Team Leader
(502) 423-2050
Office:
Louisville, KY

Information Governance

About

Information governance is more than just secure data storage. It is the set of principles, guidelines, and processes designed to effectively manage an organization’s information throughout its life cycle — from creation through storage and ultimate disposition.  Information governance uses policies, procedures, and technology tools to evaluate and protect all the information that flows through an organization.   

What is an information governance audit?

An information governance audit is the first step in developing a comprehensive information governance program.  We “check under the hood and in every corner” to determine whether there are problem areas in your policies and procedures, to reduce risk of litigation, and protect your business when litigation occurs. 

Information governance audits are customized to meet your individual needs.  Some examples of the types of items reviewed include:

  • Record Retention Policies
  • Record Retention Schedules
  • Legal Hold Policies
  • Data Privacy and Security  Policies
  • Breach Response Policies
  • Acceptable Use Policies
  • Social Media Policies 
WHAT SETS US APART
  • Audited current information governance policies and procedures and developed new policies, including: Record Retention Policies (schedules and legal holds), Data Privacy and Security Policies (including HIPAA and HITECH compliance), Acceptable Use Policies, and Social Media Policies
  • Assessed and developed procedures for record retention and data breach response
  • Conducted employee training in information governance policies (in person and on-line)  
  • Creation and revision of employee manuals
HOW DOES AN EFFECTIVE INFORMATION GOVERNANCE PROGRAM HELP YOUR BUSINESS?
  • Understand what information there is and determine how to protect it and access it
  • Streamline, organize, and protect an organization’s critical information assets
  • Determine what information must be kept and how long to keep it
  • Protect against cyber and human risk factors
  • Assure regulatory compliance and effective responses to regulatory inquiries
  • Manage legal risk and technology costs
  • Help avoid costly discovery sanctions from poor handling of company information