Privacy and the monetization of data

In this article, David Rabb discusses the various privacy implications of the monetization of data. Rabb focuses specifically on Personally Identifiable Information (PII) that companies can obtain about people through cookies, IP addresses, GPS, and so forth. Companies have often touted the anonymity of cookies but, as Rabb points out, there are many ways to tie cookies to known individuals, a process that often includes “consent” consumers don’t know they’ve granted. Other theoretically anonymous identifiers such as device IDs and IP addresses can also often be connected to PII. And research has shown that even less specific information, such as a collection of taxi trips or a combination of birthdate [sic] and Zip code, are [sic] often enough to identify specific individuals.

I don’t think that most internet users are naive enough to think that companies don’t have their PII but, as Rabb points out, customers may broadly assume your company knows everything about them but they can still be surprised at the data presented in specific situations – especially if that data is wrong.

Information managers face the increasingly complex task of maintaining the security of PII, ensuring this information is accurate, using only the personal information needed for a specific task, and ensuring that the privacy rights of customers are respected.

Advertisements

Text messages as health records

A research study from York University, one of my almae matres, studied text messages sent between nurses and physicians in deteriorating internal medicine patients requiring escalation to intensive care unit (ICU) to identify issues in failures to rescue. Looking at records from 2012 to 2014 at the Toronto General Hospital, the team found that message quality was positively linked to survival. The study highlights the need for a standardized and responsive text-based communication system.

As a taxonomist and cataloguer, I’m pleased to see a degree of authority control (or standardized vocabulary) used in these text messages, as shown in this legend of abbreviations:

RR = respiratory rate; NP = nasal prongs; bpm = beats per minute; BP = blood pressure; pt = patient; NS = normal saline; TM = tracheostomy mask; A&O = alert and oriented; ABG = arterial blood gas; CCRT = critical care response team (rapid response team).

I’m interested also in whether hospitals have a plan for managing these records. I consider these records to have business value, since they document decisions made, and transmit patient information. Are these text messages subjected to any records and information management policies and standards? Are they subject to retention schedules? Given the potential confidential nature of the content of these messages, how is their security maintained? Are personnel using mobile devices that are owned by the hospital and protected by firewalls? There is certainly a lot of ground to explore here. I think a discussion with the authors might be interesting.

 

National Archives of Australia’s new information management standard

The government of Australia has been a significant leader in the field of information management for several years, and serves as the standard I use in my RIM classes to demonstrate IM best practices. Continuing this fine tradition, the National Archives of Australia has just published a new Australian Government standard to manage business information.

The new Information Management Standard (IMS) outlines principles to help agencies meet business, government and community needs in relation to how information is managed across the sector and aims to help them maximise the business benefits of well-managed information in the Australian Government.

The eight principles are:

Principle 1: Business information is systematically governed
Principle 2: Necessary business information is created
Principle 3: Business information is adequately described
Principle 4: Business information is suitably stored and preserved
Principle 5: How long business information should be kept is known
Principle 6: Business information is accountably destroyed or transferred
Principle 7: Business information is saved in systems where it can be appropriately managed
Principle 8: Business information is available for use and reuse.

This standard complements the National Archives’ Digital Continuity 2020 plan.

 

The changing role of the Chief Information Officer

In this article, Andrew Horne, IT practice leader at CEB, discusses the changing role of the Chief Information Officer (CIO). Horne argues that while the importance of managing digital data is increasing, the recognition of this importance could lead to the decline of the CIO position, as this management becomes more integrated throughout various management levels, rather than the purview of one individual.  Horne suggests that CIOs can explore different paths in this changing landscape:

  1. Digital Evangelist.  Digital evangelists put next-generation technology capabilities such as big data, machine learning, and the Internet of Things into context and explain how they enhance or transform the enterprise’s products, channels, and operations.
  2. Modernizer. As modernizers, CIOs build and manage the next generation technologies and platforms that support digital transformation and enable interoperability of digital product portfolios. They also continually adapt IT’s processes and skill sets in areas such as business engagement, iterative development, customer experience and data management to the changes triggered by digitization.
  3. Productizer. An alternative path for CIOs may open up in companies that are selling digital products or services to end customers for the first time. So as a digital business grows, productizer CIOs will need to choose whether to become full time product owners and give the CIO role to someone else, or stay CIO and find a dedicated leader to take the digital business to the next level.

Although I find the terms above a little cringe-worthy perhaps, given my dislike of jargon and buzzwords, Horne does point to the importance of flexibility in the area of data management, especially as more functions become automated. The ability to adapt quickly to new environments is certainly something that information management programs need to incorporate into their curricula.

 

Ten principles of information management

Defining the principles of information management has never been easy; those of us in the field know what we do, and appreciate the value of our knowledge, but defining what we do to people outside our field can be challenging. This lack of clarity is not a reflection of any weakness in the area of information management but, rather, a reflection of the breadth of its scope and relevance. In this article, James Robertson outlines the key features of information management, which he draws from a number of “critical success factors” from various information management programs. Robertson makes a point of emphasizing that information management is not about just information technology; those of us in the field understand the frustration of having all our skill sets subsumed under the umbrella of technology: From the outset, it must be emphasised that this is not an article about technology. Rather, it is about the organisational, cultural and strategic factors that must be considered to improve the management of information within organisations.

Robertson’s 10 principles of information management:

  1. Recognize (and manage) complexity
  2. Focus on adoption
  3. Deliver tangible & visible benefits
  4. Prioritize according to business needs
  5. Take a journey of a thousand steps
  6. Provide strong leadership
  7. Mitigate risks
  8. Communicate extensively
  9. Aim to deliver a seamless user experience
  10. Choose the first project very carefully

Robertson does an excellent job of explaining the scope and breadth of information management, and I will be sure to incorporate this article in my courses.

Information management bad habits begin in the boardroom

This post by Elizabeth Bramwell discusses what she calls bad habits from senior management in the area of information management. Examples of these bad habits include leaving business-sensitive or confidential information on the printer for all to see, losing this information in a public place, and not ensuring that proper security protocols are in place to protect this information. Bramwell says that instead of leading by example, business leaders are guilty of sidestepping company policy to get things done or are simply unaware that what they are doing goes against any policy. The growth of information sources is a contributing factor to these types of behaviours: The rise of cloud services and mobile device usage, along with the emergence of the Internet of Things (IoT) has led to an explosion in data generation within organisations. This has put pressure on people to manage more information than ever before. At the same time, business leaders want decisions to be data-driven.

Bramwell concludes that implementing a strong information governance policy requires a consistent, clear and cohesive approach to managing information in all formats. For business leaders in particular, this starts with getting their information management habits in order. Only then can they expect best practice to be followed throughout the organisation.

Seven Chrome extensions to help with productivity

Anyone who knows me will tell you that I love being organized. I have a weakness for to-do lists and organization-based apps. This post discusses seven Chrome extensions to help enhance personal productivity; the post is geared towards teachers, but I think that these extensions could have a broader scope. Since I use a Chromebook at home (I still use a laptop at the office),and thus must work exclusively online, these extensions could become even more relevant.

  1.  Prioritab
  2. Google Keep
  3. Add Tasks to Do It (Tomorrow)
  4. Wunderlust New Tab
  5. OneTab
  6. Save to Google Drive
  7. Print Friendly