1. Take Stock: Know what personal information you have in your files and on your computer. Understand how personal information moves into, through, or out of your business and who has access - or could have access to it.
2. Scale Down: Keep only what you need for business. That old business practice of holding on to every scrap of paper is "so 20th century." These days, if you don't have a legitimate business reason to have sensitive information in your files or on your computer, don't keep it.
3. Lock It: Protect the information you keep. Be cognizant of physical security, electronic security, employee training, and the practices of your contractors and affiliates.
4. Pitch It: Properly dispose of what you no longer need. Make sure papers containing personal information are shredded, burned, or pulverized so they can't be reconstructed by an identity thief.
5. Plan Ahead: Draft a plan to respond to security incidents. Designate a senior member of your team to create an action plan before a breach happens.
Tuesday, October 20, 2009
Sunday, October 11, 2009
What Are The Components of a Corporate RIM (Records Information Management) Program
A comprehensive corporate program for systematic management of recorded information includes the following components:
- Written policy directives that define corporate records, emphasize their value as corporate assets, affirm corporate ownership of recorded information associated with a company's business operations, and articulate the purpose and scope RIM initiatives
- Standard operating procedures for storage, retrieval, dissemination, protection, preservation, and destruction of recorded information associated with all business operations
- Systematically developed retention guidelines that specify how long records are to be kept and fully address a company's legal, fiscal, regulatory, and administrative requirements, as determined through consultation and collaboration with corporate legal, tax and finance departments as well as knowledgeable personnel in other business units
- Procedures for the timely, secure destruction of corporate records when their prescribed retention periods elapse, including provisions for suspending the destruction of records if warranted by litigation
- Design and implementation of manual and computerized methods for convenient retrieval and dissemination of recorded information when needed
- Cost-effective arrangements for storing inactive records that need to be retained for legal, fiscal, regulatory, or administrative reasons
- Policies and procedures for identifying and protecting records deemed essential for continuity of mission-critical business operations
- Training plans and programs for company employees regarding the above
Sunday, October 4, 2009
How Does Record Information Management Save Money?
1. By ensuring compliance with recordkeeping requirements contained in legal statues and government regulations, thereby avoiding costly fines or other penalties, including criminal penalties to which executives may be subject.
2. By minimizing storage requirements (office space, equipment, and supplies) for recorded information.
3. By reducing the time and effort required to reconstruct mission-critical information in the event of a disaster, theft, or loss.
4. By reducing the labor requirements for organization, retrieval, and dissemination of recorded information.
5. By reducing the risks and burdens of pre-trial discovery in civil litigation and government investigations.
2. By minimizing storage requirements (office space, equipment, and supplies) for recorded information.
3. By reducing the time and effort required to reconstruct mission-critical information in the event of a disaster, theft, or loss.
4. By reducing the labor requirements for organization, retrieval, and dissemination of recorded information.
5. By reducing the risks and burdens of pre-trial discovery in civil litigation and government investigations.
Subscribe to:
Posts (Atom)
