Articles

You Need Only Two Letters Today to Keep Up with the “Alphabet Soup” of Compliance

Written by Doug Austin, Editor of eDiscovery Today

Back in November, I wrote on this blog about Big Data being one of the challenges that is forcing technology to move more to the data sooner in the discovery process. One of the most notable fun facts that illustrate just how much bigger Big Data is getting is that our accumulated digital universe of data will grow from 0.1 zettabytes in 2005 (when the EDRM model was created) to around 163 zettabytes, or over 163 trillion gigabytes in 2025.  That’s over 1,630 times as much data – in just twenty years!

But it’s not just the size of the data, it’s what you do with it. Today, there are numerous compliance requirements that organizations face that dictate not only how they handle their organizational data, but also that of their customers and individuals for whom they may store data within their ecosystem. If you have compliance responsibilities within your organization, you know that it’s a veritable “alphabet soup” of regulations to adhere to in today’s world. You probably know the first two, but do you know all the others?

The “Alphabet Soup” of Compliance in Organizations Today

If you are subject to GDPR or CCPA, you also may need to respond to these:

If you work with Federal agencies, you need to be aware of this one:

Additional Regulations by Type of Data

There’s even more “alphabet soup” when it comes to the type of data you need to protect, such as:

  • Personally Identifiable Information (PII): This is for information that can be used to uniquely identify, contact, or locate a person. PII is a superset of other personal information types such as PHI, PCI and PFI (see below).
  • Protected Health Information (PHI): Individually identifiable health information, regulated by HIPAA
  • Payment Card Industry (PCI): Information related to credit, debit, or other payment cards, regulated by PCI-DSS.
  • Personal Financial Information (PFI): Individual’s unique personal financial information including portfolio holdings, banking information, transaction data, etc.

You get the idea. With Big Data growing at the pace identified above, there are so many regulations to comply with and so many types of data to track compliance for that organizations today must leverage technology to effectively keep up with the “alphabet soup” of data compliance.

Two Letters to Keep Up with Your Organization’s “Alphabet Soup”

So, what two letters will help your organization keep up with the compliance requirements associated with all those other letters? AI. That’s right, today’s organizations can no longer rely on just policies and procedures to keep up – they must leverage technology and that includes artificial intelligence to identify sensitive data within their organization.

AI-based automatic classification algorithms can be trained to identify key sensitive information (including personal information) allowing for automated identification (and even remediation of sensitive information when necessary) to streamline an organization’s requirements to keep up with the “alphabet soup” of compliance today.

Note: the Digital Government Institute (DGI) eDiscovery, Records & Information Management Virtual Conference is tomorrow, March 25, and IPRO is a sponsor and participant at the conference. Brandon Balsley, Product Marketing Manager at IPRO will be leading the session Top Challenges for FOIA Professionals Today at 9:15am ET.  Complete agenda for the conference is here and the link to register is here. Come check it out!

For more educational topics from me related to eDiscovery, cybersecurity and data privacy, feel free to follow my blog, eDiscovery Today!