Pension plans, like many businesses, rely on information. While the retention of certain pension plan records is subject to regulation, decisions with respect to the organization and maintenance of many documents and emails produced in day-to-day plan administration is up to the plan administrator. With ever-increasing amounts of data created every day, an ad hoc approach to information governance is increasingly unworkable.
What is information governance?
Information governance is the new buzzword for terms such as document/records management and, more recently, information management. It differs from its predecessor disciplines in that it builds upon them, while also encompassing information security, archiving, business analytics and information technology governance. The goal is to develop an integrated model for harnessing all of the information an organization creates and consumes. The ultimate purpose is to assist organizations to maximize the value of their information, while minimizing the risks and costs and ensuring compliance.
Information governance involves two key tenets. First, an organization can’t achieve or sustain long-term success without managing and harnessing its information effectively. Due to the massive increase in the volume of information created by pension plans, mismanagement can impair operations, slow employees down and create unnecessary risk. Second, traditional approaches to managing information have often been impractical, largely due to the volatility and volume of digital materials.
The urge to keep everything forever
Many pension plans seek to keep everything forever by purchasing additional data storage as collections of information grow. While it’s true that the longterm nature of pension plans means they must keep certain information indefinitely, that’s not necessarily true of every single document and email created as part of their daily administration.
From a risk perspective — and with the volume of information growing at more than 50 per cent a year — the approach of keeping everything forever is unworkable. Growing data collections increase a pension plan’s risks in regards to reputation, litigation, regulatory audit, cyber-security threats, privacy and compliance. The risks grow when operating without an information governance strategy, as it will be difficult to identify who owns the management of the information. A lack of ownership leads to fragmented and generally ineffective information management.
While many organizations look to technology as the answer, it’s only a part of the solution. So what’s the solution?
Before plans develop their strategy, they need to do their due diligence. It’s important to take a holistic approach to information governance by:
- Considering the culture of an organization as employee buy-in is critical;
- Reviewing existing policies and technology;
- Conducting a gap analysis of an organization’s current practices to compare them to where they should be; and
- Mapping out where employees store information.
Based on the gap assessment, plans can identify their priorities. Examples include:
- Focusing on active data and leaving legacy information as something to address as part of a long-term project;
- Considering whether they’re dealing with shared files on a computer network or other types of information they can readily manage; and
- Determining whether they’re storing historic information on out-of-date media and the steps they must take to move it to an accessible format.
A good information governance strategy that will survive over the long term will consider the needs and requirements of the entire organization and lead to a staged plan and an effective solution that reduces risk and improves work processes.
Lesha Van Der Bij is the founder of Optimize Legal, a knowledge and information management consulting firm. Susan Wortzman is founder and president of Wortzmans, a law firm that specializes in electronic discovery and information governance.
Get a PDF of this article.