 |
 |
 |
 |
 |
|
Managing Your Digital Assets |
|||
|
Increasing corporate legislation such as HIPAA, Sarbanes-Oxley and Gramm-Leach-Bliley have caused unprecedented pressure on CEOs, CFOs and CIOs to improve the management of their "digital assets". Today's executive will need to move carefully in the future to protect their company from inadvertently breaking the law (or employees deliberately doing so). There is suddenly a strong realization that a clear strategy be in place to ensure that critical documents are easily accessed, secure, impossible to alter (after the fact), and in some cases, unshredable. The goal is to develop an effective document management strategy that incorporates three major benefits; risk avoidance, cost savings and process improvements. The following factors should be considered when developing and maintaining policies for protecting and managing corporate digital assets. Make document management a business initiative, supported by corporate leadership. The Andersen Accounting scandal reminds us of the vulnerability of traditional paper documents and the importance of having "top down" involvement in developing a compliant document management strategy. Ten years ago companies tended not to keep paper because of physical space and cost, but as more documents are migrated into digital form, it has become much easier to store scanned images, e-mails, PDFs, drawings, Word & Excel documents, etc... into a single repository with no storage restrictions, for any length of time. Case law shows preservation of all documents can come back and haunt a company. A well-developed document management system not only protects a company from possible fraud and liability, but also enhances employee productivity and job satisfaction. Ensure that stored documents are secure and cannot be altered. Sarbanes-Oxley specifically prohibits the altering or falsifying of a document. HIPAA safeguards medical information. Gramm-Leach-Bliley safeguards the confidentiality of customer records. Storing company and client documents in a secured environment is of utmost importance. Most document management systems allow varying degrees of access to employees and management, depending upon the type and nature of each document. Create a document retention & destruction policy. Determine the legal "life" of a document, as well as its practical usefulness, then create an on-going process that manually or automatically reviews, retains or destroys a document based upon its specified retention period. Regularly review back-up and archival procedures, and maintain a destroyed document "log book". Most document management systems have "digital preservation" methods that will satisfy these new retention and destruction policies. They also minimize copy issues, i.e. which version is the correct document, storage management, and how to destroy all copies at the proper time. Document all ways in which data can be transferred to or from your company. Client confidentiality is as crucial as corporate security when it comes to the sharing of sensitive data over the Internet. It is yet another strong incentive to create a single repository where every document is accessed using uniform security parameters. Be aware of "electronic footprints". "Delete" doesn't always mean, "delete". Most executives are unaware that past version edits on a contract produced by their staff can easily be viewed by the other side. This can cause un- necessary embarrassment or worse. Ask your IT people about metadata scrubbers and how they can protect you. Integrate the document management process with existing corporate applications. Most automated document management systems can seamlessly integrate with corporate accounting and database applications (SAP, JD Edwards, MS Exchange, etc.). This allows for "one click" access to all data, from manufacturing, to accounting, to sales and marketing--all within a safe, secured environment. Most companies are very effective at managing their physical assets. They have effective inventory management and costing systems. Why aren't digital assets measured and managed in the same way? Why don't they find their way onto the balance sheet? Managing your "digital assets" is no longer a luxury. Most organizations have come to realize that instant access to their core knowledge is essential to surviving and prospering in today's business climate. More importantly, recent regulations have put businesses under intense scrutiny. Ask your IT management to review your document management strategy--because no one wants to wear an orange jump suit.
|
||
