You are currently viewing Organize or Die – My Information Governance Journey 

Organize or Die – My Information Governance Journey 

Catchy title?  Now that I have your attention let me share a little bit of my journey with you.  Ever since I was a kid, I’ve been obsessed with organizing things. Be it my toys, books, or even my room, there was something incredibly satisfying about creating order out of chaos.  Even my little green army men had to be put away with the exact or similar figures in sandwich baggies.   

It hasn’t changed even in my ripe middle-age life.  The kitchen, closet, and my working area is pretty well-organized…not perfect, but acceptable.   It’s not an obsession, but it just makes sense so that I can focus on the important matters of the day rather than spending time trying to find things. 

Perhaps this innate desire to control the uncontrollable was what led me to a career in data recovery, computer forensics, and eDiscovery – fields that are all about making sense of the vast and messy digital world we live in.  I found comfort in finding documents, emails, and other content that had patterns in the “what”, “who”, “how”, and “when” in order to figure out the “why”.   

As I continued to explore this in my career, I naturally gravitated towards Information Governance (IG), the art of applying policies to the heaps of data that businesses generate every day.  

Information Lifecycle Management

Did you know that, according to Gartner, the average cost of poor data quality on businesses amounts to anywhere between $9.7M to $14.2M annually? 

In particular, I’ve recently spent a lot of time focusing on the challenges of IG within Microsoft M365, which offers a range of tools to help organizations manage their data.  

I personally believe the most critical component in making the most of these tools in Microsoft M365 is having people who know how to assess, plan, and implement IG policies effectively. 

The Power of Microsoft M365 for Information Governance 

Microsoft defines Microsoft M365 as a powerful platform for businesses of all sizes, and its suite of applications offers a range of tools to help organizations get a handle on their data. However, it’s important to remember that simply having access to these tools is not enough – you need a team that knows how to use them effectively to implement your organization’s IG policies. 

Let me give you an example: 

Imagine a healthcare organization, we’ll call them “HealthCarePlus”, underwent a digital transformation with a shift to Microsoft M365. The company identified the need for a robust Information Governance (IG) program to manage the all of the data types it has – from patient records and billing details to internal communications and vendor contracts. 

To align IG with their overall business strategy, they started by identifying their key objectives: 

  • Compliance: They needed to ensure compliance with regulations such as HIPAA (Health Insurance Portability and Accountability Act)GDPR (General Data Protection Regulation), and state-specific data privacy laws. 
  • Security: Given the sensitive nature of healthcare data, they prioritized stringent security measures to prevent data breaches and maintain patient trust. 
  • Efficiency: They wanted to improve operational efficiency by making relevant data accessible to authorized personnel when needed, eliminating data silos. 

Once the objectives were clearly defined, HealthCarePlus assigned roles and responsibilities for IG and established a cross-functional IG committee that includes representatives from IT, legal, compliance, and business units. This team collaborated to develop and enforce the IG policy, ensuring that the objectives are met. 

The IG policy was clearly communicated throughout the organization through multiple channels, so everyone understood their role in data management. Regular audits and reviews are now scheduled to ensure ongoing compliance and make necessary adjustments in response to evolving regulations or organizational changes. 

By aligning their IG policy with their overall strategy, HealthCarePlus ensures that their shift to Microsoft M365 not only enhances their data management practices but also supports their business goals. 

Tips and Tricks for Microsoft M365 Information Governance 

Here are some practical tips to help you make the most of M365 for your Information Governance efforts: 

  1. Start by assessing your organization’s current data landscape. Identify the types of data you’re dealing with, where it’s stored, and what potential risks or regulatory requirements you need to address.  This is going be drastically different for organizations that are regulated as well as global companies dealing with GDPR requirements.  
  2. Develop a clear IG policy that outlines your organization’s objectives, roles, and responsibilities. This policy should align with your overall business strategy and be flexible enough to adapt to changing needs. Your stakeholders and users should be able to articulate your program’s value proposition and Return on Investment (ROI) specifically aligned with the organization’s strategy. 
  3. Leverage M365’s built-in tools, such as Data Loss Prevention, Advanced Data Governance, and eDiscovery, to manage your data effectively. These tools can help you classify, retain, and protect your sensitive information, as well as streamline the eDiscovery process.  The Kindato eDiscovery team spends most of our time automating these workflows within M365 as well as with other 3rd party applications. 
  4. Train your team on the importance of IG and how to use M365’s tools effectively. Remember, your people are the most critical component of a successful IG strategy.  The people side is often overlooked and is the most important aspect of evolving your information governance program.  Change management is hard and requires patience, passion for IG, and excellent training materials.  I find the old adage of “Tell them what you’re going to tell them, Tell them, and then Tell them AGAIN”.  Reinforcement is key. 
  5. Regularly review and update your IG policies and procedures to ensure they remain relevant and effective. This includes monitoring the use of M365 tools and identifying areas for improvement.  Technology can be used to automate this process, but people need to be heavily involved to successfully manage the long-term aspect of the IG program.  

Wrapping Up 

Embarking on an Information Governance journey with Microsoft M365 can seem daunting, but with the right approach, it can be an exciting opportunity to create order out of the chaos of your organization’s data. Remember, the key to success is not just having access to powerful tools, but also having people who know how to use them effectively. 

So, don’t wait any longer – take the first step towards better Information Governance by assessing your organization’s data landscape and developing a clear policy to guide your efforts.  

In the words of one of my favorite historical figures, Benjamin Franklin, “For every minute spent organizing, an hour is earned.” It’s time to start earning those hours – and making the most of Microsoft M365 for your Information Governance 

If you’re looking for expert guidance, the team at Kindato is here to help you navigate the complex world of IG, eDiscovery, and migrations for Microsoft M365 through every step of the process.