Iron Mountain Policy Centre Enterprise Edition solution brief

Solution Guides

You're responsible for implementing controls and policies to ensure your organization is complying with laws and regulations.

18 April 20236 mins
Download Resource
Iron Mountain ® Policy Center Solution Enterprise Edition - People Discussing | Iron Mountain

Business challenge:

You’re responsible for implementing controls and policies to ensure your organisation is complying with laws and regulations such as the Protection Of Personal Information Act (POPIA) which came into force on the 1st of July 2021, or the General Data Protection Regulation (GDPR). This includes interpreting laws and identifying compliance requirements for managing information, such as retention rules and privacy obligations, so you can properly protect and legally dispose of information when it’s no longer required. That’s challenging when the regulatory environment is constantly changing due to existing and new regulations, such as the evolving global privacy regimes.

How this affects you:

  • You lack guidance and automated tools to enable compliance with changing regulations.
  • You’re incurring unnecessary cost and risk by keeping information for longer than is required for legal, regulatory or business purposes.
  • You aren’t easily able to communicate policy changes to information owners and show compliance to regulators.

Industry Fact

The global average cost of a data breach is $3.92 million. The average size of a data breach is 25,575 records.

Source: Ponemon Institute, “Cost of a Data Breach Study”

What if you could:

  • Receive expert guidance and tools to comply with the evolving global retention rules and privacy regimes along with other regulations that govern you?
  • Receive continuously updated retention and privacy requirements so you can keep your policy management connected and dispose of information when it’s no longer required?
  • Provide online visibility into the latest version of your retention schedule, privacy obligations and critical information about your business processes that contain personal data?

Policy Center Enterprise Edition: know your obligations. Show compliance.

Advisory services

Our Advisory Services team with deep information governance (IG) expertise will guide you through the process of creating or revamping your information management policies for records retention and data privacy as part of the IG Program Development service. You’ll receive expert guidance on how to optimise your privacy policy and records classification scheme based on best practices, the level of granularity you need, and your risk appetite. You’ll work together to define your subscription to legal research on updates to retention and privacy requirements based on where you operate and the types of law required to support your retention and privacy policies. You can also receive support in mapping your business processes that contain personal data.

You'll be able to

  • Keep your retention and privacy policy management connected, current and compliant
  • Save on information storage costs
  • Reduce unnecessary exposure to data breaches
  • Reduce effort of responding to privacy requests
  • Quickly locate personal information to help your company respond to privacy issues and requests
  • Reduce risk of fines
  • Distribute policy to content owners and infrastructure
  • Quickly access what you need when you need it
  • Join a collaborative user community

Policy centre

You'll be able to keep your records retention and data privacy policy management connected, current and compliant through the cloud-based Policy Centre portal. As laws change, you can count on high quality research from our international network of law firms to know how changes impact your organisation so you can update your policies accordingly. Available as a subscription service, you'll receive a feed of fully cited and summarised legal citations with a simple explanation of the requirements to empower your decisions on retention rules and privacy obligations that make sense for your organisation. With filters you can easily view which record classes and types in your retention schedule are affected by privacy law.

To show compliance, you’ll have tools to document critical information about your business processes that contain personal data, enabling compliance with the most relevant data privacy laws regulations, such as the Protection Of Personal Information Act, or POPIA, Article 17. You’ll be able to create visual maps to centrally see where personal data lives, who owns it, what process it’s a part of and what are your retention rules and privacy obligations for it. In your maps you can show the movement of personal data within and outside of your organisation so you can quickly identify where personal information is located to help your company respond to time-sensitive issues, such as data breaches, subject access requests, data erasure requests, audits and litigation.

Employees in your organisation can easily access the latest version of your retention schedule and privacy policies online, using custom views and advanced search to filter to only the retention rules and privacy obligations that apply to them. You also have the option to connect policy to your content infrastructure through an open application programming interface (API).

Complementary services

To help assess your information management policies, procedures and platforms and readiness to comply with the regulations that govern you, our Advisory Services team can provide you an in depth assessment and roadmap to help you achieve your goals through the IG Assessment service.

With up-to-date and connected retention and privacy policies, you’re in a good position to clean up your legacy content through our Content Classification service, leveraging our proprietary classification rules database that systematically calculates destruction eligibility according to your retention schedule. You can unlock the power and value hidden in your data, both physical and digital, through Iron Mountain Insight® Enterprise Edition. Our cloud-based content services platform can help accelerate digital transformation, reduce risk and drive compliance, while allowing you to focus on the analysis needed to empower business decisions. Policy Centre is also integrated with our Iron Mountain InSight® Enterprise Edition and Workflow Automation™ powered by Hyland solutions.

When your information has met your organisation’s requirements of retention, our Shredding service and Secure e-Waste and IT Asset Disposition service will enable you to destroy it, confident that you are complying with regulations governing information destruction. For information you’ll be retaining, you can use our Secure Storage Services to secure and protect your valuable information. Iron Mountain’s InSight ® Essential Edition is a subscription solution that combines Document Scanning of physical documents and digital storage in a secure cloud repository.

 

Related resources

View More Resources
Premium
Blogs and Articles

Protection of Personal Information Act (POPI Act) and Records Management

This guide will answer your frequently asked questions (FAQ’s) about the impact the Protection of Personal Information Act (POPIA) is going to have on your business of records management.
21 November 2024
Blogs and Articles

Behind the Mountain - Kebaabetswe Molokwane

Behind the Mountain introduces you to the people who work together to help you get the most value from your information. These are the people who go the extra mile every day and make Iron Mountain. Today, we introduce to you: Kebaabetswe Molokwane, Customer Service Manager South Africa
16 October 2024
Blogs and Articles

Building a data lifecycle management strategy in the era of digital transformation

Digital transformation defines how and where to do business; how to service customers; how to serve mobile users; how to manage and attract employees; and how to drive innovation and competitive advantage.
16 October 2024
View More Resources