One of the most important but often overlooked elements of running a profitable business is planning how to manage data. Whether a business functions in the social space, as local merchant processing payments, or even as an API provider with a login portal, businesses handle mass amounts of data, and knowing how to handle this data is vitally important.
Figuring out how to handle data in compliance with the law and with internal policy is called creating a Data Management Plan. While there are many very important aspects to a Data Management Plan, the three covered in this piece are of prime importance - Data Generation, Data Retention, and Data Deletion.
A business is going to generate data - this is a fact of life. No matter what kind of work the business is involved in, businesses will generate data, be it in the form of credit card numbers for customers making payments, contracts issued from other companies contracting for outsourced work, or even simple metrics generated through surveys and questionnaires post-check out.
A Data Management Plan is key to managing this influx. While other elements such as retention and destruction are also very important, generation is just as important, and should be considered by a handful of metrics - scope, purpose, and justification.
For scope, consider this - should a credit card payment screen also keep the private address of the payee in the system? Many would say yes, especially for verification. However, is it important to keep the type of browser that was used, the type of computer, and the location of the user who made the purchase? Of course not - the scope is much too wide, and leads not only to legal questions, but to data that is simply unnecessary and, frankly, wasteful to process.
This continues with purpose - what would the purpose of retaining that browser information be? It would make sense if the data generator was a questionnaire asking about user experience, as the experience could be tied to a browser, but otherwise does it make sense to keep that data, especially considering how much more it taxes the system?
Finally, does the process generating the data have a justification? If the scope is fine, and the purpose is fine, are you justified in your desire for this data in the first place? Is it right to invade the privacy of a user without notifying them, and more to the point, is it even legal?
These three questions must be asked, not only for legal purposes, but for ethical reasons as well. If the ethical argument does not sway, then the pure numbers argument should. One million users with three data fields results in three million points of data. If you are collecting just one more point, you’ve added one third of the total data amount on for little or no reason.
Data Retention is the process of keeping generated data in a secure, legal way. The problem with data retention is not necessarily in the retention itself - keeping data is pretty simple, and takes only a rudimentary knowledge of data backup procedures and basic hard disk striping to do. The problem comes in the legality of it all, and in the fact that not everyone agrees on this legality.
For instance, in the United States, there are different laws governing data retention given what type of business you run. For Internet Service Providers, there’s essentially a carte blanche for data retention - ISPs are private companies, and they’re not legally required to disclose how long they keep data the consumer has decided to push through their system.
As a business, the same laws apply here - with some very, very important caveats. For instance, for a health care provider, electronic protected health information, or ePHI, does not need to be retained by HIPAA policy, but instead by state law referencing HIPAA. As part of this, medical records need to be kept for a certain period to ensure continuance of care, or until the data is deleted securely from the server under accordance of law (more on this later).
As part of this process of data retention, there is an inherent need for security. As data is kept and referenced, it needs to be kept in a secure way. A great system to ensure that each workstation accessing the data is of the same ilk and purpose is to manage them centrally using an imaging database, in which each computer is given an image that is identical to the other.
By having duplicate images, you ensure not only continuity of experience between workstations, you also ensure that if a single workstation complies with regulatory strictures, every system with that workstation’s image does so as well.
This is all a gigantic part of a Data Management Plan. It’s a very easy thing indeed to “get” information - in fact, users seem all too ready to hand it out. The problem comes in managing that information in a proper way. Understanding the legalities of the information you are keeping and how you are using it is key to a proper business.
While there are so many legal implications of data retention, there are just as many implications for data destruction. Data is incredibly valuable, and as such, must be destroyed in a regulatory, legal, and ethical way.
For example, an EU directive from 1995 called the Data Protection Directive specifies some very specific, stringent guidelines for data destruction. Specifically, the DPD specifies that data processing (which includes destruction) must be both justified and proportional, as well as transparent.
What this means is that a company cannot just collect any information they want without notice and then process this data by destruction in a non-transparent, non-effective or complete way.
There’s another huge problem that has yet to be addressed in this piece - the rules are different, often vastly so, given the area in which a business might operate. What laws apply to a company in the United States may not apply in the EU, and vice versa.
Because of this, many companies have had to alert their customers as to their activities well after they’ve started due to a change in legality for their country of operation. US companies operating in the EU have had to update their terms of service, issue notices, and in some cases exit the market completely due to these changes, fundamentally altering their business plan.
While they could have avoided much of these issues with a proper Data Management Plan, in which data is retained and then later destroyed in a methodical, transparent, and intelligent way, the shifts are almost impossible to predict and completely unwieldy for many smaller companies.
This is a huge caveat, of course, and should all be part of a Data Management Plan. When addressing how to manage the vast amount of data a processor might take in, the methodology and legality of its destruction should be of chief concern, and placed in a very high position of consideration.
A Great Solution in Clarabyte
Clarabyte is a great solution for both of these issues. First and foremost, Clarabyte provides a great system for distributing central images using Claracheck. By controlling the systems that interact with your retained data using a centralized image database, you can ensure data retention legality and legal protections for privacy.
Secondly, Clarabyte offers a world-class data destruction solution known as Clarawipe, offering a process that legally and ethically destroys data - and destroys it completely. Clarabyte offers these solutions and many more, and can be a great toolset to add as a support system to a well-designed data management policy.