At common law, an employee has a duty
- to comply with applicable laws in the performance of his/her work for the employer
- to comply with his/her employers reasonable instructions in the performance of that work, and
- to report material information to his superiors.
“Credit Union Staff Faults Safeguards Against Laundering,” The Wall Street Journal, October 31, 2018 B12. Employees raised concerns in 2017 about the anti-money laundering program at the credit union where they worked. The chief audit executive dismissed the allegations.
Were these employees rewarded for raising these concerns? No. Did the company make changes? The company says it did. Will other employees raise concerns in the future?
How seriously do you take concerns raised by your employees, who are closest to the facts? Is this a Compliance point or a Governance point? Or an Information point (in that Management received information and apparently didn’t use it)?
Filed under Compliance, Compliance (General), Controls, Culture, Duty, Employees, Governance, Information, Internal controls, Oversight, Third parties, To report, Use
“Annuities Soar After Rule’s Demise,” The Wall Street Journal, October 29, 2018 B1. More annuities sold after failure to pass rule about disclosure of conflicts by investment advisers.
If you don’t institute controls on behavior, what will enterprising (sales)people do? What’s it worth to you to know whether the person advising you is getting a large commission? Would that information influence your financial decisions? Do investors need to be protected from salespeople offering “free” meals? And if investors either (a) are or (b) are not so protected, what are the consequences on the other decisions those investors make in their lives? Do we rely on the government to protect us from our dumb decisions?
Caveat emptor? Is this an Information post or a Governance post?
This blog explores, from time to time, the outer reaches of the intersection(s) of Information, Governance, and Compliance.
Consider, for a moment, a fingerprint. Not what you normally consider “information.” And one seldom thinks of “managing” a fingerprint. Who owns your fingerprint? But consider the value of a fingerprint, and both the failure to “manage” or control where that fingerprint can be found and the ability to find that fingerprint and locate its owner. How much information governance is involved in this process?
“Fingerprint Leads to Arrest Of Bomb Suspect in Florida,” The Wall Street Journal, October 27, 2018 A1. Alleged mail bomber’s fingerprint in a package sent to a legislator leads to arrest of suspect.
Which leads me to the question,”What is there that isn’t information that is managed or controlled in our lives, or a least directly related to information that is managed?” I struggle to find an example of something that isn’t information, or directly related (perhaps somewhat remotely) to information that is managed or controlled.
Filed under Access, Accuracy, Analytics, Collect, Compliance, Controls, Data quality, Definition, Duty of Care, Governance, Information, Management, Oversight, Ownership, Records Management, Risk assessment, Use, Value
The suspect makes his fingerprints unreadable, and doesn’t have a wallet or other ID. Who is he?
“Controversial Facial System Identifies Suspect,” The Wall Street Journal, June 30, 2019 A3. Facial recognition used to identify the shooter at the Capital Gazette in Annapolis, where five died. A picture was run through the drivers license data base, and up popped his license photo.
Biometrics as information? Role of technology in information governance?
Vendors with whom you deal can (and do) capture lots of information about you. They use that information. Hopefully to improve customer service. Can they disclose what they know to others? What if your traveling companions don’t know it’s your birthday because you don’t want them to know?
“What the Airline Knows About The Guy in Seat 12A,” The Wall Street Journal, June 20, 2018 A11. What information on you do airlines collect and how do they use it?
If the information is correct and used positively, that’s one thing. What if it’s wrong, or used negatively? What if it leaks? What if it’s sold?
Filed under Access, Accuracy, Collect, Controls, Corporation, Duty, Duty of Care, Governance, Information, Management, Oversight, Ownership, Privacy, Protect, Use
“Old Spy Plane Tries to Learn New Tricks,” The Wall Street Journal, June 8, 2018 A3. Using new data analytical techniques to harvest more information from U2 spy photos taken from 70,000 feet, freeing up human viewers for other duties.
What old information do you have that you could process differently with newly available technology? What value could you harvest?
Who owns the information on social media? Everyone?
“Wall Street Moves Toward Mining of Social-Media Data,” The Wall Street Journal, June 4, 2018 B4. Companies now looking focusing on “alternative data reports” concerning a potential acquisition target, which are things such as user “purchase data, mobile app usage[,] and web surveys of prices.”
This data is mined from social media.
A powerful case for (a) using what’s available and (b) the ownership of data of social media.