Iron Mountain® Policy Centre Enterprise Edition
You’re responsible for implementing controls and policies to ensure your organisation is complying with laws and regulations. This includes interpreting laws and identifying compliance requirements for managing information, such as retention rules and privacy obligations, so you can properly protect and legally dispose of information when it’s no longer required.
Business challenge
You’re responsible for implementing controls and policies to ensure your organisation is complying with laws and regulations. This includes interpreting laws and identifying compliance requirements for managing information, such as retention rules and privacy obligations, so you can properly protect and legally dispose of information when it’s no longer required. That’s challenging when the regulatory environment is constantly changing due to existing and evolving regulations.
How this affects you:
- You lack guidance and automated tools to enable compliance with changing regulations.
- You’re incurring unnecessary cost and risk by keeping information for longer than is required for legal, regulatory or business purposes.
- You aren’t easily able to communicate policy changes to information owners and show compliance to regulators.
What if you could...?
- Receive expert guidance and tools to comply with regulations that govern you?
- Receive continuously updated retention and privacy requirements so you can keep your policy management connected and dispose of information when it’s no longer required?
- Provide online visibility into the latest version of your retention schedule, privacy obligations and critical information about your business processes that contain personal data?
- Industry fact
The global average cost of a data breach is $3.92 million. The average size of a data breach is 25,575 records.
Source: Ponemon Institute, “Cost of a Data Breach Study
Advisory services
Our Advisory Services team with deep information governance (IG) expertise will guide you through the process of creating or revamping your information management policies for records retention and data privacy as part of the IG Program Development service. You’ll receive expert guidance on how to optimise your privacy policy and records classification scheme based on best practices, the level of granularity you need, and your risk appetite. You’ll work together to define your subscription to legal research on updates to retention and privacy requirements based on where you operate and the types of law required to support your retention and privacy policies. You can also receive support in mapping your business processes that contain personal data.
Policy centre
You’ll be able to keep your records retention and data privacy policy management connected, current and compliant through the cloud-based Policy Centre solution. As laws change, you can count on high quality research from our international network of law firms to know how changes impact your organisation so you can update your policies accordingly. Available as a subscription service, you’ll receive a feed of fully cited and summarised legal citations with a simple explanation of the requirements to empower your decisions on retention rules and privacy obligations that make sense for your organisation. With filters you can easily view which record classes and types in your retention schedule are affected by privacy law.
To show compliance, you’ll have tools to document critical information about your business processes that contain personal data, enabling regulatory compliance. You’ll be able to create visual maps to centrally see where personal data lives, who owns it, what process it’s a part of and what are your retention rules and privacy obligations for it. In your maps you can show the movement of personal data within and outside of your organisation so you can quickly identify where personal information is located to help your company respond to time-sensitive issues, such as data breaches, subject access requests, data erasure requests, audits and litigation.
Employees in your organisation can easily access the latest version of your retention schedule and privacy policies online, using custom views and advanced search to filter to only the retention rules and privacy obligations that apply to them. You also have the option to connect policy to your content infrastructure through an open application programming interface (API).
Complementary services
To help assess your information management policies, procedures and platforms and readiness to comply with the regulations that govern you, our Advisory Services team can provide you an in depth assessment and roadmap to help you achieve your goals through the IG Assessment service.
With up-to-date and connected retention and privacy policies, you’re in a good position to clean up your legacy content through our Content Classification service, leveraging our proprietary classification rules database that systematically calculates destruction eligibility according to your retention schedule.
When your information has met your organisation’s requirements of retention, our Secure Shredding service and Secure e-Waste and IT Asset Disposition service will enable you to destroy it, confident that you are complying with regulations governing information destruction. For information you’ll be retaining, you can use our Secure Storage Services to secure and protect your valuable information. Combine Document Scanning of physical documents and digital storage in a secure cloud repository with Iron Mountain InSight® Essential Edition.