Out with the old: 5 reasons to begin the new year by cleaning out your data

Whitepaper

In many organizations, only 15% of the stored data is actually valuable. Much or the rest is redundant, obsolete, and trivial (ROT). While most organizations have retention policies that mandate defensible deletion of this ROT, policies often go unenforced. If this is happening at your organization, this paper offers five reasons to spend some time cleaning up your files, as well as tips for helping your efforts succeed.

September 2, 202412 mins
Digital folders photo

Redundant, obsolete, and trivial

As each new year rolls around, many people feel inspired to make a change that will improve their life. Top new year’s resolutions in a recent Forbes Health survey include improving fitness (48%), improving finances (38%), improving mental health (36%), and losing weight (34%).

Organizations often have even more need for improvement. More specifically, they need to de-clutter.

One report finds that executives believe only 15% of their stored data is actually valuable. A third of their data they know to be redundant, obsolete, or trivial (ROT), and another 52% is unknown.

And the problem is getting worse.

Data volumes continue to grow. Statista estimates that the global amount of data created, captured, copied, and stored could reach 181 zettabytes by 2025. To put that in context, 1 zettabyte is a trillion terabytes or a sextillion bytes. For comparison, there are about 7.5 sextilliongrains of sand on earth, which means the planet will hold 24 times as much data as grains of sand.

That data growth is having a big impact on businesses. As enterprises generate and acquire more valuable data, they also find themselves with ever-increasing volumes of ROT.

This shouldn’t be the case, of course. Most organizations have records retention schedules that mandate defensible deletion of data, and these policies should help them eliminate ROT. A PwC survey finds that only 7% of companies surveyed do not have a formal information governance process, and only 6% lack a data retention and elimination policy.

But many of those processes and policies are failing or inadequate. Four out of ten respondents say their formal information governance processes were only partially implemented or needed improvement. And 38% say their organization has not properly implemented their data retention and disposal schedules.

In other words, companies and their employees know that they have data that should be deleted or destroyed, but that often isn’t happening. Why not? Why should companies care? Why don’t employees get rid of old data?

It seems like deleting files or shredding paper that has reached its expiration date would be a fairly easy policy to implement. After all, hitting the delete key or sticking something in the shredder doesn’t take a lot of time or energy.

However, holding on to clutter is deeply rooted in human psychology, make it difficult for employees to actually implement these policies:

  • Analysis paralysis — People make as many as 35,000 decisions a day. Each of those decisions requires effort and can add to stress. If people can avoid some of this effort by putting off a decision that doesn’t seem that important—like a decision to destroy a file—they will.
  • The bystander effect — If you see an emergency situation, but there are a lot of people who aren’t taking action, chances are high that you won’t do anything either. If employees don’t see other employees actively deleting and shredding files on a regular basis, they might conclude that it’s not that important, or that it isn’t their responsibility.
  • Just-in-case — Many office workers worry that they might eventually need a particular document, so they save it just in case. This phenomenon can be even greater if the employee has reason to believe that not finding important data could have career-related consequences. Some organizations also have a just-in-case strategy for inventory management, or other functions, and that approach can extend into other areas of the corporate culture.
  • Ambiguity — Sometimes the records retention schedule doesn’t cover all categories of documents, or isn’t entirely clear. For example, if product documentation should be kept until the end of life of the product, when is that? Document deletion after employee separation can also be difficult because employees don’t want to lose access to their former co-worker’s files.
  • Technological challenges — Data resides in many digital formats, applications and systems. It can be hard to devise ways to identify and delete the redundant, obsolete and trivial (ROT) when data storage is so diverse.
  • Physical challenges — Sometimes data is in paper files placed in boxes and shoved to the back of a shelf or cabinet. Going through those boxes to see what they contain will require effort, and the potential benefit might not seem worth the trouble.
  • Lack of budget — Organizations often fail to plan for the costs involved in document destruction. Those costs can include employee time, equipment, or fees paid to suppliers.

Reasons to clean out your data

With all those reasons for employees to avoid data destruction, is it worth trying to motivate employees to clean out the redundant, obsolete or trivial?

In a word, yes.

The potential benefits of properly disposing of data far outweigh the effort—and expense—of doing nothing. Here are five of the biggest reasons to clean out your old data:

1. Comply with relevant regulations

One of the most compelling reasons for organizations to clean out their data is to comply with relevant regulations. An information governance (IG) World InformationGovernance survey asked information governance professionals to rate the importance of different drivers on a scale from 1 to 5. It finds that “The strongest drivers of IG within organizations increasingly continue to be external regulatory/compliance/legal obligations (with a notable rise in this score from 3.35 to 4.17 out of 5.0).”

This rise in concern about compliance stems from the rising number of relevant regulations. By one estimate, businesses may be subject to between 8,000 and 15,000 different regulations that relate to data retention. And governments around the world pass new laws or update existing data retention regulations nearly 200 times a day.

Each of those regulations can be complex. For example, the European Union’s General Data Protection Regulation (GDPR) is one of the world’s most comprehensive privacy laws, and it is becoming a model for other parts of the world. GDPR says that organizations can only keep an individual’s personal data for as long as necessary to perform the task for which it was collected. That means organizations need to keep track of why they collected the personal data and when that goal was accomplished, which can be a difficult task. In addition, that same law provides citizens with the right to be forgotten. In other words, organizations must delete an individual’s data when asked—another task that can be difficult when data is spread through multiple applications and systems.

While estimates on how much it costs to comply with regulations vary, it’s definitely expensive. Some experts say $10,000 per employee, while others say an average of $5.47 million annually for large multinational enterprises.

But they all agree that non-compliance costs much more. In fact, the Ponemon Institute found that large organizations that fail to comply with privacy regulations average about $14.82 million in costs per year.

The threat of fines and penalties provides a powerful incentive for organizations to delete old data that is no longer serving a purpose.

2. Decrease risk

In that IG World survey, the second biggest driver for information governance efforts is a desire to “cut risks [regarding] data that could have been defensibly deleted.” That makes sense given enterprises are extremely focused on minimizing their risk. That’s made abundantly clear by a 2023 Economist survey in which 90% of executives say that identifying risks has become more important for their organization.

What kind of risk does undeleted data pose?

For one, it increases the potential impact of a cyberattack. Cyber crime is big business, and it’s on the rise. According to IT Governance, there were 2,814 known data breach incidents in 2023, affecting more than 8.2 billion records. That’s a sharp increase from the 1,063 security incidents affecting 480 million records in 2022.

And each incident is becoming more expensive. IBM reports that the average cost of a data breach was $4.45 million in 2023. That’s a 2.3% increase over 2022, and a 15.3% increase over 2020.

Storing data longer than necessary can also escalate an organization’s legal risk, as well as the costs of eDiscovery. Similarly, for government organizations, it can intensify costs and risk related to complying with the Freedom of Information Act (FOIA) and similar legislation.

In addition, having old data lying around increases the chances that someone will use faulty data for decision making. If you don’t have good data quality processes in place, bad data can easily creep into analytics and infect your strategic planning.

Lastly, failing to follow retention policies can clog up your organization, hampering productivity.

3. Improve efficiency

For a couple of decades now, business leaders have been hearing about the benefits of big data. In some cases, that has led to the impression that having more data is always better.

But analysts and data scientists say that isn’t always true.

Depending on which study you read, data analysis professionals typically spend somewhere between 40% and 80% of their time cleaning and configuring data. That’s a problem for businesses because these roles are some of the highest paid in most organizations. According to Indeed, data scientists in the US make ~$124,000 per year, and their earnings can be even higher in certain areas. If these professionals are spending all their time cleaning data, companies won’t be able to reap the full value of their expertise. And the more bad data an organization has, the more time data cleansing tasks consume.

But failing to defensibly delete files in a timely manner doesn’t only affect data analysts—it can hamper line of business professionals as well. In the same way that the phenomenon of analysis paralysis can make it difficult to decide which files to destroy, it can hamper other business decisions as well.

In a recent survey, 74% of those surveyed say they are making ten times more decisions every day than they were three years ago. More than three-quarters (78%) say that they are sorting through more data than ever before, and 86% say this huge influx of data is complicating the decision process. As a result, seven out of ten feel so overwhelmed that on at least one occasion, they gave up on making a decision, and 89% of business leaders say this situation has negatively affected their organizations.

Your employees need data to make good decisions—but it needs to be accurate, up-to-date data in manageable volumes. A data cleanup effort can help make that possible.

4. Reduce costs

Defensibly destroying files on schedule can also help reduce expenses. Paper files can be particularly costly to store and manage. First you have the cost of the paper, plus the expense of file cabinets or boxes, plus real estate or off-site storage. Then you have to add in the lost time that employees spend managing documents and searching for files. Iron Mountain calculates that businesses waste $600 per employee on paper files, and they spend another $1,500 per file cabinet or box per year to manage those paper files.

While storing digital files isn’t as costly from a storage and real estate perspective, IT costs for hardware and/ or cloud services, and staff time can still add up. As the volume of data stored increases, so does the cost of compliance—as well as the potential fines for non- compliance. More data is also more expensive to secure— and more costly if the organization experiences a data breach. And excessive data drives up labor costs by hindering efficiency and productivity.

So while it might seem like keeping old files isn’t that expensive, the true costs are far higher than most people realize.

5. Promote a data culture

The last reason to clean out your old files is a little bit harder to quantify. Getting rid of redundant, obsolete and trivial (ROT) information can help promote a data culture, an organizational ethos that values data-driven decision- making.

Experts say that fostering this mindset among employees can be extremely valuable. “The benefits of a data-driven culture is to examine and organize the data with the goal of better serving one organization’s customers and consumers,” says Alan Duncan, Vice President Analyst at Gartner. “It also bolsters and speeds up business decision-making processes.”

Forrester’s Kim Herrington agrees, writing, “While the tech sets the stage for an insights-driven transformation, nurturing a people-centric data culture is as important, especially as tech and data executives understand how employees are, and are not, making good decisions.”

But while most executives want to build a data culture, few of them are succeeding. A recent Harvard Business Review report finds that only 20.6% of those surveyed say their companies have established a data culture. This is actually a decline from 28.3% who said the same four years earlier.

In that same report, 79.8% of business leaders say that cultural obstacles—not technology—is their biggest barrier to becoming more data-driven. Given these results, it’s not surprising that only 23.9% of respondents indicated that they have built a data-driven organization.

Launching a single initiative to clean up data ROT won’t be enough on its own to build a data culture. But these kinds of projects do help to send the message that a company takes its data very seriously. And when combined with other efforts, defensible data destruction can help you instill positive data practices throughout your organization.

5 services for cleaning up your records

If you’re ready to start cleaning out your data, Iron Mountain has a variety of services that can help:

1. Shredding

With more than 73,000 customers in North America, Iron Mountain has long been a leader in secure shredding. Whether you need onsite or offsite, bulk or recurring shredding services, Iron Mountain has the capabilities you need.

Learn more

2. Clean Start

Ideal for organizations that are making real estate changes, including transitioning to remote or hybrid work, clean start services help you optimize space, reduce risk, and enhance sustainability. Clean Start includes assessment, shredding, workflow optimization, digitization, and more.

Learn more

3. Information Governance Advisory Services

Get the expert advice you need to review, improve, and accelerate your data retention, privacy, classification, metadata, or other information governance initiative. We can help you develop policies and implement programs that meet your compliance and risk management goals.

Learn more

4. Professional records information management (RIM) staffing

Augment your staff with deep subject-matter experts and certified RIM professionals who are available on a full-time or part- time basis. Contracting with Iron Mountain makes it easy to find qualified help, whether you need general support staff or senior analysts.

Learn more

5. Smart Records Cleanup Suite

These technology-driven solutions help you identify what records you have and take action to transform to a more digital way of working. It includes Smart Assign record coding, Smart Reveal photographic services, and Smart Sort reorganization.

Learn more

Information clean-up tips

Many information governance professionals are well aware of these benefits to cleanup projects. In fact, when the IG World survey asked practitioners which type of projects they would like to complete, the top two vote- getters were a legacy data cleanup project (54%) and defensible deletion of information (39%).

If your organization is ready to get started with a cleanup project this year, these tips can help:

  • Start at the top. To be successful, an information governance team needs an enthusiastic executive sponsor, and enforcing data retention policies is no exception. If you want employees throughout the organization to participate in defensible data deletion, you need to send the message from the uppermost ranks of your company.
  • Create a cross-functional team. The most successful information governance efforts enlist support from many different disciplines working together. The IG World survey found that 49% of those surveyed have a formal information governance steering committee, and another 33% have an informal one. The most common size of committee is six to 10 members, although a sizable percentage do have more than 10 members.
  • Be aware of legal holds. Your data deletion efforts must be defensible, that is, they must stand up to an audit. Your legal team needs to be intimately involved in enforcement of your data deletion policies, so that you can make sure you aren’t accidentally deleting data that you are legally required to keep.
  • Enlist some help. If cleaning up your old files seems like too big a project for your employees to handle alongside their regular workload, consider bringing in an outside supplier. Experienced data management professionals may be able to clean out your files more quickly, and for less than internal resources.
  • Track metrics. If you tally up how much data you have and how much you are defensibly destroying, you’ll be able to calculate the savings for your organization. That can help you determine the value of the project, and consider undertaking similar efforts on a recurring basis.

To learn more, check out the Information Governance course in Information Economics Academy and visit Iron Mountain Information Governance.