About this Publication
This publication was written by the Information Governance Initiative as part of our ongoing series exploring issues, strategies, and techniques related to information governance. This publication was made possible by Active Navigation’s support of the IGI. Active Navigation is an IGI Charter Supporter. More information about Active Navigation is available at www.activenavigation.com
Responding To New Regulatory Requirements
Given the multi-disciplinary nature of Information Governance (IG), it can sometimes feel like an amorphous topic. Without an obvious starting point or way to get to grips with it, IG sometimes fails to get the high-level attention it deserves. Yet, IG is not some arbitrary notion of “best practice.”
IG is – or should be – firmly rooted in practical, results-oriented strategy and tactics. When executed intelligently, IG can make a significant contribution to the bottom line. The experience of Ameritas Life Insurance Corp., headquartered in Lincoln, Nebraska, clearly makes such a case.
The insurance company was already reviewing its information governance processes before New York Department of Financial Services introduced new regulatory standards in March 2017. The requirements of the regulation are far reaching and extend from information security and data governance, through access controls, identity management, systems and network monitoring, data privacy, environmental controls, risk assessment and incident response.
Ameritas began with a pilot project to tackle a clearly identified business problem which they addressed using data analysis, indexing, searching, tracking and reporting tools from Active Navigation. Records management and business collaboration demonstrated impressive results and feedback that could shape future activity.
Learning from the pilot project enabled Ameritas to see a clear role for the technology in key areas of records management and compliance. Having demonstrated the retention compliance goals set out for the pilot project, the company is now growing the information governance initiative. The project has expanded to ensure compliance with 23 NYCRR Part 500 through its focus on sensitive data compliance and reduced business risk.
The Ameritas approach demonstrates how organizations can begin their own IG journeys. We expect that, by demonstrating the positive contributions that IG can make in this way, IG professionals will be able to drive the topic up the organizational agenda.