Who Is Afraid of the DOJ? Why Companies Should Revisit Their Information Governance Program
Published by the American Bar Association - Business Law Today
As the company’s information treasure trove grew, two things were clear: With more information in more places, with more value, traveling across the globe at the speed of light, something bad was eventually bound to happen. And the consequences of failing to manage information assets began to have greater implications for stock value, reputation, executive’s careers, customers, regulators, courts, and the court of public opinion.
The US Department of Justice recently updated its “Evaluation of Corporate Compliance Programs,” which guides prosecutors and courts in the adequacy and effectiveness of a corporation’s compliance program. Implicit in a good compliance program is that companies can’t babysit all their employees all day, every day. But if a company constructs an artifice to help employees comply with company policy, for example, the consequences of failure may be reduced or nothing at all. In that sense, good compliance is like insurance—you may never need it, but it provides solace just knowing it exists and is good. So, knowing the criteria a company may be evaluated against someday should help it bolster its corporate compliance programs. More specifically, this article is about information governance compliance programs that are becoming increasingly important with corporate information growing at 23% each year (per IDC), the increase in privacy regulations, and the adoption of big data projects.