Merging Information Governance and Compliance in Three Easy Steps?
I just read an article about the now infamous Patient Protection and Affordable Care Act (PPACA), affectionately referred to as Obamacare, as it applies to compliance and information governance. We won’t delve any more deeply into that topic. Anyway to the point. The article was talking about the added rules and regulations and the ‘new’ merging of compliance and information management (where has this author been living?). The suggested approach is to understand your compliance requirements, determine the capabilities of your IT infrastructure, and to define a common vocabulary. Voila. Follow these simple steps and adherence to compliance is easily achieved.
Not so fast. What surprised me was several paragraphs of the importance of defining a common organizational vocabulary to be applied consistently as descriptors to content. Well I think that’s a great idea. It has been a great idea for the past 20-30 years. Unfortunately, for the most part, there is no silver bullet to accomplish this. I do agree that a controlled vocabulary is very useful and we have many clients, if not most, that have some type of controlled vocabulary or folksonomy in place.
However, in terms of information governance, or compliance, what he proposed is not easily accomplished from the start. Having groups of people trying to define the organizational vocabulary so everyone is on the same page and agree is a challenge. Then, the maintenance of the vocabulary as new requirements are to be met on an on-going basis becomes a never ending battle of words. Ah, and then the adoption and training issues for business users. That one sort of ruins the entire simple approach doesn’t it?
Simple as 1, 2, 3. What do you think? How did you develop your controlled vocabulary if you have one?