Data security gets a great deal of discussion (and all too much lip service) in the IT community. It also generates more than its share of news – particularly when it falls short. Consumers (and firms) do not react well to finding out that hackers have obtained their credit card numbers or confidential data. Government bodies may respond by setting new compliance requirements for data management.

We suggest that security does not exist in isolation. Instead it is an integral component of Information Governance. Fundamentally this is about firms (and individuals) knowing what data they possess, where and how it is stored, who does or does not have rightful access to it – and how all of these are implemented.

Best practices for the various aspects of information governance are well established. But all too often these best practices are not implemented, with costly results. Over the last few months we have written a series of blog posts dealing with some of these aspects of Information Governance. Here we will seek to tie them together, beginning with regulatory compliance: