Photo of Jim Merrifield

Jim Merrifield is Robinson+Cole’s Director of Information Governance & Business Intake, a member of the Data Privacy + Cybersecurity Team, and a non-attorney contributor to the Data Privacy + Security Insider blog. He has spent nearly 20 years helping organizations of all sizes, including law firms and Fortune 500 companies, develop and implement practical information governance strategies, policies, and best practices. Jim is a well-respected expert in the information governance industry. With an extensive background in policy development and enforcement, enterprise program deployment, and technology solutions, he has earned a strong reputation as a knowledgeable practitioner and reliable consultant. His deep understanding of the space is reflected by his many publications, lectures, and consulting services for top-tier companies and law firms. Jim holds a bachelor degree in Legal Studies from Quinnipiac University and is a certified information governance professional (IGP).

Jim's innovative thinking and commitment for the industry has enabled him to create the popular podcast, InfoGov Hot Seat, a platform for candid conversations featuring practitioners, consultants and solution providers - offering valuable perspectives to listeners about legal technology and managing information as an asset.

 

Information governance has evolved rapidly, with technology driving the pace of change. Looking ahead to 2024, we anticipate technology playing an even larger role in data management and protection. In this blog post, we’ll delve into the key predictions for information governance in 2024 and how they’ll impact businesses of all sizes.

  1. Embracing AI and

Information governance and data retention have been important topics in the corporate world for years. As an executive, it’s crucial to ensure effective management, storage, and secure disposal of your company’s data. Having well-defined information governance and data retention policies helps maintain compliance with legal requirements and safeguards against data breaches and cyber-attacks. In this

The COVID-19 pandemic has certainly forced companies to innovate and explore new ways of working across its workforce and client base. Some have decided to dive head first into implementing collaboration technologies such as Microsoft Teams. Afterall, it’s part of the Microsoft stack, so in theory such a decision doesn’t require a significant financial investment.

The United Kingdom data privacy watchdog reports that the number of complaints received since the EU’s General Data Protection Regulation (GDPR) took effect three months ago has almost doubled.  Under GDPR, anyone who believes their personal data has been misused can file a complaint with the Information Commissioner’s Office, or ICO.

Legal Experts say GDPR

It’s that time of the year again, budget season. A time when organizations set priorities on how to strategically spend their money in 2018. In the information technology (IT) world this can be a daunting task for any CIO.

According to Gartner, artificial intelligence (AI), machine learning, and tools such as conversational platforms, digital twins and blockchain should be at the top of the list.
Continue Reading A CIO Budget Playbook for 2018

Today, the Spanish data protection agency (AEPD) fined Facebook 1.2 million euros ($1.4 million USD) in connection with how the company collects personal data for advertising purposes. The AEPD said Facebook did not get properly informed consent from users before exploiting this data as well as kept this data longer than it’s useful purpose.

In

In less than 300 days, the European General Data Protection Regulation (GDPR) will go into effect and forever change the privacy landscape. Leading industry organization, Gartner, Inc., predicts that more than 50 percent of companies affected by the GDPR will not be fully compliant. Of course, the affected companies will include both European and non-European companies. Bart Willemsen, research director at Gartner, says “Threats of hefty fines, as well as the increasingly empowered position of individual data subjects tilt business case for compliance and should cause decision makers to re-evaluate measures to safely process personal data.”

How can organizations prepare for the GDPR? Gartner recommends organizations focus on five high-priority areas:
Continue Reading 5 Focus Areas in Preparation for GDPR Compliance

Reliance Jio, an Indian telecom upstart, compromised the personal data of over 100 million customers. This has prompted a call for increased data protection laws in India.

At present, companies in India do not have to disclose data breaches to clients. Of course this is stark contrast to companies in the European Union, which have strict data protection laws.

Pranesh Prakash, policy director at a research organization, the Centre for Internet and Society (CIS), said “this occurrence raises question of security and accountability. A rule to report a breach exists, but it is unenforceable. It says you’re not liable if you’re following reasonable security practices. What ‘reasonable’ means is not defined.”
Continue Reading Data Protection Laws Could Increase After Jio Data Break

Back in 2015, DeepMind, a Google company, signed a deal with the Royal Free NHS Foundation Trust. The deal allowed DeepMind access to 1.6 million patients health information as well as the ability to develop an app called Streams. The Streams app focus was to monitor patients with kidney disease and alert the right clinician when a patient’s condition deteriorates.

However, it was discovered that the Streams app had access to other health information such as a patient with HIV and drug overdoses.

After a yearlong investigation, The Information Commissioner’s Office (ICO), who is the U.K.’s data protection watchdog, found that the deal between the two parties failed to comply with the data protection law.
Continue Reading DeepMind Deal with NHS Trust Reveals Privacy Concerns