CGOC is a forum of over 3,600 legal, IT, records and information management professionals from corporations and government agencies. For over a decade, CGOC has been a thought leader advancing governance best practices across the industry.
The past decade has produced an unprecedented accumulation of data. Organizations in general and business models in particular increasingly rely on data. Maintaining the privacy and confidentiality of this data, as well as meeting the requirements of a growing list of related compliance obligations, are top concerns for organizations and enterprises alike. Even though CGOC Regional…
The EU’s General Data Protection Regulation (GDPR) goes into effect on May 25, 2018. According to Top Corporate Data Protection Challenges, a survey of 132 compliance officers from organizations around the world and across multiple industries, only 6 percent of respondents feel their organizations are currently compliant with the upcoming regulation.
Download this resource guide to discover how a Unified Governance program can create the foundation for successful GDPR compliance, while enabling improved business insight, increased productivity, and reduced cost and risk. Start your compliance journey today.
Making the business case for an ongoing and unified data management and information governance program Data management teams must recognize they can’t ensure accurate, secure data without proper governance. On the other side, information governance teams must accept their mission has dramatically expanded from simply proving regulatory compliance to helping businesses achieve a single version of the truth, expose and extract value from information assets, and reduce a variety of risks.
Meet our Faculty and Speakers:
Jake Frazier, Senior Managing Director – FTI Consulting
Clare Sadler, Managing Director– Information Squared
Caroline Sweeney, Global Director, E-Discovery & Client Technology – Dorsey
View Now! http://bit.ly/2GsjYx1T
Save the date for the CGOC Regional Meeting: October 17, 2018, in Seattle, Washington.
Details about the CGOC Speakers will be shared via emails and posted on our social channels, so be sure to join our community or follow us on social media.
Corporate leaders from IT, Legal, Privacy and RIM attended this one-day executive meeting on data privacy and governance. Topics included analytics and the current security landscape, using machine learning and governance to meet business objectives and more!
Corporate leaders from IT, Legal, Privacy and RIM attended this one-day executive meeting on data protection in the modern enterprise. Topics included how to mobilize a GDPR program, data protection, and more.
Watch the on-demand webinar on Cross-Border Information Governance: Setting Yourself Up for Compliance to learn the risks that arise when controlling and processing personal data.
This Q&A with Jake Frazier, CGOC Faculty Member and senior managing director at FTI Consulting on how machine learning is shaping the enterprise. For this article, I asked Jake about the new and complex challenges around the adoption of machine learning technologies in enterprises. Machine learning offers business users an unprecedented opportunity to take advantage of the massive amount of data they are collecting. However, machine learning is also increasingly important to legal and compliance teams.
If you’ve been working toward General Data Protection Regulation (GDPR) compliance over the last couple of years, you are probably feeling like your data compliance environment is in good shape. You’ve identified what information exists, where it is and how it flows, and in the best-case scenario, you’re eliminating data silos that otherwise hamper end-to-end compliance processes. While improving these processes will continue to be a top priority, it’s time to find other ways to use these new data governance capabilities to help the business.
These days, I’m regularly being pulled into machine learning projects to offer some assurance that the personal and sensitive information pouring into these innovative applications for research and development (R&D), marketing and sales is being used in a compliant way. Certainly, good GDPR hygiene is a tremendous asset in this effort, but there is a lot more to consider when it comes to machine learning (ML).
In an era of increasing regulatory complexity, including around data privacy, no business that wants to survive can tolerate recklessness. But that does not mean abandoning rapid innovation. Companies have been innovating without being reckless forever – and just because Facebook benefited from its irresponsibility for a while, no company should risk its existence by equating the two.
How do you create an environment to support rapid innovation while protecting the company from its own excesses? Consider the following five keys to moving fast without breaking things.
Europe is more attuned to data privacy and security issues than other areas and takes a much more no-nonsense approach to technology companies and how they handle customer data. And indeed, Facebook is taking heat from government leaders there.
As Facebook’s Mark Zuckerberg testifies during Congressional and Parliamentary hearings about his company’s business practices and consumers begin to wake up to the reality of how much of their personal information has been collected and mishandled, privacy researchers and developers are finally being listened to.
As implementation of the EU’s General Data Protection Regulation (GDPR) approaches, organizations may be tempted to regard privacy as a regulatory burden and focus solely on mechanisms of compliance. Protecting private information has vital and obvious implications for everyday life, and the only way companies can successfully do this is to create a culture of privacy.
If you’re one of these companies scrambling to meet the May 25th deadline, it is essential you not fall into the trap of believing any of the myths that have risen about the regulation – which can lead to overconfidence, poor risk assessments, wasted effort and ultimately noncompliance.
Heightened security threats lead to heightened regulation, however, organizations are not always quick to comply. Though the world was forewarned two years ago that the European Union’s General Data Protection Regulation (GDPR) was on its way, a recent survey found …
The CGOC (Compliance, Governance and Oversight Council) today announced the availability of the GDPR Resource Guide, a compendium of unique resources developed by and for members of the CGOC to help organizations understand and chart their GDPR compliance journey.
Modern big data and digital transformation initiatives depend on three underlying conditions. Data must be accurate and current. Data must be secure. And data must comply with evolving and increasingly complex regulations. This is especially true in the area of data privacy, given the impending implementation of the EU’s General Data Protection Regulation (GDPR).
The May 2018 deadline for the EU’s General Data Protection Regulation (GDPR) should have organizations scrambling to roll out GDPR-readiness programs. After all, the regulation applies to most organizations doing business in the EU, non-compliance can result in severe fines, and getting ready for compliance will likely take significant time and effort.
Most discussions regarding the EU’s impending General Data Protection Regulation (GDPR) — scheduled for implementation in May 2018 — focus squarely on consent management (i.e., making sure organizations have permission to use the data they are collecting and processing).
Known as the General Data Protection Regulation or GDPR, the EU describes the new requirements as “the most important change in data privacy regulation in 20 years.” Intended to replace the current European Data Protection Directive and standardize the laws governing data privacy across the EU’s member countries, it is meant to reshape the way organizations across the region deal with data privacy.
A survey of top corporate data protection challenges has found only 6 percent of companies are prepared to be compliant with the EU’s General Data Protection Regulation (GDPR), which goes into effect on May 25, 2018. The Compliance, Governance, and Oversight Council (CGOC) released the results of the survey, which gathered the results from 132 compliance officers from organizations around the world. Those organizations were across multiple industries.
GDPR is a growing concern for companies in the life sciences industry. A session at DIA’s annual meeting in Chicago in June 2017 brought the issue to the attention of many pharma executives in the audience. Violations of the regulation can result in a penalty of €20 million or 4 percent of worldwide revenue.
The CGOC (Compliance, Governance and Oversight Council) today released the results of a survey and accompanying infographic that reveals most enterprises are not ready to comply with the EU’s General Data Protection Regulation (GDPR), which goes into effect on May 25, 2018. According to Top Corporate Data Protection Challenges, a survey of 132 compliance officers from organizations around the world and across multiple industries, only 6 percent of respondents feel their organizations are currently compliant with the upcoming regulation. The results also indicate most organizations are concerned about their poor data disposal practices and ability to demonstrate compliance, key elements of GDPR readiness. Organization size had no significant impact on readiness levels. Read more for the complete Top Data Protection Challenges Survey results and to download the infographic.
MEDIA ADVISORY, Oct. 17, 2017 (GLOBE NEWSWIRE) — The CGOC (Compliance, Governance and Oversight Council) announced that registration is now open for the Council’s regional meeting in London, England on November 14, 2017.
“This year’s CGOC event in London will provide attendees the vital information they need to navigate today’s most pressing data challenges, including incidence response to a security breach, mobilizing a GDPR program and aligning GDPR with other regulations,” said Heidi Maher, Executive Director, CGOC. “It also provides a rare opportunity to network with some of the top experts in privacy, compliance and information governance.”
Consider how many organizations embark on a big data initiative. They purchase the right technology and begin pooling data from disparate systems into data lakes or data warehouses. But how do they know which data stores to use? How sure can they be of the lineage and integrity of their data? What can they do to ensure that their data lake doesn’t become a data swamp? The answer is simple: Start with a unified governance approach.
Cyberattacks aren’t the only significant threats facing enterprises today. Companies often find themselves needing to conduct extensive and costly investigations into employee behavior. For example, I was recently involved in an internal investigation that was estimated to cost a global Fortune 500 company more than $1 million just for the investigation itself. Of course, costs can run much higher when settlements and other legal fees are included. According to the Mintz Group, Foreign Corrupt Practices Act penalty amounts totaled $1.8 billion for the period from implementation of the FCPA in 1977 to May 2016. The financial impact to companies, as well as the damage to their reputations and business disruption, can be staggering, and possible litigation following an investigation can cause further financial and reputational harm.
Less than a year away from the implementation of the European Commission’s General Data Protection Regulation (GDPR) and stakes for companies are high. This article outlines important steps companies can take right now to make significant progress toward creating a data infrastructure that dramatically reduces the likelihood of non-compliance.
Although eliminating all cyber incidents is impossible, a “unified governance” approach that combines security with data management and information governance can help create a business culture that promotes a strong defense. CGOC Faculty Member Ed McAndrew offers 10 steps you can follow to create a culture of cybersecurity.
Like any significant cyber incident, a successful ransomware attack can give rise to an increasingly broad array of legal, regulatory and financial impacts. Planning ahead is essential, and legal teams should consider these nine tips when assessing their companies’ readiness.
The risk and cost benefit analysis of 22 key processes allows organizations to practically deal with the torrid growth of digital data, a complex regulatory environment, and increasing adoption of cloud computing and machine learning.
If you think IG is tough at a typical enterprise, wait until you go through a corporate restructuring in today’s environment, when the risks are magnified, the challenges are stark, and IG failures frequently blow up both the budget and timeline set for the restructure, undercutting business goals.
To increase the business value of data while reducing cost and risk, finance departments must become stakeholders in the development and implementation of data privacy programs.
Helps mature key processes related to global privacy compliance, data quality assurance, data leakage and theft, and more. “The hardest part of an IG program is getting started, and the CGOC Maturity Model provides the structure on which to build an effective IG program.” – Anthony Diana, Partner at Reed Smith.
Organizations understand that they must establish and maintain a comprehensive, enterprise-wide data privacy program built on a solid business case that defines its specific requirements. To begin the journey, explore these 10 foundational requirements for operationalizing a data privacy program.
Healthcare providers must take deliberate steps to prevent and mitigate the impact of ransomware attacks. While not exhaustive, the steps enumerated in this article can help better position companies for successful navigation through these high-pressure and often high-stakes situations.
Speakers include senior executives from BlackRock, CME Group, Deutsche Bank, eDisclosure Information Project, FTI, HGP/GlaxoSmithKline, IBM, JPMorgan Chase, Reed Smith, Wolseley and others.
Heidi Maher, CGOC Executive Director, and Jake Frazier, CGOC Faculty Chair and Senior Managing Director at FTI, discuss why IG can be more challenging during mergers and acquisitions (M&As) and other restructures. The potential for increased eDiscovery, cybersecurity and compliance issues can create a host of problems for a parent organization.
Businesses increasingly acknowledge the potential of A.I. to accelerate decision making, but many have serious concerns about what is happening inside the black box. The quality of any A.I. can only be as good as the data it processes. Of course, “garbage in, garbage out” has long been an analytics refrain, but it’s even more important for A.I.
James Schellhase, worldwide business executive, information governance expert and CGOC faculty member, discusses the role of information governance in reducing risks associated with third-party data governance.
From the malicious to the unintentional, cyber incidents continue to increase in frequency, severity, and cost to companies. CGOC Faculty member, Edward McAndrew discusses eight steps to help mitigate the impact of an incident by constructive engagement of law enforcement and regulators
While the operational goals of compliance, privacy, security and e-discovery practices are different, their processes and technologies overlap, and it is increasingly difficult to successfully conduct one practice without successfully conducting the others. Aligning compliance, privacy, security and e-discovery practices can lower risk. (Free Registration Required)
Today, big data initiatives using customer data are driving new personalized services, innovative insights, optimized operations and new business models. That all sounds terrific, but there’s a dark side to big data, and if you don’t get a handle on it, your company’s new analytics projects may cause far more problems than they solve.
About 69% of an organization’s data is unnecessary and has no value. Aside from taking up precious space, this excess information poses a great risk. Security expert, Heidi Maher, gives advice and put together 10 questions for board members to ask when developing a detailed and holistic approach.
The average cost of a data breach has increased 11% from last year to now total $6.53 million for a single U.S. organization. Strong data security is critical for protection and financials. Six key elements have been identified as requirements for establishing strong security and reducing the risk of a breach.
Hoarding is a psychological disorder—usually thought of as an unhealthy attachment to possessions. It causes clutter. Does hoarding of data have the same detriment to businesses? The need to maintain and delete data is greater than ever with data being created at unprecedented levels.
With data overload, Rossi argues that a new foundation for collecting and using data is needed so businesses can develop and implement a strong structure for their growing data. His article highlights 4 key components to consider when making the transition from data hoarder to data factory.
The benefits to moving data to the cloud and mobile are impressive—lower costs, better efficiency—but it comes at the price of complexity and loss of control for your IT, legal and compliance teams. Expert Richard Kessler suggests these challenges can be overcome by standardizing information metadata.
Organizations that manage their data as an asset can use analytics to pull significant value from the information they have stored—but not all data is useful, in fast, using irrelevant data can distort the analysis. Here are 7 questions that are important in determining the value of your information.
Companies like Google and Amazon rely on collecting data and analysis as a way to stay competitive. These companies have allocated resources to investing in technologies but now, affordable big data solutions allow organizations of all sizes to benefit from the same data-driven perspective.
A strong foundation from the beginning of the data life cycle can dramatically reduce business costs and risk, while improving decision making. Kessler proposes 4 simple standard setup attributes to all new business systems so data can be easily aligned.
Setting up an enterprise information governance (IG) program can be daunting—but a simple, step-by-step approach to creating an effective IG makes the possibility a reality. Make the change as simple as possible with four key factors designed for long-term success.
Existing business practices and many other factors make it difficult to have a holistic, disciplined approach to information governance. With these 5 outlined IG best practices, an organization can make appropriate decisions, and understand the value of their information.
In this interesting article, Gascon addresses the pros and cons of different approaches to securing sensitive shared information, but proposes, what he believes, is a better approach—the “Share-and-Protect” strategy based on encryptions.
The growth of data is out of control. But successful companies are turning to information life-cycle governance programs to delete old data at the same rate they are creating new data. A properly managed program allows for long-term growth and the potential savings of millions of dollars.
About 90% of digital data is “dark”: unstructured, untagged and untapped data that organizations know very little about. This data complicates information governance, with the risk growing bigger with every piece of additional dark data. Address the issue with classification tools that index the data.
In this Ask the Expert, Derek Gascon, executive director of the CGOC, talks about obstacles facing mobile data management and how to overcome the pressing issues. Equip your company with the right policies and tools as outlined by the experts of mobile information governance.
Not all information is created equal—some is highly valuable, whereas other data is unnecessary. These 5 tips ensure that information growth will be benefit your organization instead of adding to the burden of excess data.
This Q&A with information governance expert, Derek Gascon, answers many pressing concerns like smarter data management, better business practices, and improving security while maintaining compliance.
Not a member? Join the community
Already a member? Sign in
Become a CGOC Member and have access to resources, white papers, surveys, proceedings, and practice tools such as the Information Economic Process Assessment Kit. CGOC Members receive first priority to regional CGOC executive meetings around the world.
Asterisks (*) indicate fields required for registration