Local governments are in great need of an official information governance program, and surprisingly only a few realize it. Counties and municipalities lack enterprise-wide understanding of their digital information, particularly from leadership down to the people who work for the company. This includes senior executives and elected officials, drilling down to departmental managers.
security risks to their data when they don’t have a comprehensive solution to collecting, analyzing, and managingtheir information. Without the proper policies, they can’t make the best decisions for the communities they serve. Often, once that data has been compromised, you may never be able to get it back.
To that end, it’s key for counties and municipalities to establish their own information governance program, one that matches their specific needs.
Here are three of those steps you can start taking today.
1. Analyze how information governance can benefit your municipal organization.
The hardest step might be undoing years of siloed departments that have different priorities when it comes to data security and retention. There is often a culture of “...lets just do it the same way as last time because it sort of worked..right...” There is often tacit acknowledgement that it is not the best way but it is better than doing nothing and/or creating a new better, faster and often more automated/defensible process. Creating change starts with cross-departmental discussions about why an information governance program would benefit each side, using talking points with common ground. For example, no one wants to be audited, or at least unprepared, when one eventually hits.
2. Establish the role of municipal CIO.
For this information governance program to work, a CIO must be on the same page with all departments; the CIO is the key stakeholder. These CIOs act as technology directors and must be fully engaged in heading up these policies. This is especially true because counties and municipalities are often absorbed in their own day-to-day department issues, not understanding their organization’s full information requirements. Once a CIO feels comfortable heading up the technology for the organization, he or she must be comfortable delegating some responsibilities to his or her employees, and this can be done via specific committee-oriented tasks. Remember, the modern day CIO may only be in post for 18-36 months so time is critical.
3. Start an information governance committee.
With the CIO at the head of establishing these information governance policies, delegating certain IT tasks to employees ensures all lines of business are handled and valued. Employees would be put in charge of providing guidance and oversight of IT operations. The committee itself could include the municipal attorney, a human resources official, an elected official, and representatives from county departments like law enforcement, public health, and mental health.
Once you’ve established these first steps, you’ll begin to benefit from deeply understanding all of your county and municipal data. You’ll be in compliance with your specific regulations for data management, records retention, and defensible deletion, keeping only the data you need in case of an audit or compliance matter or in the event of eDiscovery. Treating IT as a component of the organization’s workflow will help streamline information governance operations as well.
Be the one to start the conversation for counties and municipalities’ information governance practices. It may be difficult at first to break through, but with these three early steps, you’ll be able to start instilling the importance of IT working with your organization’s departments to protect your data.
Ready to learn more about what the right information governance policies can do for your county operations? Stay current on information governance programs through our blog, and contact us at any time if you have any specific questions about creating your own information governance solutions.