MemorableURL.com

I saw this very interesting article about indexing the content of tapes to enable eDiscovery more easily.

http://www.eweek.com/article2/0,1895,2022487,00.as...

It is probably too late to drop this one in to the book but it is worthy of 10 minutes to take a quick look. If you have a lot of archived data this could be a life saver.

Someone emailed me over the weekend to ask me what the exact topic of the book is. I explained that it was primarily aimed at Compliance in relation to Enterprise Content Management but I thought that it might help if I was more explicit.

So...here is an excerpt from the book's 'Quick Start Guide'...I hope that this helps.

Wondering what to read, when to read it?

CHAPTER 1: THE THEORY

A general look at compliance and specifically what we mean by compliance in the context of this book. I look at the different types of regulations and why sometimes they work and sometimes they are just hopelessly flawed.

CHAPTER 2: COMPLIANCE – A DISCIPLINE IN FLUX

If compliance was static then you would not need this book – the last one you purchased in 1972 would be just fine. Unfortunately it is hard to imagine a business area in more flux than compliance. This section touches briefly on the areas of flux and why they are all coming together and creating the ‘perfect storm’ of business problems.

CHAPTER 3: RISK ANALYSIS

Read this section before reading anything after it. It is the traffic cop of compliance. This section covers very briefly the concept of risk analysis – before you start spending your hard earned money on a compliance solution think about whether you really need one or at least think about how much you should spend trying to solve a compliance issue.

This chapter alone may justify the cost of the other 50 copies of this book that you decide to purchase for your staff!

CHAPTER 4: COMPONENTS OF A SUCCESSFUL SOLUTION.

Having decided that you need a compliance solution this is the section to read to discover the attributes of successful compliance system. I’ve sat through countless hours of seminars and read way too many boring papers and condensed them in to one chapter of this book. You so owe me for the number of days I spend assimilating this information on your behalf!

CHAPTER 5: IMPLEMENTING SUCCESSFUL SOLUTIONS

OK, now you have the theory of what a compliance solution should look like under the covers. Some would argue that you’ve only bitten off the tip of the iceberg – they should be shot for mixing metaphors but ironically they are right.

This whole section discusses a concept that I term ‘Egoistical Compliance’. Egoistical compliance is a theory but as you will see from this section, parts of it a here today and with an eye on this goal you will be able to make things a lot less painful moving forward.

CHAPTER 6: EVER-CHANGING COMPLIANCE REQUIREMENTS

Most of this book relates to how to implement new solutions in to existing business processes but I felt that it was vital to also address a slightly different use case.

So you followed my advice and you are now fully compliant. Your solutions are non-invasive but pervasive. The end users adore you, the auditors have life-size posters of you on their office walls and upper management made your birthday a company holiday. All is well with the world…until…an agency releases version 632b of their guidance paper and you need to react to this change.

Fear not – the life-size posters do not need to become dart boards, all is not lost.

CHAPTER 7: THE FUTURE OF COMPLIANCE SOLUTIONS

The first 6 sections of this book discuss the current state of compliance solutions, this chapter considers some of the issues that need to be resolved in the future in order for us to be able to bridge the gap between compliance requirements and available technology.

APPENDIX A: CASE STUDIES

I’ve tried to include relevant mini-studies throughout the book to put things in to context and also make it a little less monotonous. However, some of the case studies are so interesting that I’ve pulled them out in to this thrilling conclusive chapter.

Read the case studies even if you think they don’t apply – for example HIPAA contains regulations that may not affect you directly but the concepts are starting to become very common across the board.

I firmly believe that the only way that we will be able to achieve truly successful compliance solutions is to have systems that:

· Are individually compliant to their own requirements, (they can look after themselves), and

· Expose that functionality to external systems to allow those other systems to enforce policies, (they allow other systems to manage content in their system), and

· Are able to impose their own policies on content stored in other systems (can look after content in other systems).

All of the above need to be done intelligently, cooperatively and with as high a level of enforcement as possible. This gives us egoistical systems – my yet-to-be-delivered book discusses the attributes of egoistical systems in detail, in fact I rant on about them ad infinitum for a whole chapter.

Got any comments or great examples? email me and I'll be eternally grateful, in fact I'll consider sending you a free copy of the book in exchange!

I had a meeting with a very large financial institution today and we were talking about compliance, eDiscovery and enterprise content management. I mentioned that Interwise were working on a technology where a video conference could be automatically transposed, the transcript indexed and stored with the recording of the conference. This allows you to effectively full text search anything said in a video conference and make the conference a record.

They mentioned that our attendance at the meeting was discoverable. The security log that shows that we were logged in to the building and the associated video footage are discoverable.

When we say discoverable we mean that if a court issues a 'discovery notice' then the piece of content that you have must be considered as being relevant and that the content may need to be delivered to the court. For example, if the customer was suing me for something and the customer claimed that they had never met me then the court might issue a discovery notice asking for any information relating to any conversations with me. The security log and the video showing me arrive and showing that I stayed for 60 minutes would have to be delivered to the courts.

I think that this is amazing, I don't know why I am still amazed when I find out what people treat as discoverable - maybe I am just easily surprised.

My book is still being edited - I think I might just sneak this tidbit in - the editor will never notice, (unless he's reading this of course!)

I'll give a prize to the wackiest thing that anyone tells me is discoverable.

I spend my time at work setting strategic direction for our compliance products. I decided that writing a book would help me to get focused and think things through more clearly. The impetus to write this specific book came from a quotation from Elliott Spitzer, the Attorney General of New York. Spitzer’s classic quote was:

“Never write when you can talk. Never talk when you can nod. And never put anything in an e-mail.”

I believe that this quotation encapsulates the mindset of legal and business leaders today. We are struggling to understand what it means to be compliant – in the absence of this understanding we protect ourselves with extreme measures. We follow Spitzer’s advice and try to protect ourselves by restricting our actions. In order not to implicate ourselves we restrict the use of technology and develop inflexible processes. Alternately, we take the other extreme and simply ignore the problem assuming that we can be reactive when forced to be – or simply hoping that it will be someone else’s problem.

Spitzer’s quotation encapsulates the attitudes of legal and business leaders today. Right now, as you read this introduction, thousands of ‘c-level’ managers are yelling at their staff – “Are we compliant yet?”. There are many books that try to define what ‘being compliant’ actually means; they encourage you to think about compliance in terms of defining criteria and controls. There is no doubt that without these you cannot have effective compliance. However, this book looks past criteria and controls to discuss the systems and methods for implementing successful solutions. We will analyze the type of systems available to solve compliance challenges and we will look at the future of successful compliance in industry. More importantly we will see how to purchase, engineer and implement solutions which will be as future-proof as possible.

Be warned, my book contains as much bad news as it does good news. There are few utopian solutions out there today but the landscape is changing and it is changing for the better. Even during the 12 months that I spent writing this book things have changed so dramatically that I truly have hope for the future of compliance in business. If we can just stop the lawmakers from adding any new burdens on us for a while we might even be able to catch up!

I hope that you enjoy reading the book - if you want to review an advanced copy and are willing to give me feedback that I can quote on the book cover then please email me.

comments@nevertalkwhenyoucannod.com