Presentation is loading. Please wait.

Presentation is loading. Please wait.

This time it’s personal: consumerising records management

Published byChaya Fredricks Modified over 9 years ago

Similar presentations

Presentation on theme: "This time it’s personal: consumerising records management"— Presentation transcript:

1 This time it’s personal: consumerising records management
Sample 6 This time it’s personal: consumerising records management Michael Gallagher Glasgow City Archives IRMS Scotland Group 11 June 2013

2 Consumerising recordkeeping
Sample 6 Consumerising recordkeeping What is it? Why is it relevant to us? What can we do about it? How much of a change is it?

3 Sample 6 Planet of the apps? More iPhones sold each day than babies born worldwide Mobile devices outnumbered humans in 2012 Range of devices: Laptops, desktops, smartphones, tablets, notebooks.....notepads?

4 “Working 9 to 5” or “Eight Days a Week”?
Sample 6 “Working 9 to 5” or “Eight Days a Week”? Almost 50% while on holiday Almost 40% while commuting Almost 20% while driving 5% in a place of worship Source: Consumerization of IT Study: Closing the “Consumerization Gap”, IDC/Unisys, July 2011

5 “Bring Your Own Device”
Sample 6 “Bring Your Own Device” 75% of organisations currently support it – further 13% planning to by end of 2013 Good Technology survey, January 2013 47% of all UK adults use a personal smartphone, laptop or tablet for work YouGov survey, March 2013 80% will be doing it by 2016 Gartner, June 2012 48% of organisations would never allow it Cisco/Redshift Research, January 2012

6 Benefits Users like it Cost savings?
Sample 6 Benefits Users like it Cost savings? Increased productivity and flexibility Better technology

7 Challenges Loss of control of recordkeeping Compliance/legal
Sample 6 Challenges Loss of control of recordkeeping Compliance/legal Security risks Continuity and preserving the record

8 Loss of control Decentralisation of recordkeeping
Everyone is a records manager? What if the device gets lost, or the employee leaves? Distinction between device and data on it

9 Whose data is it anyway? Data Controller: “a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.” “It is important to remember that the data controller must remain in control of the personal data for which he is responsible, regardless of the device used to carry out the processing.” (ICO guidance, March 2013)

10 Compliance and legal issues
Sample 6 Compliance and legal issues Data protection and freedom of information obligations What legal right does an organisation have to look through my stuff? Balance between keeping company data secure and personal data private

11 Security risks Risks associated with mobile working in general
Sample 6 Security risks Risks associated with mobile working in general 34 (of 120) undertakings and 5 (of 32) civil monetary penalties related to loss of data using mobile devices FOI request to ICO (Jan 2011 – Jan 2013) Data less secure? Basic security measures, password, encryption, anti-virus High profile issue: threat of fines, reputational damage

12 Preserving the record 5% of corporate data stored ONLY on smartphones
Osterman Research, May 2011 Individuals making their own decisions on records management Value of records and the archive not immediate concerns Personal archives

13 Challenges Loss of control of recordkeeping Compliance/legal
Sample 6 Challenges Loss of control of recordkeeping Compliance/legal Security risks Continuity and preserving the record “Consumerisation cannot be stopped. It can only be dealt with.” BT white paper, The Future of the Office

14 Sample 6 Records manager IT Users HR Legal Finance

15 What are the options? Do nothing... Ban it Provide (and manage) it
Sample 6 What are the options? Do nothing... Ban it Provide (and manage) it

16 Managing BYOD Establish organisation’s level of influence
Sample 6 Managing BYOD Establish organisation’s level of influence Audit types of device/data Set the rules and create employee agreement Engage with users

17 High control * MoD High Low user focus user focus * University
Sample 6 High control * MoD Low user focus High user focus * University . * Charity Low control

18 Agreement with employees
Sample 6 Agreement with employees Assess existing policies and create a framework Alignment with IT, HR, Legal, Finance Who pays? What level of support is there?

19 Set out rights and responsibilities
Sample 6 Set out rights and responsibilities Organisation Employee Right of access to certain data Circumstances under which it can access it Level of support Powers and sanctions Follow all relevant policies and procedures Security measures Only access certain information Responsibilities at end of device’s life

20 Focus on data, not device
Sample 6 Focus on data, not device Separate corporate and personal data Classify data or users Make policies and procedures device-independent Work with IT on security and compliance Get data off device and keep safe while on it

21 Engage with users Individual responsibilities highlighted
Sample 6 Engage with users Individual responsibilities highlighted Not unique to the use of personal devices – reposition our efforts “...worrying lack of guidance from employers on use of personal devices.” (ICO, March 2013) How good RM can help users Manage privacy expectations

22 Conclusions We can’t stop consumerisation, but we can manage it
Sample 6 Conclusions We can’t stop consumerisation, but we can manage it Many challenges not unique to this environment Cooperation vital: with users, as well as IT, HR, management... Information sexy....information professionals too?

Download ppt "This time it’s personal: consumerising records management"

Similar presentations

1 K P M G L L P A D V I S O R Y Changes in the IT Audit Profession Stephen G. Hasty, Jr. National Partner in Charge IT Advisory Savannah, GA January 4,

1 K P M G L L P A D V I S O R Y Changes in the IT Audit Profession Stephen G. Hasty, Jr. National Partner in Charge IT Advisory Savannah, GA January 4,
Preventing Infringement of Intellectual Property (IP) Rights in the Workplace Awareness raising to how to prevent infringement within [business name] September.

Preventing Infringement of Intellectual Property (IP) Rights in the Workplace Awareness raising to how to prevent infringement within [business name] September.
Legal & Regulatory Compliance. Overview What types of information should be included? What issues or problems might there be? What benefits could be obtained?

Legal & Regulatory Compliance. Overview What types of information should be included? What issues or problems might there be? What benefits could be obtained?
1 Fortinet Confidential 1 T I T R E Fortinet 2013 Global Survey.

1 Fortinet Confidential 1 T I T R E Fortinet 2013 Global Survey.
THE DEPARTMENT OF HEALTH AND HUMAN SERVICES (HHS) OFFICE FOR CIVIL RIGHTS (OCR) ENFORCES THE HIPAA PRIVACY, SECURITY, AND BREACH NOTIFICATION RULES HIPAA.

THE DEPARTMENT OF HEALTH AND HUMAN SERVICES (HHS) OFFICE FOR CIVIL RIGHTS (OCR) ENFORCES THE HIPAA PRIVACY, SECURITY, AND BREACH NOTIFICATION RULES HIPAA.
Www.sophos.com/loveyourphone Mobile device security Practical advice on how to keep your mobile device and the data on it safe.

Mobile device security Practical advice on how to keep your mobile device and the data on it safe.
BRING YOUR OWN DEVICE Presenter: Rachelle R. Green Duffy & Sweeney, Ltd.

BRING YOUR OWN DEVICE Presenter: Rachelle R. Green Duffy & Sweeney, Ltd.
Bring Your Own Device (BYOD) Security By Josh Bennett & Travis Miller.

Bring Your Own Device (BYOD) Security By Josh Bennett & Travis Miller.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
MOBILE DEVICES & THEIR IMPACT IN THE ENTERPRISE Michael Balik Assistant Director of Technology Perkiomen Valley School District.

MOBILE DEVICES & THEIR IMPACT IN THE ENTERPRISE Michael Balik Assistant Director of Technology Perkiomen Valley School District.
Copyright © AIIM | All rights reserved. #AIIM The Global Community of Information Professionals aiim.org Information Management and Social Media Jesse.

Copyright © AIIM | All rights reserved. #AIIM The Global Community of Information Professionals aiim.org Information Management and Social Media Jesse.
Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.

Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
Jisc Legal. John X Kelly - Mobile Devices - BYOD.

Jisc Legal. John X Kelly - Mobile Devices - BYOD.
International Telecommunication Union HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa, TRAINING /DATA PROTECTION LAW.

International Telecommunication Union HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa, TRAINING /DATA PROTECTION LAW.
International Employment – latest Digital Employment issues Melanie Lane and Karine Audouze.

International Employment – latest Digital Employment issues Melanie Lane and Karine Audouze.
Information & Compliance UL University of Limerick & UL employees obliged to comply with certain legislation, including: Freedom of Information.

Information & Compliance UL University of Limerick & UL employees obliged to comply with certain legislation, including: Freedom of Information.
Critical Data Management Indiana University HR Summit April 24, 2014.

Critical Data Management Indiana University HR Summit April 24, 2014.
Developing a Records & Information Retention & Disposition Program:

Developing a Records & Information Retention & Disposition Program:
2. 11 Rights of employers and employees. 2.11 Rights of employer and employees Rights and responsibilities  Both employees and employers have legal rights.

2. 11 Rights of employers and employees Rights of employer and employees Rights and responsibilities  Both employees and employers have legal rights.
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Similar presentations

Ads by Google