Photo of Jim Merrifield

Jim Merrifield is Robinson+Cole’s Director of Information Governance & Business Intake, a member of the Data Privacy + Cybersecurity Team, and a non-attorney contributor to the Data Privacy + Security Insider blog. He has spent nearly 20 years helping organizations of all sizes, including law firms and Fortune 500 companies, develop and implement practical information governance strategies, policies, and best practices. Jim is a well-respected expert in the information governance industry. With an extensive background in policy development and enforcement, enterprise program deployment, and technology solutions, he has earned a strong reputation as a knowledgeable practitioner and reliable consultant. His deep understanding of the space is reflected by his many publications, lectures, and consulting services for top-tier companies and law firms. Jim holds a bachelor degree in Legal Studies from Quinnipiac University and is a certified information governance professional (IGP).

Jim's innovative thinking and commitment for the industry has enabled him to create the popular podcast, InfoGov Hot Seat, a platform for candid conversations featuring practitioners, consultants and solution providers - offering valuable perspectives to listeners about legal technology and managing information as an asset.

 

The GDPR (General Data Protection Regulation) outlines a series of amendments to the data protection and data privacy requirements applicable to all companies with European customers, regardless of where the company’s headquarters reside.

Some of the proposed amendments include:

  • penalties of up to €100 million, or 2.5% of annual worldwide turnover, whichever is greater
  • increased

There is no secret sauce to achieving information governance nirvana. The reality is someone must take ownership of an organization’s information governance program. The industry as a whole has been discussing that organizations appoint a chief information governance officer (CIGO) or its equivalent, to lead information governance efforts. The title is not important—the skill set

An annual audit conducted by the U.S. Government Accountability Office of the Fiscal Service Bureau, identified (9) nine new information security weaknesses in the U.S. Treasury Department’s information systems that are used to manage sensitive data in connection with federal debt.

It was further reported that although these weaknesses aren’t considered to be significant, the

With all the data breach activity over the past several years, any organization or individual that hasn’t been affected in some way almost feels left out. According to the Department of Health and Human Services, 120 million people have been compromised in more than 1,100 separate breaches at organizations handling PHI (protected health information) since

The Internal Revenue Service (IRS) released on Tuesday, May 26,  2015, news of a major data breach, estimated to have affected 100,000 U.S. households’ tax returns. The data was wrongfully obtained from an IRS application known as “Get Transcript,” which allows taxpayers to access their prior tax returns. This data includes Social Security numbers, dates