Monthly Archives: November 2013

“Managing” information

I had difficulties finding a suitable article in today’s The Wall Street Journal.  But rather than admit defeat, I decided to go with this.  But it’s a reach.

“Russia’s Olympic Effort Sputters,” Wall Street Journal, November 30-December 1, 2013, A9 http://on.wsj.com/1c3otHx

I had thought from the headline that this story would be forecasting that the site would not be ready for the Olympic Games, less than three months away.  Well, yes and no.  The places where the athletes will compete are all done.  What is less done is all the rest – the hotels, the shops, etc.

How do you manage life under a microscope?  Reporters looking for news to report (i.e., bad news). Is “managing” that process “information management”?  Or just Public Affairs?  Or Communications?  What’s the link, if any, to Information Governance?  Is it on the cusp of Crisis Management?

Leave a comment

Filed under Business Case, Communications, Governance, Information, Operations, Risk

Whatcha’ goin do?

Your boss asks you to  something illegal.  You comply, for fear of losing your job. Was this a test?

I suspect your company doesn’t have a strong compliance culture.

“Ex-Analyst at SAC Cites Job Fears,” Wall Street Journal, November 29, 2013 C2 http://on.wsj.com/181UmSV

Jon Horvath says his boss made him do it.  The “it” involved getting and passing along inside information. In an insider trading trial, his boss’s lawyer says the boss was unaware that any of Mr. Horvath’s information had been illegally obtained.

How many compliance programs use a sting to find out whether employees will break the law if the boss asks them to?  Or would that be harmful to the sense of trust between the employees and their boss?  Would they believe their boss would really do that? (Either ask them to do something illegal or participate in a sting?

Leave a comment

Filed under Business Case, Compliance, Controls, Culture, Governance, Information, Internal controls, Legal, Policy, Requirements, Risk, Value

Big medical data sharing

“Medical Center taking turn to digital,” Houston Chronicle, November 28, 2013 B1 http://bit.ly/1fNJPQa

Texas Medical Center will provide training and free data analytics software to its 54 member institutions.  Permits collaboration on multi-institution data, if the pesky personal data privacy issues can be resolved. One hospital (Baylor) has 12 petabytes of data.

Let’s see.  Technology. Privacy. Knowledge sharing/management.  What happens if you have this data and this software and get sued?  Any discovery questions?

Leave a comment

Filed under Business Case, Discovery, Information, Interconnections, IT, Knowledge Management, Legal, New Implications, Operations, Ownership, Privacy, Requirements, Risk, Use, Value

Controls and culture redux

“Weatherford to Pay $253 Million Fine,” Wall Street Journal, November 27, 2013 B2 http://on.wsj.com/1iTri4A

“A Service tale of illicit kale, of whisky and women wild.” (The Ballad of Yukon Jake by Edward Paramore, Jr.)http://bit.ly/1hiv88c

It’s a familiar story.  Oilfield service company settles FCPA and trade sanction allegations. Allegedly paid foreign officials bribes and travel and entertainment expenses (primary offense) and created false books and records to hide the costs (secondary offense).  Also penalized for not cooperating with the investigation.  Alleged failure “to set up an effective system to detect and prevent corruption.” Really?  Really?

Lessons:  bad environment (overseas, some sketchy countries) means higher risk; bad culture (bribes normal course of business) will bite you; red flags ignored (agent refuses to sign anti-bribery contract; use of code names) can haunt; rapid expansion raises risks; lack of internal controls precedes violations of law; the books and records provisions of the FCPA have real teeth.

Leave a comment

Filed under Business Case, Compliance, Controls, Culture, Governance, Internal controls, Legal, Requirements, Risk, Third parties

123 and FDA

Analytics. Information. Regulation.

Apparently, providing a chemical analysis of your spit is regulated by the FDA.

I remember holisitic hair analysis thirty years ago.  They took a hair sample and burned it, reading the chromatics of the flame to tell you what was in your hair.  Can’t remember whether it was real science.

But 123andMe made a pretty good business of offering to do a DNA analysis of your saliva.  Built a huge DNA data base, and helped people trace their ancestors and identify possible predisposition to certain illnesses.  Sort of an early warning system.

Whose information is it, anyway? And what’s the bigger risk, false positives or false negatives? Or is protecting people from potentially incorrect information within the agency’s charter?

“Gene Startup Ordered To Cease Marketing,” Wall Street Journal, November 26, 2013 A1 http://on.wsj.com/17VVytk

Leave a comment

Filed under Business Case, Controls, Data quality, Definition, HR, Information, Legal, Operations, Ownership, Privacy, Requirements, Risk, Use, Value

On average, 30 Gigs per custodian

Microsoft says it stores 60 million pages of information for each piece of litigation, while only 88 pages get admitted into evidence at trial.  On average, each custodian has 30 gigabytes of information, versus 17 gigabytes two years ago.

“Meet the New Pack Rats,” Wall Street Journal, November 25, 2013 B7 http://on.wsj.com/1cLRklr

As the courts explore potential revisions to the rules, businesses struggle to hold on to what they think they need to hold on to.

Leave a comment

Filed under Business Case, Controls, Discovery, Governance, Information, Internal controls, Legal, Operations, Protect assets, Records Management, Risk

Cross-training at Cornell

One solution to address the lack of “information governance” is to try to teach IT to the Records Management or Legal folks.  Or to teach the business folks Records Management, Legal, Compliance and IT security.

“Cornell M.B.A. Program Melds Technology, Management Skills,” Wall Street Journal, November 25, 2013 B4 http://on.wsj.com/1b1b01L

Cornell is starting a course to teach IT folks advanced business skills.  Is this type of cross-training the way of the future, for all of us?

 

 

Leave a comment

Filed under Business Case, Governance, IT, New Implications, Operations, Use