Jim Merrifield

Jim Merrifield is the firm’s Records & Information Governance Manager, a member of the Data Privacy + Security Team, and a non-attorney contributor to the Data Privacy + Security Insider blog. He has spent more than a decade helping organizations of all sizes, including law firms and  Fortune 500 companies, develop and implement practical information governance strategies, policies, and best practices. He has authored numerous publications and frequently speaks on information governance and data privacy issues. Jim holds a bachelor degree in Legal Studies from Quinnipiac University and is a certified information governance professional (IGP).

Subscribe to all posts by Jim Merrifield

Why Was Facebook Fined by AEPD?

Today, the Spanish data protection agency (AEPD) fined Facebook 1.2 million euros ($1.4 million USD) in connection with how the company collects personal data for advertising purposes. The AEPD said Facebook did not get properly informed consent from users before exploiting this data as well as kept this data longer than it’s useful purpose. In … Continue Reading

5 Focus Areas in Preparation for GDPR Compliance

In less than 300 days, the European General Data Protection Regulation (GDPR) will go into effect and forever change the privacy landscape. Leading industry organization, Gartner, Inc., predicts that more than 50 percent of companies affected by the GDPR will not be fully compliant. Of course, the affected companies will include both European and non-European … Continue Reading

Data Classification and Information Security are Intertwined

A recent report entitled “Information Strategy 2017”, published by the Information Coalition finds that information security remains a top priority for over 90 percent of organizations. Given that the number of data breach activity continues to rise, these finds are not very surprising. What is surprising, however, is many organizations continue to increase their spend … Continue Reading

5 Information Governance Predictions for 2017

Information is every organization’s greatest asset. It makes up intellectual property, trade secrets and many other vital corporate assets. It’s how we in corporate America conduct business. With that said, governing and protecting that information is critical. Therefore, we expect information governance efforts to continue to rise in 2017. Prediction #1 – Data Breaches will … Continue Reading

Box, OneDrive, a Combination—What’s Your Flavor?

The cloud-based file-sharing and collaboration business continues to grow, inspiring competition between two heavy weights: Microsoft and Box.  Last week, Box announced over $100 million in third quarter revenue growth despite competing with Microsoft’s OneDrive file share for SharePoint. Aaron Levie, Box CEO and co-founder, believes that “the need for Box is clear; today, business … Continue Reading

SaaS Adoption Continues to Rise Despite Security Concerns

Software as a Service (SaaS) adoption has continued to climb with each passing year. Major contributors to this have been ease of deployment, improved productivity and lower cost of ownership. Furthermore, organizations have begun to reason that SaaS applications can be more secure than their premises-based counterparts. Despite these facts, a recent survey of 176 … Continue Reading

Controversy looms over ECPA amendment in wake of Orlando terrorist attack

After the terrorist attack in Orlando, Florida, early this month, the Electronic Communications Privacy Act (ECPA) has been discussed quite a bit. The ECPA, a law which took effect in 1986, limits the government’s access to electronic communications and other information. Due to the advancement in technology over the past 30 years, Congress finds itself … Continue Reading

Data security is top driver for information governance

A recent Advice from Counsel study sponsored by FTI Technology, entitled “The State of Information Governance in Corporations,” found data security to be the top driver for information governance initiatives. The purpose of the study was to better understand the health and success of information governance programs within corporations. The respondents included approximately 25 in-house … Continue Reading

Developing information governance efforts

In an information governance model, there are business-focused components and aspects, and there are technology-focused components and aspects. Information Governance isn’t just technology driven, nor is it solely business driven. It is a partnership between business and technology. Both must be present in the program. The Business Side Diving into the business side, the first … Continue Reading

Preparing for a SharePoint 2016 migration

Many organizations are considering an update to their existing SharePoint environment in 2016. This is largely due to new functionalities being offered with SharePoint 2016, especially if the organization is still running SharePoint 2010 or later. With that said, a well thought out migration strategy is key to the success of this project. Let’s consider … Continue Reading

Information governance outlook in 2016

The purpose of an information governance program is to provide insight into information that is the most valuable to the organization, while minimizing associated risks and costs. Until recently, organizations focused less on the latter and heavily on gaining insight into the most valuable information. The reason for this change is largely due to the … Continue Reading

New data protection regulation to impact cloud providers

The GDPR (General Data Protection Regulation) outlines a series of amendments to the data protection and data privacy requirements applicable to all companies with European customers, regardless of where the company’s headquarters reside. Some of the proposed amendments include: penalties of up to €100 million, or 2.5% of annual worldwide turnover, whichever is greater increased … Continue Reading

The key to information governance success lies within the framework

There is no secret sauce to achieving information governance nirvana. The reality is someone must take ownership of an organization’s information governance program. The industry as a whole has been discussing that organizations appoint a chief information governance officer (CIGO) or its equivalent, to lead information governance efforts. The title is not important—the skill set … Continue Reading

Audit reveals U.S. Treasury Dept. security infrastructure is weak

An annual audit conducted by the U.S. Government Accountability Office of the Fiscal Service Bureau, identified (9) nine new information security weaknesses in the U.S. Treasury Department’s information systems that are used to manage sensitive data in connection with federal debt. It was further reported that although these weaknesses aren’t considered to be significant, the … Continue Reading

Data breach: how information governance reduces risk

With all the data breach activity over the past several years, any organization or individual that hasn’t been affected in some way almost feels left out. According to the Department of Health and Human Services, 120 million people have been compromised in more than 1,100 separate breaches at organizations handling PHI (protected health information) since … Continue Reading

With the IRS breach, it’s clear your data is at risk

The Internal Revenue Service (IRS) released on Tuesday, May 26,  2015, news of a major data breach, estimated to have affected 100,000 U.S. households’ tax returns. The data was wrongfully obtained from an IRS application known as “Get Transcript,” which allows taxpayers to access their prior tax returns. This data includes Social Security numbers, dates … Continue Reading
LexBlog