Modern technology has made it easier than ever to hold onto vast amounts of documents and information, and many organizations are doing this without even first considering whether they should hold on to that information. And beyond the storage costs, there can be far greater increased costs. These include the risks of data breaches, recordkeeping compliance penalties, and those difficult to quantify, but ever-present, soft costs associated with so much information, such as increased time spent searching for particular items and increased eDiscovery costs. This article will explore the need for information governance, the basic idea behind it, and conclude with a brief discussion of legal holds.
One of the simplest explanations for why organizations will hold onto so much information—and why an information governance policy is needed—is to understand the individual decision makers within an organization and their motivations. An individual faced with the question of disposing of something or keeping it must decide between one option with potentially large risks and another option with none. If something is disposed of, it could potentially be needed for business, regulatory or other reasons further down the road. To know whether the information is needed for one of these purposes may require a somewhat lengthy investigation or series of emails. Alternatively, the document can simply be kept—a decision that takes almost no time and likely uses a negligible amount of storage space. But now imagine every single person across an entire organization making the same calculus, day after day, and year after year. Simply put, an organization’s “policy” should not be based on an individual’s fear of being the one who deleted something they shouldn’t have.
