policies
Miller pointed out that working with IT gives legal a heads-up about how software updates can impact retention policies. Nolet added, “If you’re confused about what updates might be coming in your various platforms, schedule a time with IT or the vendor to make sure you understand it so you can add it to your retention policy.”
Need a starting place for your company’s records retention program? Check out our data retention policy template.
Build external partnerships to influence product roadmaps
Great collaboration extends beyond the organization’s walls. Working with external collaborators, such as software vendors, helps organizations avoid surprises. As Keane said, “Many tools are built with efficiency in mind, not legal.” In other words, don’t assume your software is litigation-ready. Instead, raise legal issues with your success manager or contact so you know how the tool will work if — or when — you have to collect data from it.
Lopez added, “The key is not waiting to get started, because it’s only going to get more complicated. Engaging early and often with your product and technical partners can help you look around corners as much as you can.” A solid relationship can also encourage vendors to keep legal and compliance requirements in mind as they design new products and features.
Learn more about building a strong data governance tiger team
As the datasphere expands, legal must relinquish its role as Atlas, holding up the organization’s data obligations alone, or it will be crushed by the weight of information. Collaboration is no longer a choice for organizations; it’s a necessity. By fostering unity among legal, IT, privacy, and other teams, organizations can untangle data chaos, reap the benefits of their information, and insulate against risk.
