Information Governance

Overview

As the volume of information grows exponentially year-on-year, and the manner and availability of the information morphs on a near-monthly basis, the risks associated with substandard or nonexistent strategic Information Governance—the coordinated management of the information lifecycle within and without the client firewall—grow as well.

Mature concerns associated with data security, Personally Identifiable Information (PII), Protected Health Information (PHI), Intellectual Property, and E-Discovery obligations have now joined forces with the risks associated with, among others, cloud storage, social media sharing, the viral adoption of “Shadow” IT by client officers and employees, and legacy stockpiles of information with unknown provenance. The repercussions have magnified as well, with recordkeeping compliance penalties, E-Discovery sanctions, and costs associated with data privacy and security breaches sounding more frequently. Client representatives tasked with compliance duties in the Information Governance space, as well as with strategic planning related to IT asset implementation and future information, need expert advice based on industry benchmarking but tailored to specific client needs and direction. BakerHostetler is here to help.

Information and its use is the ultimate mixed blessing for client organizations. Future success depends on intelligent use of information, but the governance of that information is undergoing a dramatic and unprecedented change. BakerHostetler’s experienced Information Governance professionals work carefully to understand clients’ Information Governance profiles, and tailor solutions specific to clients’ specific needs, risk tolerances, and regulatory and industry footing. The core of the practice focuses on assisting clients in navigating changing Information Governance paradigms, reducing risk and cost, and positioning clients for future success.

Strategic Advice

BakerHostetler provides clients with organizational-level advice, providing enterprise-wide consistency, compliance with regulatory and legal requirements, and prospective guidance that evergreens for year-on-year success even with often drastic technological and client compositional change. Advice must begin with understanding, and BakerHostetler’s combined interview and investigative approach first shows clients where they stand on Day One before providing strategic alternatives to address current and future risks and concerns.

More »
Information Management—Technology & Solutions

BakerHostetler professionals assist clients with the selection and retention of technologies and services that fit client needs and risk tolerances. Information Governance professionals work hand-in-hand with clients and BakerHostetler’s Information Technology and Transactions team to develop requests for proposals (RFPs); select appropriate vendors and technological solutions; and execute appropriate contractual and procedural safeguards for the use of those solutions.

Information Use—Policies and Schedules

BakerHostetler advises clients on enterprise-wide Information Governance Policies and Schedules, and assist with the creation and modification of those Policies as well as the maintenance and overhauling of related Schedules. Proper policies and schedules provide client officers and employees with appropriate instructions for handling personal and client information, a standard to measure against audit and improvement initiatives, and a foundation upon which a client can add new internal technologies and processes.

Prospective Corporate Activity

BakerHostetler provides a component of client due diligence in the context of mergers, acquisitions, asset purchase, and divestitures to extract information of value; to assist the client in complying with existing and incipient legal hold requirements; and to cost-effectively harmonize information to existing or contemplated Information Governance Policies and Schedules.

Corporate Audit

BakerHostetler assesses and audits client Information Governance practices to ascertain gaps associated with proper information management, security, and client contractual obligations. Where appropriate, BakerHostetler may undertake efforts to address challenges directly, or assist the client with overseeing more involved compliance projects.

Legacy Remediation

BakerHostetler analyzes client information use and legacy remediation projects in the context of clients’ Information Governance Policies and Schedules, existing legal hold requirements, internal informational data analytic initiatives, and risk tolerances. Based on that analysis and client direction, we supervise the appropriate disposal of unneeded information, as well as the proper categorization of any retained information and the intelligent use of that information through new technologies and processes.

Expert, Officer and Employee Training

BakerHostetler assists clients with the identification and preparation of 30(b)(6), state analogue, and other expert and client-representative witnesses in the context of client Information Governance practices. Likewise, we train client officers and employees on the proper operation of Information Governance Policies and Schedules and their intersection with data privacy, data security, and E-Discovery issues.

Special Projects

Multinational clients demand additional expertise and varied experience. BakerHostetler’s multidisciplinary professional teams assist clients in addressing cross-discipline Information Governance projects that also involve data privacy, data security, E-Discovery, and information analytics issues.

Recognition

  • Chambers USA: Nationwide Privacy & Data Security (2013 to 2018)
    • Chambers USA Privacy and Data Security- Healthcare Spotlight Table (2018)
  • Recognized as one of the top law firms for client service, we were named to the 2018 BTI Client Service 30 for the fourth consecutive year.

Key Contacts

Blog

In The Blogs

Previous Next
Data Privacy Monitor
California Legislature Working Feverishly To Avert Privacy Ballot Initiative
June 22, 2018
We have previously reported a ballot initiative known as the California Consumer Privacy Act of 2018 (“CCPA”), that is expected to be on the November ballot. If passed, it would make sweeping changes to consumer privacy protection rights...
Read More ->
Data Privacy Monitor
The Weekly Privacy Rewind
June 19, 2018
Class Actions Finkly & Sons Co. Faces Illinois Biometric Information Privacy Act Class Action • A former employee of steelmaker A. Finkly & Sons Co. filed a putative class action against the company in Cook County, Illinois, for violations...
Read More ->
Data Privacy Monitor
OCR Announces Intention to Move Forward With Development of Methodology to Distribute Enforcement Funds to Victims of HIPAA Violations
By Kathryn Carey, Lynn Sessions
June 15, 2018
The Office for Civil Rights (OCR) updated its agenda, outlining proposed and final rules as well as pre-rule document releases for 2018. A notable, and highly anticipated, advance notice of proposed rulemaking included on the agenda...
Read More ->
Data Privacy Monitor
11th Circuit Issues Opinion Vacating Order That Required LabMD to Overhaul Its Data Security Program
By Kathryn Carey, Aaron R. Lancaster
June 8, 2018
On June 6, the 11th Circuit issued its long-awaited decision on LabMD Inc. v. Federal Trade Commission, vacating as unenforceable the Federal Trade Commission’s (FTC’s) cease and desist order that required LabMD to create and implement a...
Read More ->
Data Privacy Monitor
The Weekly Privacy Rewind
June 5, 2018
Canada Canadian Banks Notify 90,000 Following Breach • Bank of Montreal and Canadian Imperial Bank of Commerce announced that they were contacted by hackers and informed that nearly 90,000 customers’ personal information was accessed. •...
Read More ->