Topics

Information Governance Resources

Case Study

FTI Technology Provides Extensive Data Identification and Transfer in Global Telecommunications Divestiture

A longstanding FTI Technology client in the telecommunications industry was preparing to divest a European business unit to a global network and voice services company. The organization needed to migrate the divesting business unit’s Microsoft 365 environments and data sources to the acquiring company, in compliance with numerous regulations and in a timely manner to uphold the parameters and deadlines of the transaction. FTI Technology’s global team coordinated with the client’s IT stakeholders to manage the data transfer, as well as a cross-functional deal team tracking the project.

Blog Post

Q&A: Scott Margolis Advocates for Value-Driven Information Governance and Privacy Programs

Scott Margolis recently joined FTI Technology as a Managing Director within the Information Governance, Privacy & Security practice, bringing more than two decades of experience developing innovative strategies and solutions for organizations to address complex information governance issues. His expertise spans a wide range of IG, privacy and data governance issues in financial services, transportation, logistics, energy and other industries. In this Q&A, Scott discusses the importance of proactive governance programs that are designed to derive value and insights from corporate data.

White Paper

Bad Tapes

Once touted as the pinnacle of long-term data storage, magnetic backup tapes have evolved into a data albatross around the necks of corporate Australia. Storage costs, difficulty of data retrieval and the threat of regulatory action due to data over-retention loom over companies which continue to retain backup tapes as a permanent archive.

White Paper

Delivering on the Promise of “Cradle-to-Grave” Data Management in Large Financial Institutions

Financial institutions are grappling with significant, ongoing challenges in their management of valuable communications data. These challenges are driven by accelerated technology change, a wholesale shift to cloud platforms and many long-lasting changes in working practices and behaviors post-COVID. Financial institutions have experienced a seismic shift from an era where all communications data was stored in centralized servers within the walls of its enterprise data centers. Now, email, chat, voice and video along with other dynamic forms of collaborative content, is stored across a myriad of third-party communications channels and cloud-based platforms outside the perimeter of the enterprise.

Case Study

FTI Technology Provides Contract Lifecycle Management Transformation, Supports Merger Readiness for Leading Food Retailer

On the heels of an extensive information governance, privacy and records management overhaul supported by FTI Technology, a large North American retail chain was pursuing a contract lifecycle management (CLM) implementation. The company aimed to centralize its contracts, deploy a new CLM tool, establish new contracting policies and improve workflows ahead of a planned merger. FTI Technology’s Corporate Legal Operations experts were engaged to ensure the project remained on course and provide a full transformation of contracting processes.

Case Study

FTI Technology Enables Privacy Transformation for Fortune 50 Drug & Food Retailer

National supermarket retailer engages FTI Technology’s Information Governance, Privacy & Security (IGP&S) practice for comprehensive privacy program transformation, technology implementation and enhanced automation.

Blog Post

A Guide to Productive Data Spring Cleaning

Like it or not, spring cleaning season has arrived. Whether you’re the type to declutter your closets like Marie Kondo or are more likely to tidy a few shelves and call it a day, it’s important to remember that your organisation’s data is also likely due for a thorough clearing out.

Blog Post

How to Implement a Sustainable Information Governance Framework

We live in a world with rapidly accelerating data volumes, and in which data sources are becoming more complex all the time. With the rise of unstructured data sources such as videos, audio files and instant messages, business teams have an unprecedented data landscape to contend with. In parallel, many businesses are holding onto an ever-increasing universe of data, often without a holistic strategy to manage information and reduce digital risk. The result is an environment in which risks abound, costs soar and business agility is hampered.

Case Study

Extensive Data Identification, Analysis and Extraction in Response to Consumer Services Privacy Breach

A major U.S.-based consumer services company experienced a privacy breach at a European company it had acquired. The company needed to identify the personal data that was compromised so it could respond to the incident according to requirements under the General Data Protection Regulation. The organisation also needed to determine whether any of the exposed employee or customer personal data was protected under additional regulations. Emerging data source experts in FTI Technology’s Information Governance, Privacy & Security practice in EMEA were engaged to provide a broad view of the breach, including its severity, the volume and types of personal data that were exposed, and the scope of jurisdictions implicated within the dataset.

Blog Post

The Ongoing Challenges in Cross-Border Data Transfers: Q&A with Dior Data Protection Officer Pierre Faller

Wajdi Kharrat, a Managing Director within FTI Technology’s Information Governance, Privacy & Security practice in France is an expert in global data privacy challenges and the ever-changing landscape of regulatory requirements. One of the key trends he’s continuing to watch is the arena of cross-border data transfers, including which laws are changing the legality of transferring data between jurisdictions, legal bases for conducting transfers and best practices for protecting data in transit. Wajdi recently sat down with Pierre Faller, Data Protection Officer at Dior, to discuss these issues in depth.

Blog Post

The Perfect Storm: AdTech, Privacy and Digital Advertising

There’s a perfect storm brewing on the digital horizon, and organizations that want to successfully navigate through it need to get ready.

White Paper

Establishing Information Governance Best Practices for Microsoft 365 Deployments

Microsoft accounts for 92% of the content services market, with most organisations utilising services within Microsoft 365 and/or Microsoft Teams to enable productivity and efficient remote working. In 2020, Microsoft 365 users generated more than 30 billion collaboration minutes in a single day as people communicated, collaborated and created documents at accelerating speed. This pace of adoption and scale of use has made it difficult for many organisations to maintain consistent information governance (IG).

Video

Emerging Fairness and Transparency Considerations in Artificial Intelligence

In this webinar Jon Asprey, (Managing Director at FTI Consulting), Thomas Hammp, (Senior Technical Staff Member – AI Governance at IBM) and Oscar Hayward (Associate at Latham & Watkins), explore what organisations could and should be doing to prepare for increased AI adoption.

PDF

Digital Insights and Risk Management

Growing the business, protecting sensitive information and managing liability in a complex and dynamic environment – these are just a few of today’s organizational priorities in which enterprise data plays a critical role. How organizations, teams and stakeholders approach this data poses challenges and opportunities across the entire digital risk spectrum, including privacy, security, technology, legal, governance, risk and compliance.

Blog Post

How to Consolidate Retention Policies

One of the often-overlooked challenges of electronic records management is the control and maintenance of retention policies. This is particularly difficult if you are faced with many different record series categories in your organization, which is increasingly the case for modern enterprises.

Blog Post

2022 Forecast: FTI Technology Predictions from EMEA, Part 2

Every year, we gather a series of predictions from our consultants across regions and practice areas. It’s a way of reflecting on how our clients challenges and needs evolve from year to year, and capturing the key areas we expect to support our clients in during the year ahead. In Part 1 of this series, Jon Chan shared outlooks from across our EMEA e-discovery practice. This post provides a roundup of predictions for the region across antitrust, information governance and data privacy.

Video

The New UAE Privacy Law and its Practical Implications

The UAE Government has recently introduced a new data privacy law. Watch this video as experts, Ben Crew, Head of Information Governance, Privacy, and Security MENA at FTI Consulting and Hamed Halawani, Head of Risk Specialists, Middle East, and North Africa at Thomson Reuters discuss these new laws in detail and what the implications are for businesses in the UAE.

Video

Competition Authorities Increase Data Scrutiny in Technology Industry Transactions

Innovation within the technology industry was essentially the genesis for data as we know it today. Ironically, data within technology corporations is now positioned to become the centre of some of the most intense competition scrutiny and enforcement on record.

Blog Post

2022 Forecast: A Roundup of Predictions Across Governance and Expanding Risk

In FTI Technology’s and Relativity’s The General Counsel Report 2022, 60% of general counsel indicated worry over mounting risks, and said that their risk landscape is expanding or becoming more difficult to navigate in areas spanning compliance, regulatory enforcement, data privacy, information security, emerging data sources and ongoing effects from the pandemic. Feelings of preparedness dropped from the previous year in every major category discussed.

Blog Post

Corporate Data Challenges in EMEA in 2021: Emerging Legal and Discovery Issues - Part 4 of 4

This post wraps up a four-part series in which I’ve explored the top data issues impacting corporations across EMEA now and in the year ahead. The previous blog posts have discussed a range of trends across investigations, data privacy, M&A and information governance. In this piece, I’ll share developments we’re seeing specifically in the legal arena, around the rise of class actions in EMEA, new needs in legal review and how advancements in technology are helping our clients meet new challenges.

Blog Post

Stealing From the Cookie Jar? Beware Evolving Data Privacy Rules.

For many businesses, cookies are the backbone of marketing. These text-only strings of information stored on visitors’ computers, smartphones and tablets allow businesses to track, identify and study online behaviour for the purposes of targeted advertising. This practice is allowable within the confines of the EU Cookie Law, existing privacy legislation that allows websites to store or retrieve information only with visitors’ consent. While cookie-enabled targeted advertising is a boon for marketing campaigns, recent developments in data privacy laws and discourse are beginning to beg the question: is cookie tracking a good thing? More specifically, is the use of cookies compliant in accordance with the GDPR, California Consumer Privacy Act (CCPA) and other emerging data privacy regulations?

Blog Post

How Data Protection Has Become a Business-Critical Priority in the Middle East

Organisations that store personal and sensitive data possess millions of data artifacts—each representing unique risk and value—within their enterprise systems. With cybersecurity incidents on the rise, the stakes around data protection have become higher than ever before, yet many organisations still do not realise the extent of disruption that can result when systems are breached.

Video

The Enterprise Data Mapping Endeavor - How to Overcome Data Discovery Paralysis and Maintain Ongoing Compliance

While data mapping is a critical first step in identifying key areas of risk, the process can be daunting to large organizations. In this webcast we examine ways to overcome data discovery paralysis and maintain ongoing compliance.

Blog Post

EU Whistleblowing Protection Directive Looms as New Compliance Referee

It’s game time for corporate compliance professionals in Europe. In less than three months, the EU Whistleblowing Protection Directive will take effect and add a new set of requirements to the long list of compliance controls businesses in Europe must implement and maintain. With little time left to prepare and establish the frameworks needed to comply with the law, it’s important that businesses gain an understanding of what the directive entails and the new policies and processes that must be put in place before the impending deadline.

Video

Establishing Repeatable and Scalable Privacy Programs

FTI Technology's Information Governance, Privacy & Security experts discuss how to position your programs to stay out in front of state, federal and industry-specific privacy compliance obligations.

Blog Post

Roundtable Discussion Part 2: How a Large Telecommunications Corporation Addressed an Influx of Regulations Through Data Governance

Experts from across FTI Consulting are engaged on a massive, ongoing data governance project for a large global telecommunications client. We recently discussed the matter with key members of the team, Jake Frazier, Steve McNew and Adam Ingber, to understand the key challenges of the matter and the primary regulatory issues the client has sought to address through improved governance.

Blog Post

Roundtable Discussion Part 1: How a Large Telecommunications Corporation Addressed an Influx of Regulations Through Data Governance

Experts from across FTI Consulting are engaged on a massive, ongoing data governance project for a large global telecommunications client. We recently discussed the matter with key members of the team, Jake Frazier, Steve McNew and Adam Ingber, to understand the key challenges of the matter and the primary regulatory issues the client has sought to address through improved governance.

Case Study

FTI Technology Provides Information Governance Assessment and Deploys Global Records Management Initiative for Technology Provider

When a global financial technology deployment and management provider sought to migrate its systems to Office 365, its general counsel recognized an opportunity to establish a records retention policy and assess information governance maturity.

Blog Post

How to Hit the Bullseye in Modern Data Governance

Often, the prospect of achieving data governance seems so far off, the challenges so immense, that organizations become stuck in assessments and planning, unable to move a program toward implementation.

Blog Post

Corporate Data Challenges in EMEA in 2021: The Intersection of Data and M&A (Part 2 of 4)

This second post in the series is focused on an area that our team, and my work, is heavily involved in: the data and privacy issues associated with M&A, and the regulatory clearance processes that are increasingly associated with getting the deal through.

White Paper

E-book - Taking Aim at Enterprise Data Governance

Hitting the bullseye in modern data governance starts with a clear view of an organization’s challenges, roles and data objectives in the context of the ever-evolving data landscape. This e-book provides a framework for defining modern data governance, understanding key players and achieving (or refreshing) programs that meets the needs of every stakeholder. It will include FTI Technology’s unique perspective of how combining data governance with broader information governance (IG) and strategic analytics can support robust compliance, data protection, business insights and more.

Case Study

FTI Technology Serves as Independent Privacy and Data Protection Assessor to Support Global Technology Company’s Obligations Under FTC Consent Order

Privacy experts from the Information Governance, Privacy & Security practice within FTI Consulting’s Technology segment were engaged to conduct a biennial privacy and data protection assessment for a large, global technology company.

Video

Sudden Impact: How The Pandemic Changed Antitrust Investigations and Compliance

The pandemic and its ripple effects have impacted us all in many ways, including how we work. Suddenly, millions of workers worldwide made the shift to remote work -- adopting new schedules, communication systems, and business practices. Antitrust practitioners were no different. From North America to South America and Europe, competition authorities updated guidance on pandemic-driven cooperation, transitioned to virtual investigations and temporarily suspended certain merger review and office searches. Acceleration of remote-work-driven cloud communication and the need for remote document collection, only complicated matters further.

Case Study

FTI Consulting Provides GDPR Assessment and Action Plan for Global Energy Company

When Europe’s General Data Protection Regulation (GDPR) was enacted, many U.S. corporations were suddenly facing data protection requirements far more stringent than any preceding privacy rules. This was the case for a Houston-based drilling company, which had a significant international footprint, including in Europe, but limited visibility into how its practices were impacted by the new regulation. With an active GDPR compliance program in development, the company engaged FTI Consulting’s Information Governance, Privacy & Security (IGP&S) practice to conduct a readiness assessment and provide a roadmap of additional steps needed to bring the company into full compliance.

Video

Avoiding Enterprise Data Governance Project Pitfalls

While data governance will look different for every organization, there are a number of challenges that arise in most initiatives. If CDOs and other data governance stakeholders can plan for these and address them at the outset, their projects will have a much greater chance for success. Most projects lag due to resource fatigue, decision overload, assessment dead ends and lack of technical resources. Misalignment of roles and responsibilities is another major project pitfall.

Blog Post

IP in Open Waters Part 2: Bringing Data Back to Safety

In the wake of COVID-19 and the changes it has instigated, you may not be able to bring all your IP back to the safety of the rockpool – but it’s not too late to deploy the life rafts and patrols, and be prepared.

Case Study

FTI Consulting Neutralizes Data Privacy Challenges For U.S. Division of European Pharma and Medical Device Company

The Information Governance, Privacy & Security practice within FTI Consulting’s Technology segment was engaged to design, build, and run a global pharmaceutical and medical device company’s data privacy risk and compliance program.

Blog Post

What Companies Need to Know About the ADGM Data Protection Regulation

In February this year, the Abu Dhabi Global Markets (ADGM) passed the Data Protection Regulation (DPR2021), which bears a striking resemblance to the EU GDPR, and the U.K. GDPR specifically. The former legislation, dating back to 2015, was based on the Organization for Economic Co-Operation and Development (OECD) guidance, which was significantly different from GDPR’s standards. What this means is that for companies operating in the ADGM, major regulatory changes are afoot.

White Paper

Data Security in Texas: The Lone Star in Privacy Compliance?

Are companies in Texas leading the way when it comes to their approach to data security? This new report based on a survey done by ALM Media and FTI Consulting explores the approaches Texas companies employed to challenges faced by virtual workplaces and evolving privacy regulations.

Blog Post

Leading By Example Part 1: Karen Briggs Discusses FTI Consulting’s Presence in EMEA

Shortly after joining FTI Consulting to lead the Forensic & Litigation Consulting segment in EMEA last year, Karen Briggs had her role expanded to oversee the Technology segment in EMEA. In this dual role of heading two of the firm's significant segments in the region, Karen has focused on the synergies between practices to improve client outcomes. During a recent video chat, we asked about her view of the EMEA Technology practice and how she leads her teams through today’s most pressing challenges. This post is part one of a two part series detailing our Q&A.

Blog Post

Q&A: Ben Crew Addresses Growing Demand for Privacy and IG Solutions in Middle East

As Middle Eastern countries ramp up their regulatory oversight and rigor over data protection, companies in the region are seeking guidance on how to evaluate their risk, implement data privacy frameworks and uphold compliance. FTI Consulting is filling this need through the expansion of its IG and data privacy practice in MENA. Senior Director Ben Crew recently joined FTI Consulting to head up the Information Governance, Privacy & Security (IGP&S) practice in the region. We recently chatted with Ben about his new role and the regulatory climate in MENA.

Video

Protecting Data Whilst Remote Working During COVID-19 [FRENCH]

In this interview with in Le Monde Du Droit, FTI Technology's Thomas Sely discusses the protection of companies’ data in a context of remote working and pandemic.

Blog Post

Business Security in Times of Furloughs and Home Working

The effects of COVID-19 have led many companies worldwide to take drastic measures. This includes applications for temporal layoffs or furloughs, with the additional uncertainty of definitive layoffs for vast numbers of employees. In this article, Javier Garcia-Chappell and Grainne Bryan discuss the necessary measures to protect and secure their data, as well as those devices and/or corporate media that may store them.

Case Study

FTI Technology Guides Global Manufacturing Company Through Microsoft 365 Governance and Deployment

A manufacturing company needed to mature its IG posture and data management hygiene. They desired to leverage the cloud and its capabilities to utilize newer applications and available features to increase cross-functional enterprise collaboration. In doing so, they required enhancements to their data governance program and policy adoption of related tools.

Blog Post

The Data Whisperer: Brandon Lee Discusses Working at the Nexus of E-Discovery and Information Governance

E-discovery, data privacy and information governance risks are increasingly intersecting in today’s organizations. In turn, the ways corporations manage their data, approach compliance and react to legal matters must evolve quickly. FTI Technology’s teams are focused on addressing these new challenges and opportunities. The recent addition of Managing Director Brandon Lee to the team is a prime example of FTI’s ability to provide solutions and expertise that bridge the most pressing legal, regulatory and data issues. We recently interviewed Brandon about his new role and his unique strategy for supporting in-house legal teams.

Video

The Use of Technology in Irish Dispute Resolution and Compliance Monitoring

In this interview, Chris Dale of The eDisclosure Information Project spoke with FTI Consulting’s Grainne Bryan about the growing acceptance in Ireland that technology must be used to manage data in dispute resolution and compliance monitoring. Ireland has a strict discovery regime, and until the 2016 discovery judgment in IBRC v Quinn, it had not been considered appropriate to use technology to identify discoverable documents. The Quinn judgment changed that and the use of tools like technology-assisted review is now much more common.

Video

CCPA Training Requirements; Understanding and Operationalizing them for Efficiency and Compliance

Many organizations have prepared for compliance with the CCPA, specifically building out consumer rights management processes and procedures. But there are other requirements that must be met in order to maintain CCPA compliance, like the obligation to train employees who are responsible for handling consumer inquiries about the consumer’s privacy rights, or those within the organization whose roles may impact the processing of California resident personal information, such as marketing or IT. Please join FTI Consulting and OneTrust for a webinar outlining the specific training requirements within the CCPA and to learn about resources that can help your organization more easily meet this requirement.

Video

Privacy by Deletion - 5 Steps to Reducing Data Risk

Organizational data is dramatically increasing in size – by some estimates as much as 40-60% growth per year – at the same time that data breaches grow in number.

Case Study

Leading Financial Institution Engages FTI Consulting to Support Global Defensible Data Disposal Initiative

A large, multinational financial services institution kicked off a global effort to remediate its legacy data environments and enable defensible disposal, an effort driven in part to support compliance with the EU’s General Data Protection Regulation (GDPR). The company’s U.S.-based legal, compliance and e-discovery team engaged FTI Consulting’s Technology segment, looking to the expertise of the segment’s Information Governance, Privacy and Security practice to support the project. FTI was tasked with scoping nearly 800 legal matters for legal hold obligations, establishing new legal hold workflows and supporting review and remediation for the sunsetting of multiple systems and storage vendors.

Case Study

FTI Technology Helps Global Electronics Corporation Establish Records Retention Program in Response to Government Monitorship

The U.S. division of a global electronics manufacturer was under regulatory orders to establish a records retention schedule and policy in order to bring its operations in compliance with a government monitorship. Outside counsel engaged FTI’s Information Governance, Privacy & Security team to drive the effort and implement a focused retention schedule as well as a policy that would direct retention for all records and information across the client’s U.S. operations.

Video

Protecting Sensitive Data: Remote Employees, Trade Secrets and Data Loss

There is no question that the last few months have disrupted the workplace in profound ways. While the implications and timeline of this disruption are only just beginning to be fully realized, it’s clear that the transition to remote work for the vast majority of corporate employees has made data potentially more vulnerable to compromise, leakage and theft. Additionally, the upheaval of the global economy means that workforce shifts or reductions are likely inevitable. How can a corporation protect sensitive data in these circumstances? How do organizations detect and respond to data leakage and/or theft when it happens? And once data is compromised and litigation started, how do businesses put a value on what was lost?

Blog Post

Streamlining Privacy Compliance Among Global Regulatory Changes

Organisations that operate globally are subject to the ever-changing and continually developing regulatory landscape, which is challenging to comply with without a robust privacy and information governance backbone. In this blog, Ines Rubio, looks at how using aids such as privacy management technology to stay on top of processing activities and legal requirements will facilitate compliance teams’ work and serve as the go-to resource for updates, queries, and research on regulatory changes.

Blog Post

The Era of Digital Regulation

How content is created and shared on digital platforms is coming under increasing scrutiny with Regulators and the public calling for online platforms to take on more responsibility. Regulation has been on the horizon with France coming close to passing law to regulate online hate speech (subsequently struck down in court due to freedom of speech concerns) and the Online Harms Bill was proposed by the UK in 2019.

Blog Post

Regulatory Update: ePrivacy

The ePrivacy regulation has had an uncertain path, and at times it seemed as though there would be no regulation introduced at all. One of the main stumbling blocks is the impact on online behavioural advertising and cookies walls on websites. However, in mid-February, the Council of the European Union’s Presidency announced a breakthrough: member states finally reached an agreement on the draft text. The next stage will be negotiations between the Commission, the Council, and the European Parliament.

Blog Post

The Dangers of Forgotten Data

Data is easy to forget. Especially with the increase in legacy-to-digital transformation, it’s easy to overlook unused systems or historical backups. All too often, the focus is on transitioning to new, digital technologies without decommissioning the legacy systems they replace.

Blog Post

Privacy Compliance for Small and Mid-Sized Businesses; It’s Not One Size Fits All

Read any survey of the challenges small and mid-sized business leaders face, and you’ll see an array of worries over managing cash, retaining customers, competing and keeping up with technological change. Chances are that regulatory compliance and data privacy aren’t making those lists of issues keeping SMB owners up at night. In fact, the majority of SMBs (80% according to one survey) know very little about whether and how data protection laws affect their business. Nevertheless, many data protection regulations are indiscriminate when it comes to organization size, and with consumers paying increasing attention to data privacy, the issue has become very real in the SMB arena.

Video

The Impact of Data Governance

The modern workplace is in the midst of a massive transformation. An estimated 44% of employees are currently working from home, and a recent survey reported that employers expect the number of full-time workers who remain at home permanently to triple from pre-pandemic figures. The implications of this shift has and will continue to impact policies and operations across business functions, but particularly the data privacy arena, where corporations must consider how a remote workforce impacts regulatory compliance.

White Paper

Effective Strategies to Manage Global Data Challenges

At the recent PrivSec Global event, Nina Bryant and Kajen Subramoney, Managing Directors within FTI Consulting’s Technology segment in EMEA, participated in a panel with other data privacy experts to discuss the current global landscape of data challenges.

Blog Post

Data Risks and Challenges in M&A Transactions

At the recent PrivSec Global event, Sonia Cheng, Senior Managing Director and EMEA Head of Information Governance & Privacy at FTI Consulting, led a panel with Ahmed Baladi, Privacy & Cybersecurity partner at Gibson, Dunn & Crutcher and Linda NiChualladh, Head of Privacy (Legal) at Citi. The session covered the underlying risks and considerations associated with data in M&A transactions and the skills needed to brave a complex M&A data landscape.

Case Study

FTI Consulting Leads Critical Compliance and Data Governance Program for Multinational Telecommunications Corporation

For the client, a global telecommunications company, a steady flow of information is critical to serving its customers, from service orders to data needed by technicians in the field. In order for the client to preserve billions of dollars in government contract revenue, the client needs to fulfill the new CMMC requirements by identifying controlled unclassified information (“CUI”) in more than 3,500 applications comprised of approximately 7,000 structured databases and protect the information in methods outlined by the government. The timeline for identification and protection reduced from 18+ months to less than one year and the privacy concerns must be mitigated while not interrupting critical business operations.

Blog Post

Primary Annual Study Benchmarking the Privacy Profession: The IAPP-FTI Consulting Privacy Governance Report is Now Live

Now in its sixth year, the report takes a deep dive into the leadership structures, core functions, staff and budgets, and tasks and priorities of privacy programs around the globe. It provides key metrics on ongoing compliance with core pieces of privacy legislation and the effects of recent legal rulings and guidance from data protection authorities on processing operations.

White Paper

The IAPP-FTI Consulting Annual Privacy Governance Report 2020

The IAPP-FTI Consulting Privacy Governance Report is the primary annual study benchmarking the privacy profession. Now in its sixth year, the report takes a deep dive into the leadership structures, core functions, staff and budgets, and tasks and priorities of privacy programs around the globe. It provides key metrics on ongoing compliance with core pieces of privacy legislation and the effects of recent legal rulings and guidance from data protection authorities on processing operations.

Blog Post

The Intersection of Privacy and IT: Key Questions Answered

Today, some degree of data privacy and data protection obligations —regulatory, security standards, consumer trust issues, etc.—touch nearly every organization around the globe. Fulfilling those obligations while maintaining operational resilience and productivity generally requires the involvement of multiple stakeholders as well as a broad range of company leaders. While typically led by an organizations legal and compliance department, operationalizing data privacy technology, implementing the required safeguards and governance workflows requires both the support and leadership of IT.

Blog Post

Third-Party Risk Spreads Like a Virus Among Work From Home Employees

Even sophisticated companies that dedicate ample resources to information governance often end up with gaps when it comes to third-party risk management. Now, as employees and third parties adopt new, unvetted applications to do their jobs from home, these gaps have become even greater. Organizations are under tremendous pressure right now—but making time to holistically assess and manage third parties will pay long-term dividends in reducing risk, while employees work remotely, and when they eventually return to the workplace.

Video

Data Retention & Minimisation - Lessons Learned in 2020

Data retention and minimisation played a key role in numerous cases and enforcement actions throughout 2020. Worryingly, the range of infractions varied widely, teaching us that it is certainly an area that is very challenging for organisations to address.

White Paper

IT’s Role in Supporting Global Privacy Compliance

While privacy programs are typically driven by stakeholders in legal and compliance, the requirements, resources, policies, processes and technologies involved with data privacy compliance often cross over with Information Technology (IT). Existing and emerging data privacy and data protection regulations also introduce a new set of considerations for IT teams to address when sourcing, deploying, managing or sunsetting systems and working with third-party providers.

Blog Post

It’s Official. The California Privacy Rights Act of 2020 is Coming.

Along with countless significant decisions, November 3 brought the passage of a long-awaited update to California data privacy law. This week, the California Privacy Rights Act of 2020 (CPRA) passed with a majority vote as expected, adding to and modifying the requirements and enforcement of the California Consumer Privacy Act (CCPA).

Blog Post

A Peek Behind the Curtain of Information Governance Practices Across Startups and the Fortune 500

Information governance (IG) is becoming more difficult. Data volumes are exploding, regulations are emerging and changing and large workforces are widely dispersed across at-home offices. Just as an organization gets a handle on the data from one new system, five more are onboarded. For many legal, compliance and privacy professionals, IG progress may feel like two steps forward, one step back.

Blog Post

How Life Sciences Organizations are Re-Examining their Compliance Operations and Technology

FTI Technology Senior Managing Director Rena Verma recently attended the 17th annual Pharmaceutical Compliance Congress. We asked Rena to share the insights she gathered from fellow risk and compliance experts, and her observations on the key issues facing the pharmaceutical industry.

Case Study

FTI Consulting Implements Robust Information Risk Management Program for Multi-National Financial Services Corporation

At a global financial services institution, lack of governance around legal holds and email archives was creating unnecessary risk and data storage costs. When a new member of the in-house legal team joined the organization, eager to refresh the legal hold process and implement a defensible disposal program, she teamed up with the head of litigation and compliance to establish a firm-wide information risk management program.

Case Study

FTI Consulting Refreshes Legal Hold Practices and Provides E-Discovery Operations Leadership for Global Financial Services Client

Building upon its ongoing partnership with FTI’s experts, the client engaged the team to refresh its legal hold process and serve as its e-discovery operations team. With 80 multinational open matters spanning litigation, compliance cases, data subject access requests (DSARs) under the General Data Protection Regulation (GDPR) and regulatory audits in EMEA and APAC, the client faces a range of complex, high-stakes e-discovery challenges.

Case Study

FTI Consulting Leads Extensive Email and File Share Remediation and Deploys New Retention Policy for Global Financial Services Corporation

Given the client’s lack of a dedicated information governance program and decades of operating without a distinct and enforced email policies, a myriad of obstacles stood in the way of establishing a new approach. FTI would first needed to understand the client’s email and file share universe, and identify any information within those systems that was subject to existing legal hold obligations. With that a baseline, the team could begin disposing of unnecessary data and prepare the archive for a new retention policy.

Case Study

FTI Consulting Defensibly Disposes of Tens of Thousands of Backup Tapes for Global Financial Services Corporation

As a continuation of its information risk management initiative, and to prevent future legal expenses relating to tape restoration, the client sought to remediate more than 50,000 backup tapes. With FTI’s guidance, the organization planned to destroy any tapes that contained legacy data no longer relevant to present legal hold or records retention obligations. Because the previous remediation and retention effort had solidified the email archive as the “golden source” for email data, any tapes containing email were also considered redundant and in need of disposal.

Blog Post

SEC Cyber Report Focuses on Information Governance Best Practices

In January, the Securities and Exchange Commission (SEC) released its most substantial cybersecurity guidance to date. The report, “Cybersecurity and Resiliency Observations,” was the result of examination findings and research from the last five years, much of which was led by the commission’s Office of Compliance Inspections and Examinations (OCIE). This is the first comprehensive guidance we’ve seen from the SEC’s cyber unit since it was established several years ago. In many ways, it reads as an examination pamphlet—outlining the essential information security practices and programs a financial services institution will need to have in place to stand up against a government raid, inquiry or investigation.

Video

Data Mapping for Privacy Obligations and Beyond – How to Reduce Risk and Increase Value

Emerging regulations like CCPA and GDPR have prepared us for compliance readiness – but not without challenges. The anticipated volume of Data Subject Access Requests (DSAR) coupled with vast amounts of personal data collected and stored, will make responding to regulatory deadlines far from easy. Especially knowing where all the data resides, how the data is being used and its contractual, legal and regulatory obligations. The answer is “Data Mapping” – a crucial backbone for compliance and overall health of an organization.

Video

COVID-19 E-discovery Impact Report Findings & How In-House Legal Progessionals Can Reduce Legal Spend

Hear from Tom Jackson and a panel of experts discuss the impact the global Covid19 pandemic is having on the e-discovery industry, how e-discovery professionals have adapted so far, and what changes could be likely post-coronavirus.

Blog Post

When Employees Work from Home, Compliance Culture Requires Extra Care

The last two months have given businesses many new issues to consider and practices to re-examine. Alongside introducing unexpected risks, the sudden shift to working from home has disrupted corporate culture, and more specifically, culture as it relates to compliance and privacy practices.

Webcast

Protecting Sensitive Data: Remote Employees, Trade Secrets and Data Loss

There is no question that the last few months have disrupted the workplace in profound ways. While the implications and timeline of this disruption are only just beginning to be fully realized, it’s clear that the transition to remote work for the vast majority of corporate employees has made data potentially more vulnerable to compromise, leakage and theft. Additionally, the upheaval of the global economy means that workforce shifts or reductions are likely inevitable. How can a corporation protect sensitive data in these circumstances? How do organizations detect and respond to data leakage and/or theft when it happens? And once data is compromised and litigation started, how do businesses put a value on what was lost?

Video

Strengthening Business Resiliency in a Time of Crisis; Data Privacy Strategy and IT Infrastructure Alignment

In the current climate of uncertainty, business resiliency is top of mind for many organizations, but many are struggling to articulate what that might look like and how to achieve it. Moreover, data privacy and security concerns continue as regulators expect and enforce compliance. Fortunately, there are steps organizations can take right now to strengthen business resiliency. These strategies not only help with regulatory compliance, but also serve as a meaningful business integrity component that can help steady the rudder in tumultuous times.

White Paper

Future-Proofing Corporate Data Privacy: Budgeting and Solutions to Address Tomorrow's Compliance Challenges

FTI Consulting surveyed over 500 corporate data privacy leaders to understand the solutions, strategies and budgets companies have planned to address data privacy challenges in the coming year. This survey report illustrates how organizations are balancing the costs and risks of managing data in an ever-changing data privacy landscape; the importance of implementing a strategic combination of people, process and technology to mitigate data privacy risk; and the status of future plans in light of today’s uncertainties.

Blog Post

Q&A: Renato Fazzone Discusses Expanding Footprint and Client Service in Germany

The recent appointment of Renato Fazzone as Senior Managing Director and Germany Head of Technology established our permanent presence in the German market for our Technology practice. Backed by more than 15 years working in e-discovery and litigation support, as well as advising clients on corporate fraud and antitrust matters, Renato is eager to expand our offerings and expertise to clients in the region. We recently sat down with him to discuss his vision, the top issues impacting German corporations today, and how the COVID-19 pandemic is impacting FTI’s offerings.

Webcast

How to Strengthen Your Business Resiliency with Data Privacy Strategy and IT Infrastructure Alignment

In the current state of uncertainty, business resiliency is top of mind for many organizations; however, many are struggling to articulate what that might look like and what can be done in the near term to achieve it. Moreover, data privacy and security concerns continue to reside at the center of that process, with regulators continuing to expect – and enforce – compliance. Fortunately, there are steps organizations can take right now to strengthen business resiliency. These strategies not only help with regulatory compliance, but also serve as a meaningful business integrity component that can help steady the rudder in tumultuous times. Join this webcast to hear experts discuss these strategies and practical steps for implementing them.

White Paper

Limping to the GDPR Finish Line - Why Many Companies Still Aren’t Fully Compliant

To date, GDPR compliance at most organizations has been approached from the top down. Policies and procedures are essential. However, now that most organizations have those in place, it is time to begin revisiting GDPR programs from the bottom up — starting with the systems where data lives, to ensure cohesive alignment between the existing privacy policies, business requirements, and the IT systems and infrastructure.

Blog Post

COVID-19: The Call for Personal Data Hygiene

Coronavirus is everywhere, figuratively and literally. It has overtaken our news, social feeds, and nearly every message and exchange. We’re getting a glaring reminder of the importance of strong personal hygiene (wash your hands!). But what about information hygiene? Beyond the devastating impacts on health infrastructure, human life and the economy, this crisis is also exposing new risks to personal data.

Video

Data Privacy Implications of Cloud-Based Social Collaboration Apps

An array of cloud-based workplace collaboration tools and messaging applications have become standard inside organizations around the globe. Yet many companies are unable to control the growth, management and discovery of the data within these applications. Oftentimes third parties host the data,but lack standard export workflows or preservation policies and process, making it difficult to obtain, quantify or assess. And, perhaps most importantly for those concerned with privacy, these applications are often engineered to prioritize individual user privacy, at the risk of enabling any sort of organized governance.

Case Study

FTI Technology Guides Large Global Healthcare Corporation Through Extensive Information Governance Transformation

More than 1.5 billion emails. Terabytes of data scattered among dozens of disparate vendors and outside providers. Thousands of custodians on legal hold. Numerous major legal matters at any given time and millions of dollars in annual e-discovery costs. After decades of an unsustainable but pervasive “save everything” data retention model, a large global healthcare corporation recognized the increasing risk and excessive costs of its existing approach.

White Paper

Corporate Data Privacy Today; A Look at the Current State of Readiness, Perception and Compliance

FTI Consulting recently conducted a survey of more than 500 data privacy leaders of large, U.S.-based companies. The results illustrate the state of data privacy in today’s corporations, giving insight into the programs, perceptions and strategies at play.

Video

Five Strategic and Practical Information Governance Considerations During a Merger or Divestment

M&A activity stayed strong in 2019 from large acquisitions and strategic divestitures to smaller bolt-on acquisitions. M&A activity in the large pharmaceuticals, aviation and media industries, all highly litigious sectors from an information governance perspective, dominated the news cycle most recently. During this webcast, our experts outline an M&A playbook on data privacy, contract intelligence, legal holds and data preservation, intellectual property (IP) information and resources to support the various information governance initiatives during a merger or divestment.

Blog Post

2020 + CCPA = $55 Billion Spend for Businesses

The California Consumer Privacy Act (CCPA) has arrived, and businesses are bracing for the financial impacts. Every company’s risk and compliance posture is different, and each company’s data footprint is unique, so the cost of compliance will range from company to company. Generally, estimates from the California Department of Justice project that compliance will cost up to $50,000 for small businesses and $2 million for companies with more than 500 employees. This totals a forecasted $55 billion in initial expenses to operationalize the new requirements.

Video

Friend, Foe or Frenemy: Understanding the Risk of Too Much Data

FTI Consulting’s European Information Governance Leader Sonia Cheng looks towards 2020 and talks about some key issues and topics in information governance and data privacy. These include the core ingredients to make an information governance programme successful, the emerging risk areas information governance that corporations are facing and how technology can help modernise data compliance initiatives.

Blog Post

2020 Forecast: Expect Landmark Changes in E-Discovery, Data Privacy and Investigations

Across our practice areas, we asked our experts to share their predictions for what will shape legal, compliance and information governance in the coming year. Below is a roundup—across new laws, emerging technology and key industries—of what they expect will make the biggest impact to businesses worldwide.

Video

Managing Global Data Subject Rights

GDPR. LGDP. CCPA...In this sea of uncertainty, how do you keep your privacy programme afloat?

White Paper

Committing To Data Privacy Compliance: The California Consumer Privacy Act And Steps To Prepare

California’s new data privacy law, The California Consumer Privacy Act of 2018 (CCPA), is ushering in a new era of consumer privacy protections in the U.S. The law takes effect January 1, 2020, and will provide broad privacy protections for California residents. To ensure regulatory readiness, organizations must prepare for the impact the law will bring to their business, understand obligations and take steps to modify processes accordingly

Webcast

US-UK-EU Cross-Border Data Transfers After Brexit

Webcast

The Business of Law 2020: The FTI-Relativity General Counsel Survey

What does the future hold for law and business in 2020 and beyond? Chief legal officers provide a unique perspective, and to analyze that perspective, Relativity and the FTI Technology business unit of FTI Consulting commissioned a study by Ari Kaplan Advisors, surveying general counsel on a wide variety of legal issues affecting business and the legal profession. Limiting the study to chief legal officers, the survey covered topics ranging from the technical competence of legal teams to preparedness for cyberattacks. Attend this webcast to understand what these results imply about the future of the legal industry.

White Paper

The General Counsel Report: Corporate Legal Departments in 2020

FTI Technology and Relativity partnered with Ari Kaplan Advisors to survey chief legal officers about the future of the legal industry and the skills and expertise needed for the next generation of lawyers. The results of these interviews clearly indicate an industry in transition across four key areas: the evolving role of in-house counsel, risk factors and how the modern legal department is addressing them, technology and innovation in law, and advice that general counsel have for their law firms and for future lawyers.

Blog Post

Europe’s Top Court Delivers Landmark Privacy Decisions with Broad Implications for the Regulation of the Internet

Europe’s highest court, The European Court of Justice ("ECJ") in Luxembourg, ruled on two cases last week involving GDPR’s right to be forgotten as it applies to information available on the internet. In the first ruling, the court held that the privacy rule cannot be applied outside the European Union. In the second, the court said the right to freedom of information must be balanced against the right to privacy and specifically the right to have links related to certain categories of personal data automatically deleted.

Webcast

Data Privacy Implications of Cloud-Based Social Collaboration Apps

An array of cloud-based workplace collaboration tools and messaging applications have become standard inside organizations around the globe. Yet many companies are unable to control the growth, management and discovery of the data within these applications. Oftentimes third parties host the data, but lack standard export workflows or preservation policies and process, making it difficult to obtain, quantify or assess. And, perhaps most importantly for those concerned with privacy, these applications are often engineered to prioritize individual user privacy, at the risk of enabling any sort of organized governance.

Blog Post

TMT Boards Threaten 2020 Growth if they Ignore Data Privacy Today

This year will see real progress in 5G network implementation, an expansion of the connected device marketplace, further adoption of applied AI and the advancement of ad-tech capabilities. These constituent parts will more noticeably converge and begin to firm up the long-term vision of global commerce, in which online platforms will have greater reach into the real world and the consumer’s data will fuel unprecedented insights and outcomes. In parallel with this push into the future, global Technology, Media and Telecom (TMT) corporations will continue to struggle with data privacy regulatory risk.

Blog Post

Recommended Reading: Texas Introduces Privacy Bills Furthering the Data Security and Privacy Conversation in the US.

As the trend continues, Texas has joined other states in the data privacy ring by introducing two privacy and data protection bills. Both bills are aimed at protecting personal information and holding companies accountable for data security.

White Paper

Spear Phishing: Carefully Targeted, Extremely Damaging and Fast Increasing

As spear phishing becomes sophisticated and widespread it’s essential that organisations take a multi-layered approach to protecting themselves. This means buying in expertise in staff training, cyber security and monitoring from an external source that specialises in this growing risk.

Video

Integrating Data Privacy Into Your Organization’s Business Strategy

With the advent of regulations like GDPR and the California Consumer Privacy Act of 2018, corporate leaders are beginning to recognize that poor data privacy risk management can harm competitive advantage, weigh down return on investment and have long term erosive effects on shareholder value. But how involved should executives be in privacy risk management decision making? And how can the corporate boards, the C-suite and legal and compliance stakeholders align business goals with privacy risk management?

PDF

23 NYCRR 500 Assessment Readiness and Compliance for Financial Services Firms

In 2017, the New York State Department of Financial Services implemented 23 NYCRR 500, commonly known as New York’s Cybersecurity Regulation. Although these requirements align with many information governance and cybersecurity best practices, they are extensive in scope.

Blog Post

Five Lessons Learned from Early GDPR Fines

Earlier this month, data protection authorities in Portugal doled out a €400,000 fine to a hospital for failure to apply appropriate access controls over digital patient data. This is one of the first penalties we’ve seen issued under GDPR since its enactment earlier this year. There are several interesting elements of this particular case, one of which is the fact that fines were imposed even though no data breach event occurred.

Blog Post

GDPR Compliance - The Unintended Consequences for Organisations

GDPR has made data protection a reality not only for heavily regulated industries but for all organisations. Once seen purely as a legislative burden, GDPR compliance is now providing organisations with a range of benefits.

Video

Data Management – From the Basements to the Boardroom

Data is a strategic asset and GDPR has raised the profile of data management from the basements to the boardroom and assigned a strategic value to understanding our data, how we use it, where we store it, how it flows between systems and processes and ultimately how long it should be retained and protected. In this short video, information governance expert Nina Bryant talks about how GDPR has been driver for organisations to assess both the risk and the value of the data they hold.

Blog Post

Are Data Subject Access Requests a Trick or a Treat?

It’s that time of year… no, not when bands of trick-or-treaters are traipsing up your walk, but when the ghoulish specters called data subject access requests (DSARs) are going to start flooding in.

White Paper

The State of Information Governance

Bloomberg Quick Pulse 2018 Survey Report

Blog Post

Recommended Reading: $17 Million Settlement in US Privacy Suit

A California-based consumer electronics company has agreed to a $17 million settlement in a lawsuit that claimed the company installed data-tracking software on its internet-connected smart TVs without notifying customers, and then profited from the sale of the personally identifiable information to advertisers.

Blog Post

Recommended Reading: Examining Safeguards for Consumer Data Privacy

For those interested in the growing momentum around broader US data privacy protections, I wanted to flag a recent Senate hearing on “Examining Safeguards for Consumer Data Privacy.” On Wednesday, September 26, 2018 the Senate Committee on Commerce, Science, and Transportation met to examine consumer protection and privacy policies of top technology and communications firms.

Blog Post

Recommended Reading: Data Breach and Potential Class Action in UK

After a recent data breach, a law firm is threatening the company with a potential class action lawsuit, citing Article 82 of the U.K. Data Protection Act. Specifically, the law firm is citing the "right to compensation and liability" — which states, "Any person who has suffered material or non-material damage as a result of an infringement of this regulation shall have the right to receive compensation from the controller or processor for the damage suffered."

White Paper

GDPR Breach Crisis: Are You Prepared?

The GDPR compliance deadline might have passed but over two-thirds of UK firms acknowledge they are at risk of a GDPR breach crisis. While data mapping and updating privacy policies are an important aspect of GDPR preparedness, many companies will struggle to respond to GDPR breaches and incidents.

Video

Combining Contract Intelligence with Information Governance to Find Value in Your Data

How can you use Data Governance to add value to the organization? Information Governance and Contract Intelligence offer multiple ways to not only reduce risk, but gain efficiencies. IG programs have largely gone from catch-all, ‘boil the ocean’ pursuits to a series of concrete, practical actions an organization can take to reduce data volumes, become more efficient and protect data ‘crown jewels’. Contracts, when organized and mined effectively, can reduce risk and actually create value for the organization. Attend this session to learn how to apply IG techniques and utilize your contract universe to gain efficiencies and reduce risk.

Webcast

From Security to Savings: Benchmarking Your InfoGov Program Against Peers

Attend this webcast to learn the specifics – budgets, priorities, quantifiable results – of how corporations are building and managing information governance programs. This webcast will feature survey results from a recent Bloomberg study benchmarking information governance programs across a number of key vertical industries.

White Paper

Advice from Counsel: State of the Union on Data Privacy & Security

The 12th Advice from Counsel study explores how issues of data security and privacy impact in-house legal teams at Fortune 1000 corporations and reveals the top concerns and emerging best practices across three key and intersecting topics: the General Data Protection Regulation (“GDPR”), IG and data security and remediation.

Video

Leading the Way with Information Governance

By the end of May 2018, the landscape of how organisations manage information about clients will be completely transformed by some of the world’s toughest new legislation.

Video

Building an Intelligence-Led Cyber Program

With reports of major breaches surfacing with alarming frequency, Boards and C-Level management are increasingly looking to Legal to implement programs that help the corporation prepare for, and reduce fallout from, inevitable cyber incidents. How can in-house counsel implement the right measures to minimize damage to the corporate reputation, loss of key data and legal and regulatory penalties? And how can you make sure your team is not already behind the ball at the time of incident detection?

Video

Five Steps to Prepare for GDPR

When the European General Data Protection Regulation (GDPR) enforcement kicks in this May, responding to data subject rights will be a challenge for many large organizations. The GDPR enables EU individuals to request corporations to inquire about what personal data they have on them or even delete their personal data. Requests must be responded to promptly, within one month, leaving companies very little time to perform a task that they may not be equipped to handle. No barrier exists for citizens to enact these rights, and some countries are planning campaigns to educate the public on them in the coming year.

Blog Post

Regulatory Compliance as a Competitive Advantage

Next year, firms around the globe will be impacted by some of the world’s toughest new regulations and privacy requirements. Adapting to this new landscape was a key topic at The Lawyer's Managing Risk and Litigation conference.

Video

Reducing Cost and Risk with Information Governance

Exploding growth of corporate data, whether stored on servers, in the cloud or on employee devices, presents new challenges and opportunities for all organisations. Information Governance enables companies to get control over their information and allows them to make better business decisions.

Blog Post

Equifax Breach a Category 4 or 5 Attack, but By No Means Unique

Late last week, we learned that Equifax was breached via a simple web application weakness, and over 143 million consumers’ records were compromised. The bad (worse) news is that this story is not unique, and this is by no means the final chapter.

Blog Post

Advice From Counsel Featured in Security Technology Executive Magazine

With organizations increasingly challenged to support the modern workplace environment – mobile phones, remote employees, cloud collaboration sites, social media, IM platforms and chatrooms – while keeping this data secure and easily retrievable for legal or regulatory needs, we at FTI conducted the latest iteration of AFC to uncover how legal teams are handling the challenges.

White Paper

Using Information Governance Tactics to Prepare for the GDPR

Much like Information Governance, preparation for the General Data Protection Regulation is a cross-departmental concern that requires input from many different groups within an organization, including privacy, compliance, legal, line of business, IT and information security.

Blog Post

How Counsel Can Leverage the Power of IG

While information governance is often thought about in the context of data security and IT efficiency, there is an equally important factor that deeply resonates with a corporation’s board and C-suite: reputational risk.

White Paper

The Lawyer - Global Litigation 50 Report, 2017

Technology is revolutionising the way lawyers practice their trade. To deliver the greatest value to their clients, legal professionals must know about the latest technological solutions.

Video

Privacy by Deletion: 5 Steps to Reducing Data Risk

Organizational data is dramatically increasing in size – by some estimates as much as 40-60% growth per year – at the same time that data breaches grow in number. How can IT and legal teams work together to better protect sensitive corporate data and stave off data breaches?

Blog Post

FTI Discusses Information Governance Enforcement in InformationWeek

Sean Kelly highlights steps IG teams can take to build enforcement into their policies from the outset.

White Paper

92 Reasons to Delete Data

Data storage has never been cheaper. But the downstream costs – data discovery, legal review and data breaches, to name just a few – have never been higher. If you don’t yet have a data remediation policy, this collection of stats, facts and references provides 92 reasons to start planning for one.

Video

GDPR: A Challenge and an Opportunity

In the first of our series of short videos on GDPR, Sonia Cheng, FTI Consulting’s European Information Governance Leader, talks about what GDPR is, the key steps to compliance, and what to do if you have limited time and budget.

Video

Policies & Procedures for Keeping Employee Data Inside the Organization, Not Out

In the first of a two-part webcast series, "Don't Let Sensitive Data Walk Out Your Front Door," learn what standards leading organizations are taking to keep sensitive data required for litigation and compliance safe and secure.

Blog Post

We Now Have an Instruction Manual for Data Security Programs

Target’s multistate settlement ($18.5MM) for their 2013 data breach is the strongest evidence yet that Data Governance and Security is impacting organizations in every vertical and geography.

Video

Using Information Governance Strategies to Prepare for the GDPR

The General Data Protection Regulation (“GDPR”) goes into effect in roughly one year and yet many companies are still behind in preparing for compliance. This webcast will help you understand the top priorities and challenges with meeting GDPR requirements, how to assess your organization’s exposure, how to prioritize actions and how to take the first steps toward compliance.

Blog Post

IG Engagement, Enablement and Change to Ensure Policies Aren’t Collecting Dust

Policy enforcement is a challenging task for most organizations – more so for those in regulated industries that have a highly complex legal and compliance profile.

Blog Post

A Lawyer’s Role in Microsoft 365 Migration

O365 migration should be viewed as a critical business initiative that requires the involvement of the legal department as one of the primary decision makers every step of the way during a migration.

Blog Post

Microsoft 365 Migration Considerations Discussed in Computer Business Review

With increasing adoption of Microsoft 365 (O365), analysts have indicated the migration process has arisen as an acute pain point from an information governance and e-discovery perspective.

Video

Microsoft 365: Maximizing the Opportunity for Legal & Regulatory Compliance

Microsoft 365 represents a transformational change for how organizations create, share and manage enterprise data. The migration to Microsoft 365 also offers legal teams a once-in-a-decade opportunity to develop and implement industry best practices for e-discovery and information governance. Utilizing Microsoft 365 demos and migration case study examples, this interactive webcast will address the legal and regulatory impacts of Microsoft 365.

Video

The Importance of Information Governance

Jake Frazier, FTI Consulting’s Global Information Governance Leader, gives his thoughts on why it’s essential for organisations to have a robust information governance programme in place and one that involves various stakeholders around the business involved, including legal. With the growing amounts and types of data how can companies get the right balance between the cost of keeping their data and ensuring its security?

White Paper

Transforming Risk: Shifting from Reactive to Proactive

With many organisations struggling to deal with the rapid explosion of data, coupled with increasingly aggressive regulatory enforcement, how should they drive change in information governance?

White Paper

Transforming Risk with Better Information Governance

As regulated companies are required to manage ever growing amounts of data, and regulators are imposing increasingly severe fines, how can firms ensure they comply with this greater scrutiny?

Video

Legal Holds in the Age of the Cloud and Information Governance

Legal holds are a critical part of the e-discovery process, yet so many companies struggle to develop a formal system or keep their legal hold processes and technology up-to-date. This is about to change. Two major trends are pushing legal teams to address the current gaps in their legal hold process.

White Paper

Quick Wins in Information Governance

From protecting sensitive customer data from cyber threats to complying with data protection laws, corporate information governance efforts are quickly becoming “must do” projects. In this paper, Sonia Cheng gives her top 5 pragmatic and proactive tips to help in-house legal teams achieve quick wins for information governance projects.

Blog Post

FTI Shares Information Governance Philosophy in Cybersecurity Law & Strategy

One of the most meaningful elements of information governance is how it can drive the differentiation of data types and enable stronger security protocols around a corporation’s most sensitive data.

Video

Defensible Remediation of “Dark Data”

Many companies are wasting money on storage or exposing themselves to data breaches by supporting massive amounts of "dark data." Learn how you can get your dark data under control with this FTI Technology case study of our information governance services.

Video

Advice from Counsel: Finding “Quick Wins” in Information Governance

In the latest Advice from Counsel report, we asked a wide range of questions to better understand how corporations are approaching information governance.This includes their key challenges, areas of success, and some of the basic mechanics they have adopted to develop and implement these programs. The results clearly show that with a few exceptions, most organizations are in the early stages of information governance adoption. Yes these executives have strong advice on how best to begin and implement an information governance initiative.

White Paper

The State of Information Governance in Corporations

For this Advice from Counsel study, we interviewed in-house counsel to better understand the health and success of information governance programs within corporations. The results clearly show that with a few exceptions, most organizations are in the early stages of information governance adoption. Yet these executives have strong advice on how best to begin and implement an IG initiative. From these results, organizations can better under¬stand how their peers are successfully keeping an eye on the big picture while executing quick wins that help build momentum for broader IG initiatives.

Blog Post

Multi-National E-discovery During Privacy Shield Limbo

In October, the High Court of the European Union made a ruling that nullified the existing Data Safe Harbor agreement between the EU and the U.S., which since 2000, outlined rules allowing the transfer of protected data from Europe across our borders. The safe harbor agreement provided a way for U.S. companies to migrate personal data originating in the EU, to the U.S. for e-discovery and regulatory purposes, in a way that was consistent with the EU Data Protection Directive.

Video

Advice from Counsel: The State of Information Governance in Corporations

From well-publicized data breaches to skyrocketing data growth (and costs), information governance challenges are all around us. How are corporations responding? What are the teams and roles driving information governance policy development? How are these policies communicated and enforced, not just internally but with external partners and stakeholders? Which IG strategies are producing tangible results, and which programs are coming up short?

Case Study

FTI Technology Crafts Solution to Remedy Health Care System’s Data Ills

Understand corporate data residing on various networks and Sharepoint sites to proactively reduce data footprint and reduce future risk and exposure.

White Paper

Identifying & Protecting the Corporate Crown Jewels

Every organization has a set of crown jewels—information that is critical, unique or irreplaceable. From the CEO’s emails to the board, to sensitive IP, organizations need to properly identify, categorize and secure these crown jewels. This paper is designed to provide a practical overview of how to secure your company’s crown jewels, from stakeholder involvement to developing repeatable processes and technical considerations.

White Paper

Why Data Deletion Makes Sense (and Dollars)

Conventional wisdom says the cost of storing data is declining. That’s true. But the total cost to businesses to store data is rising unsustainably because they are collecting — and retaining — more data than ever before. The key to controlling costs and freeing up operating capital is deleting data you don’t need to store. How do you know what you don’t need? Two words: information governance.

White Paper

Advice from Counsel: The Emerging E-discovery Playbook

Fortune 1000 corporate counsel share advice about how corporations manage their e-discovery programs in this annual survey.

Blog Post

Advice from Counsel | Part 3: The Emerging E-discovery Playbook

The first two posts in this series highlighted some fascinating findings from our annual Advice from Counsel study, providing recommendations for the top corporate e-discovery ‘plays’ according to legal departments at Fortune 1000 corporations. Some of the top practices touched on included preservation and collection, when to utilize service providers, tackling the uncertain waters of predictive coding and leveraging data re-use. In addition to the five overarching ‘plays’, the survey respondents also weighed in on other pressing matters that are impacting e-discovery today, and will continue to do so in the near future.