Meeting Evolving Business Needs: A Conversation Between RIM Educators and Thought Leaders

ICRM will not only conduct their spring Board and Business meetings at the MER Conference next May in Chicago, but will also facilitate a panel discussion  “Meeting Evolving Business Needs: A Conversation Between RIM Educators and Thought Leaders.” 

The panel of experts include: John Isaza, Esq, FAI, Rafael Moscatel, CRM, IGP, CIPM, and Wendy McLain, MLIS, CRM.  The panel of Academic Partners include: Patricia Franks, Ph.D, CRM, CA, IGP – San Jose State University; Gregory S. Hunter, Ph.D, CA, CRM, FSAA – Long Island University, Palmer School of Library and Information Science, and Tao Jin, Ph.D – Louisiana State University, School of Library and Information Science.

The desired outcome is to expand and nurture an ongoing and productive dialogue between our profession and academic institutions to ensure graduates are well prepared to fill current and future positions in key areas of Records and Information Management (RIM) and Information Governance (IG).  If interested in joining us at the MER Conference – go to their website and register for conference.  https://www.merconference.com/

Great Scott! A True Story Illustrating the Importance of Ethics in Privacy and Records Management

Truth is stranger than fiction…

There’s a memorable scene in Back to the Future 3 where Marty receives a Western Union telegraph from Doc almost a century after it was originally mailed, warning him of events to come. Seems an unlikely possibility that any organization would honor such a request to preserve, protect and deliver documents for so long. However, that’s exactly what happens every day, all over the world, and it happened to me only a few years ago when I found out I was adopted at the age of 33! The experience was so life changing that I made a film about it which is finally available this month on Amazon and Itunes.

The Little Girl with the Big Voice, A Documentary on iTunes

The State of California, to whom I wrote a letter verifying my identification, swiftly wrote me back with a manila envelope containing a treasure trove of documents gathered from multiple state agencies. In the package were details from social workers, hospitals, doctors and even notes from my biological parents! They were all free of charge and kept under seal for over three decades! We take these systems for granted nowadays but can you imagine how effective a system must be to protect my information for this long, over so many administrations and to do it largely without computers? What really makes these processes work is not technology of course, it’s people. But what motivates these people to do such a thing?

Adoption details from the State of California

An honorable discipline based on ethics.

I’ll tell you what my own epiphany was, as somebody who works in the fields of Information Governance and Privacy… and that was that record keeping, and those who perform it, are part of the ethical backbone that so much of our society relies on. This often thankless discipline codifies and exemplifies the altruistic commitment we have, and must continue to have to one other. It’s a commitment to value the records and history that tell us who we are and a pledge to protect those records as a matter of ethics ethics and common values. It’s one of the reasons Archives and Records Management has been a passion of mine for so many years.

What can we, as information managers, learn from all of this?

With Joe Franklin

The new era of Privacy is a boon for Records Management because it underscores the truth that the most important data and records are not just necessary for business continuity, death and taxes but are personal. The return of the discussion of privacy as a fundamental right is not new of course. It’s written into the Constitution in the 4th Amendment. It has been defined historically through almost all cultures and even has biblical roots. Privacy a gift that we’re just beginning to learn how to appreciate again and a silver lining in a world struggling so hard to protect it.

Making The Most Out of A Retention Schedule – A New 7-Minute Master Series from CAPP

A Records Retention Schedule is a TOOL that EMPOWERS organizations to GOVERN and DEFENSIBLY DISPOSE of their information.

Records retention is first and foremost about complying with laws and regulations. However, a retention schedule, when properly developed and utilized, is not simply a tool that tells you how long you must keep (or when to destroy) your records, it is a blueprint that provides powerful insight into the information lifecycle and knowledge management capabilities of your company as a whole.  It saves you money on storage and helps shape the way you curate your information enterprise-wide.

Records retention is first and foremost about complying with laws and regulations. However, a retention schedule, when properly developed and utilized, is not simply a tool that tells you how long you must keep (or when to destroy) your records, it is a blueprint that provides powerful insight into the information lifecycle and knowledge management capabilities of your company as a whole.  It saves you money on storage and helps shape the way you curate your information enterprise-wide.

OUR RETENTION SCHEDULES:

Serve as a primary tool for ensuring records compliance with federal, state, local laws, regulations and business requirements
Identify business continuity records
Document all records categories, records formats, systems of record, retention requirements and data classifications
Can be updated automatically and integrate with IT infrastructure

Reach out to us today to schedule a free consultation at 323-413-7432

California Dreamin’ – A Free Roadmap For your CCPA Journey

What is the CCPA and why should you care?

In response to recent stateside efforts to enshrine data protection including the California Consumer Privacy Act (CCPA), organizations are revisiting the efficacy of their Data and Information Governance (IG) programs. Laws and regulations vary by industry and company size. Yet each intend to protect consumer’s personal data by prescribing technical and governance standards backed by stiff penalties for non-compliance.


What you need to know and do to ensure compliance with California’s new Consumer Privacy Act

New regulations governing use of customer and personal data needn’t be burdensome.  Rather, they help reduce expenses and monetize the information lifecycle, identify opportunities for better governance to avoid fines and litigation exposure and foster trust to enhance customer experiences. Download this FREE detailed CCPA roadmap to see how you can get your company on the path to compliance.


This slideshow requires JavaScript.

Our CCPA and GDPR engagements include:

  • Data and resource mapping
  • Conducting gap and risk assessments
  • Controls evaluation to standards
  • Establishing governance with clearly defined roles and responsibilities
  • Policies and procedures review
  • Domestic and International legal review of privacy and security policies to fit the organization’s risk profile and culture
  • Consumer data request and delivery mechanism (including website notices)
  • Providing education and training
  • Design of role-based access control (RBAC) rights
  • Privacy impact assessment (PIA/DPIA) during product design

Third Party Due Diligence Support

  • Pre-contract due diligence and consulting
  • Cloud services guidance
  • Managed security services (build or buy guidance)
  • Third-party management program/policy

Our consulting and software solutions enable clients to comply with CCPA provisions 1798.110(a)(4), 1798.100, 1798.105, 1798.110, 1798.120, 1798.145, 1798.140, 1798.150


Call us today to see how we can help you with:

  • California Consumer Privacy Act of 2018, Amendments and Rulemaking
  • HIPAA/HITECH Security, Privacy and Breach Notification Rules
  • Generally Accepted Privacy Principles (GAPP)
  • EU’s General Data Protection Regulation (GDPR)
  • ISO/IEC 27001-2:2013
  • CIS Top 20 Critical Security Controls (CA AG requires)
  • SEC OCIE Cybersecurity Initiative
  • NIST Cybersecurity Framework
  • U.S. Sentencing/DOJ/OIG Guidelines for Effective Compliance (program foundation)
  • Applying Risk Management Program Management and Principles