Information governance: Not quite there yet

governance_0

Image Credit

In this post, David Roe reports on the findings of  Information Coalition’s (IC) Information Strategy 2017 report to which, unfortunately, I do not have access. Roe states that despite years of talking about information governance and compliance, less than half of companies surveyed have a compliance culture  — and many companies apparently have no governance strategy at all …. [and] rate their organization’s information-related metrics as severely lacking. In fact, they add, employees turn to unauthorized apps to get the information they need to get their work done.

The study used the IC Information Governance Model as the benchmark to assess the effectiveness of information governance efforts:

  • Authorities: Clearly defining the roles and stakeholders that should be a part of your Information Governance effort
  • Supports: Supports must underly [sic] your Information Governance efforts to ensure ongoing, sustainable success
  • Processes: Processes exist to ensure that your Information Governance efforts are actionable.
  • Capabilities: Starting with creation through to disposal, information moves. You must have these capabilities to enable that movement.
  • Structures: From technology structures to taxonomic structures, the Information Governance model covers it all.
  • Infrastructure: While planning is fundamental, at some point the technology must align completely.

I have given presentations to members of government agencies about information governance. The response I often receive is that they are aware of the need for, and the principles of, information governance. The challenge, it seems, is translating that knowledge into specific action. Clearly, much more work still needs to be done.

Advertisements

Opening your doors to strangers

61oTC5hcqxL._SL1000_

In its continued push to change the face of the retail market, Amazon has introduced the Amazon Key service for Prime members. As a Prime member, get your Amazon packages securely delivered just inside your front door. Plus, grant access to the people you trust, like your family, friends, dog walker, or house cleaner – no more leaving a key under the mat. They Amazon Key In-Home Kit includes: Amazon Cloud Cam (Key Edition) indoor security camera and compatible smart lock. Below is a listing of some of the features:

  • Real-time notifications. We’ll send notifications the morning of delivery, just before, and right after. Watch your delivery happening live or view a video clip of it later.
  • Give family and friends temporary, recurring, or permanent access. Or provide one-time access for your electrician or dog walker. You’re in control—just schedule the date and time window.
  • Check in on your front door 24/7. The Amazon Key In-Home Kit includes an Amazon Cloud Cam (Key Edition) indoor security camera with 1080p Full HD, night vision, and more—plus an Amazon Key-compatible smart lock for secure access control.

The starting price is $249.99 USD, depending on location. This service is not yet available in Canada.

I have been an Amazon Prime member for a few years now, mostly because of the unlimited free cloud storage for my digital images, and for the free two-day delivery (sometimes) for items that are marked as “Prime.” The Amazon Prime video streaming service is thrown in but, to be honest, its offerings are limited in number and, more importantly, in quality.

Two-day express delivery is a lovely concept, but its value can become rather moot when you are never home to receive the packages. I can send smaller packages to my office, but since I take public transit, I am limited by what I can carry. My usual route is to have the packages delivered to my local post office. I can certainly see the attraction in having Amazon deliver my packages to my home while I’m not there, but the privacy and security considerations are high. For people like me who live in condominiums, this service likely won’t work very well if bylaws don’t allow people to install security cameras outside front doors of individual units.

I have been willing to sacrifice a degree of privacy for the convenience of online shopping for several years; I’m not sure, however, that Amazon Key is a line I am willing to cross. How will Amazon store all the data captured by the cameras? How much information would be gathered about other aspects of people’s lives via the camera, such as the faces and ages of their children, visitors, friends, family members, and so forth? There is a four-hour delivery window, which means your camera will be active for at least that long. Does the camera continue to transmit data to Amazon all day? You can check on the camera 24-hours a day, so does this mean that Amazon receives this information as well? Do I want Amazon to know my daily habits, such as when I go out, what time I return home, and so forth?  I am sure that Amazon is laying the groundwork for automated ground delivery. So many questions to ponder. I think it’s worth the five-minute walk to the post office: The exercise will do me good, as will the peace of mind.

 

 

Why people may experience difficulty writing

Speaking of writing, I have neglected this blog lately, as I have been caught up in too many other things, but I would like to get back on track. Today’s post isn’t related specifically to metadata or information management, but it’s a topic that is very close to my heart, namely, the art of writing. I have been fortunate in my life to have been formally schooled for many years in the grammar and syntax of a number of languages. The quality of writing in so many environments does appear to be declining, and I certainly see this in many of the assignments that I receive. While problems with grammar and syntax are common and, unfortunately, on the rise, the bigger matter is the ability to communicate clearly and concisely.

In this post, Glenn Leibowitz’s discusses his frequent encounters with writing that is loaded with jargon, clichés, technical terms, and abbreviations. Leibowtiz asks:  what is the writer trying to say, exactly? And second, how can the writer convey her ideas more clearly, without having to lean on language that confuses the reader? Leibowitz discusses  psychologist Steven Pinker’s belief that the root cause of poor writing is the Curse of Knowledge, which he defines as “a difficulty in imagining what it is like for someone else not to know something that you know.” I encounter this phenomenon frequently in academic writing; as a reviewer of manuscripts, I have often found it necessary to ask authors to provide further clarification of pivotal concepts or ideas they discuss. When marking papers, I often remind students to be wary of assuming prior knowledge on the part of the reader. This situation can be remedied relatively easily by the provision of simple explanations.

Jargon, on the other hand, is more insidious and difficult to deal with. Jargon is particularly rampant in the business environment, and I encounter it frequently from some colleagues in my faculty.  There have been a number of articles about the pervasiveness of jargon and “management speak.” This post suggests that jargon may be a means of validating the importance of the work; further, when we replace a specific task with a vague expression, we grant the task more magnitude than it deserves. If we don’t describe an activity plainly, it seems less like an easily achievable goal and more like a cloudy state of existence that fills unknowable amounts of time. This post suggests that jargon is used for two reasons:

  • Technical. In this case, you have a specific highly technical area where jargon helps communicate more clearly, efficiently and effectively (within the technical community).
  • Posturing. Here people choose to use language that prevents others understanding what they are saying. The word ‘evasive’ is used a lot in connection with this type of jargon.

This post provides useful tips for how to avoid jargon:

  • Try to think of a different word. If you can’t come up with one, try harder. If you still can’t think of one – Google it.
  • Think about your audience and what you’re really trying to communicate. Where are these people coming from? What are they interested in? Keeping these things in mind, how can you communicate your message clearly, simply, and effectively?
  • Ask yourself if a fifth grader would understand it. That doesn’t mean you should weed out complexity, but think about simplifying language. Simple doesn’t mean stupid.
  • Have someone who is not familiar with devspeak (development speak) read over your work and give you feedback. Eventually, you’ll start to learn which words make no sense, and which ones are OK.

I am crossing my fingers that this post does not contain jargon.

Privacy and the monetization of data

In this article, David Rabb discusses the various privacy implications of the monetization of data. Rabb focuses specifically on Personally Identifiable Information (PII) that companies can obtain about people through cookies, IP addresses, GPS, and so forth. Companies have often touted the anonymity of cookies but, as Rabb points out, there are many ways to tie cookies to known individuals, a process that often includes “consent” consumers don’t know they’ve granted. Other theoretically anonymous identifiers such as device IDs and IP addresses can also often be connected to PII. And research has shown that even less specific information, such as a collection of taxi trips or a combination of birthdate [sic] and Zip code, are [sic] often enough to identify specific individuals.

I don’t think that most internet users are naive enough to think that companies don’t have their PII but, as Rabb points out, customers may broadly assume your company knows everything about them but they can still be surprised at the data presented in specific situations – especially if that data is wrong.

Information managers face the increasingly complex task of maintaining the security of PII, ensuring this information is accurate, using only the personal information needed for a specific task, and ensuring that the privacy rights of customers are respected.

Text messages as health records

A research study from York University, one of my almae matres, studied text messages sent between nurses and physicians in deteriorating internal medicine patients requiring escalation to intensive care unit (ICU) to identify issues in failures to rescue. Looking at records from 2012 to 2014 at the Toronto General Hospital, the team found that message quality was positively linked to survival. The study highlights the need for a standardized and responsive text-based communication system.

As a taxonomist and cataloguer, I’m pleased to see a degree of authority control (or standardized vocabulary) used in these text messages, as shown in this legend of abbreviations:

RR = respiratory rate; NP = nasal prongs; bpm = beats per minute; BP = blood pressure; pt = patient; NS = normal saline; TM = tracheostomy mask; A&O = alert and oriented; ABG = arterial blood gas; CCRT = critical care response team (rapid response team).

I’m interested also in whether hospitals have a plan for managing these records. I consider these records to have business value, since they document decisions made, and transmit patient information. Are these text messages subjected to any records and information management policies and standards? Are they subject to retention schedules? Given the potential confidential nature of the content of these messages, how is their security maintained? Are personnel using mobile devices that are owned by the hospital and protected by firewalls? There is certainly a lot of ground to explore here. I think a discussion with the authors might be interesting.

 

National Archives of Australia’s new information management standard

The government of Australia has been a significant leader in the field of information management for several years, and serves as the standard I use in my RIM classes to demonstrate IM best practices. Continuing this fine tradition, the National Archives of Australia has just published a new Australian Government standard to manage business information.

The new Information Management Standard (IMS) outlines principles to help agencies meet business, government and community needs in relation to how information is managed across the sector and aims to help them maximise the business benefits of well-managed information in the Australian Government.

The eight principles are:

Principle 1: Business information is systematically governed
Principle 2: Necessary business information is created
Principle 3: Business information is adequately described
Principle 4: Business information is suitably stored and preserved
Principle 5: How long business information should be kept is known
Principle 6: Business information is accountably destroyed or transferred
Principle 7: Business information is saved in systems where it can be appropriately managed
Principle 8: Business information is available for use and reuse.

This standard complements the National Archives’ Digital Continuity 2020 plan.