Records management and defensible destruction
Upcoming SlideShare
Loading in...5
×
 

Records management and defensible destruction

on

  • 797 views

Is your organization guilty of hoarding data? Records management and the case for defensible destruction ...

Is your organization guilty of hoarding data? Records management and the case for defensible destruction
When does data retention become data hoarding? Tune in to this brief audio/visual presentation to learn how you can mitigate risk by doing retention right.

Statistics

Views

Total Views
797
Views on SlideShare
793
Embed Views
4

Actions

Likes
1
Downloads
13
Comments
0

1 Embed 4

http://www.slideee.com 4

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Records management and defensible destruction Presentation Transcript

  • 1. Is your organization guilty of hoarding data? Records management and the case for defensible destruction
  • 2. 2 Copyright © 2014 Deloitte Development LLC. All rights reserved. A record is any information created or received that should be retained as evidence by an organization or person in pursuance of compliance, legal obligations, or in the transaction of business* *ISO-15489 Setting the stage The bottom line: If it needs to be kept, it’s a record, and it needs to be protected.
  • 3. 3 Copyright © 2014 Deloitte Development LLC. All rights reserved. The data lifecycle Structured Identify and classify Use Disposition Store Unstructured Semi-structured Destruction Archive Thedatalifecycle Five steps: 1. Identify and classify 2. Store 3. Use 4. Disposition 5. Archive OR 5. Destruction
  • 4. 4 Copyright © 2014 Deloitte Development LLC. All rights reserved. Big data It is estimated that over 1/3 of corporate data is expired, redundant, or worthless. The big data footprint is growing rapidly*: • 90% of all data were created in the last two years • Data available will soon increase to 40,000 Exabytes • Information technology budgets are expected to expand 40% by the year 2020 *http://www.thereformedbroker.com/2013/08/16/crazy-big-data-stats/
  • 5. 5 Copyright © 2014 Deloitte Development LLC. All rights reserved. Not long enough Breach of law Inability to perform in a lawsuit Regulatory fines Poor customer service Jail time Retention is easy; the right retention is hard Retention laws and regulations dictate how long to keep records. Privacy laws push us to delete them when they are no longer required. High risk Low risk High risk Too long Breach of privacy law Increased breach risk Increased storage costs Increased eDiscovery costs Punitive damages
  • 6. 6 Copyright © 2014 Deloitte Development LLC. All rights reserved. Three steps to defensible destruction “…records containing „identifying information‟ must be destroyed within six months of the expiration of the records retention period.” Code of Virginia (COV 42.1 -86.1) 1. Records are destroyed in accordance with their data classification 2. The process to destroy is repeatable 3. Records are destroyed regularly and NOT on an ad hoc basis
  • 7. 7 Copyright © 2014 Deloitte Development LLC. All rights reserved. In the recent “2013 Cost of Data Breach” study, an independent research institute found the average U.S. breach cost to be $5.5 million with an average cost per compromised record at more than $194.* Return on investment If just 20% of those records were defensibly destroyed, the savings could be $360,000 per case. If just 20% of those records were defensibly destroyed, the average company could save $1.1 million per breach. In 2012, a nonprofit global think tank analyzed the eDiscovery costs associated with 57 cases from eight large organizations. The average total cost per case was $1.8 million dollars or $26,605 per gigabyte.** *Ponemon Institute “2013 Cost of Data Breach: Global Study” **http://www.rand.org/pdfrd/RAND_MG1208_eDiscovery_Costs.pdf
  • 8. 8 Copyright © 2014 Deloitte Development LLC. All rights reserved. Glenn Wilson ERS Manager | Technology Risk Deloitte & Touche LLP +1 213 688 6976 glennwilson@deloitte.com LinkedIn: http://www.linkedin.com/in/gmw13 Tune in to this brief audio/visual presentation at: http://event.on24.com/clients/deloitte/portal/index.html?playlist=itia&event =733112 Contact information
  • 9. This publication contains general information only and is based on the experiences and research of Deloitte practitioners. Deloitte is not, by means of this publication, rendering business, financial, investment, or other professional advice or services. This publication is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte shall not be responsible for any loss sustained by any person who relies on this publication. About Deloitte Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting. Copyright © 2014 Deloitte Development LLC. All rights reserved. Member of Deloitte Touche Tohmatsu Limited