Thursday, April 29, 2010

Computer glitch??

A financial services company reported that in certain computer controlled investments, that there was a computer glitch which affected performance. Upon investigation they found a coding error. Terrific, perhaps that explains why investments lagged behind the industry by as much as 90%. You know the “old school” expression—behind every good pool of data, is a computer that is properly implemented and managed.

Are You Kidding Me.

Monday, April 26, 2010

Time for Policy Review

From time to time I like to check and see how our policies are being followed by our clients. Whether a records management, legal hold email back-up or internet use policy, it’s always instructive for us to see where we can evolve in policy work or how we can redouble our efforts with clients to attain compliance. When we see failure that is too pervasive, perhaps we need to do some more training for our clients. More generally, I read the papers to see how industry is doing as well. So let’s take a look, shall we. Today is Saturday April 24, 2010. I read the Wall Street Journal and found an article directly on point, entitled “Workers Punished In SEC Porn Flap”. Now that salacious title peaked my curiosity so I read on. “Thirty-three people at the agency (SEC) were found to have looked at porn.” According to a Congressman on the House Committee on Oversight and Government Reform, said it was “’nothing short of disturbing’ that SEC employees viewed porn during the worst financial crisis since the Depression” The Congressional report into the government employee smut watching noted, among some really tasty morsels of information, that an SEC attorney in Washington “spent up to eight hours a day watching pornography… an accountant in a regional office was denied access by the government firewall 16,000 times when he tried to access web pages containing pornography.”

Well far be it for me to be my Brother’s Keeper. But these guys at the SEC sure could use a policy review session or perhaps an Information Management Compliance Boot Camp weekend retreat.

Are You Kidding Me — Though I wasn’t there, seems like maybe the SEC is not doing its job.

Thursday, April 22, 2010

Can your PII walk out the door?

Everybody thinks it’s funny until someone gets hurt. Well maybe they don’t think it’s funny but employees certainly fail to take Personal Identifiable Information (PII) seriously and as a result companies get nailed regularly for its mismanagement. Recently, a company made national headlines because it stored the PII for over 3.3 million people on removable media which was stolen from their corporate headquarters. The good news is that the suspect is in custody and it appears that the data contained on the disks was not accessed. But will the public or customers remember the good news or just the bad? PII walked out of the doors of the corporation’s headquarters and was in the hands of a thief for over 2 weeks. Talk about the potential for mass identity theft. Organizations need to take more proactive measures to protect their data and their client’s data.

Are you kiddin’ me.

Friday, April 16, 2010

History repeating itself or was it not fixed the first time?

No doubt history repeats itself. And to a great extent, if you don’t fix problems completely, they will likely come back to haunt you at a later point in time. Sometimes it's not clear if history is repeating or you are being force fed the problem you failed to solve completely before. In any event, many months ago I was speaking about information management compliance and used an example to make the point that today decisions need to be made thoughtfully and thoroughly about what records to keep to properly document business activities. You can keep A RECORD of an event but it might not be THE right or complete record. In the electronic world this is way more complicated than meets the eye. In essence it’s an evidence building exercise. Anyway, the story I was talking about related to a database kept by federal regulators on mine safety. The problem was that the regulator IT department set up the database to track safety problems and compliance issues by mine name only. However, had they also tracked who owned the mines, they would seen patterns of safety violations with certain companies. Addressing the company level problem would have been way more useful as certain companies were the major offenders. As I read an article entitled “Appeals by Mines Delayed Sanctions” in the Wall Street Journal today, I couldn’t help but wonder whether the recent spate of mine disasters was because certain companies that own mines are generally less vigilant on safety and compliance issues. Seems to me loss of human life argues in favor of good and complete mine safety database tracking. But the database tracking failure was many months ago and nothing was fixed to preempt the recent mine disasters. Today Governor Massey of West Virginia is calling for a cessation of coal production tomorrow to allow time for companies and mines to assess mine safety. Now maybe loss of profits will move somebody.

Are You Kidding Me.