By Lisa Burton

Published on Tue, September 11, 2018

All posts by this person

This week, I will be participating in a panel at the Corporate Counsel Forum 2018 to discuss how to transform the data privacy agenda into a trust-based agenda. My esteemed fellow speakers include representatives of Microsoft and Google, two of the largest players in the big data market. The audience will consist mainly of General Counsel representing organisations who are similarly frustrated by issues pertaining to ease of access with regard to their data. Data privacy is merely one more example of the issues exasperating effective data use.

Most organisations understand the significance of data and information.  Namely, that there is a great deal of intelligence that can be derived from it, if accessed in the right way. However, the data landscape is perceived as a big beast due to growing complexities around information management and governance.  Common problems include the integration of entire IT platforms resulting from mergers and acquisitions, the ever-present risk of cyber-attacks, the enormity of legacy data (and the privacy data challenges within), and management of unstructured data. Thus, data can often be regarded as an insurmountable source of problems rather than a solution. As a result, data and information management often happens in an underfunded and siloed way.

The above situation makes meeting legal and regulatory obligations and reporting extremely cumbersome. Additionally, there is often a lack of clarity when identifying the correct information, and the risk that crucial information may have been missed. As a result, in order to address the risk of missing information that is important, there are often swathes of data containing false positives. Resolving this issue takes its toll by necessitating the use of additional resources at cost.

Problems around identification and production are also evident in the context of mergers and acquisitionsTo give an example, one GC of a financial services company explained that the execution of a large merger and acquisition programme resulted in what they described as a ‘banana skin’. During the due diligence of the M&A process, certain data was not uncovered and this ultimately created a risk to the business and the need for another collection and production effort that was neither planned nor budgeted for.

Access to this data matters because data has become extremely valuable. The reality is that whatever the day-to-day business process, data and information are the ‘glue’, the connector of people and processes, the key to customer experience and to improvement.Beauty and The Beast-1

As with anything of great value, there is a responsibility to protect it as an asset. As made evident in the media (see the article in The Guardian relating to the recent Cambridge Analytica scandal as an example), there are increasingly sophisticated attacks to steal data, which can result in grave financial consequences. 

The convergence of trading and risk management measures is impacting all areas of business and legacy IT systems simply cannot adapt. Corporates now have the opportunity to clean up years of merger and acquisition and accumulated system layers so they can position themselves to compete effectively in the ‘new normal.’

So now that you understand the beauty and the beast of corporate data, what is the ‘new normal’ and how can modernising the way in which corporate data is managed create a sustainable step-change in a company’s long-term performance?

Time to overcome the beast

The General Data Protection Regulation (GDPR) is a recent example of ongoing regulatory change and has proved to be a timely catalyst for driving data modernisation programmes and finally tackling the beast. Successful outcomes aimed at GDPR compliance include legacy data remediation, defensible data deletion programmes, and transitions to a single platform (such as Office 365) to help clients bring the beauty of compliance policies to life through operational, day-to-day, repeatable best practices.

Some projects can be complex and protracted, others can be a quick win for the business. All projects involve data! For example, a company needed to index and create a repository for 240TB of old Lotus Notes data. This enabled a faster response to litigation and the retirement of outdated infrastructure. Similarly, a need to analyse approximately 1PB of file share and SharePoint data to identify sensitive information and remediate it helped another company comply with GDPR.

The need to transform disparate data sets into a golden source of information is disruptive enough; the need to do so in a business that has to run at peak performance can become extremely daunting.  It can and is being done, though. Increasingly, corporates understand that a single-platform approach enables their businesses to deliver their solutions and products in a way that best suits the business – whether an enterprise-wide or a modular best of breed solution. For example, a leading financial services CIO reported that after they moved to the Cloud, their financial modelling costs were reduced from £100,000 per month to £10,000 per month based on the fact that their data sources were now in one central, secure location. This is the beauty of having your data and information in the right place, and having it accessible at the right time.

I am excited to learn more at the Corporate Counsel forum and will be interested to report back findings in a further update. Stay tuned!

If you have additional questions or comments, please feel free to reach out to me at LBurton@lighthouseglobal.com.

About the Author
Lisa Burton

Director of Advisory Services in Europe

As Director of Advisory Services in Europe, Lisa works with the international team to create thriving outcomes for clients in the UK and Europe on regulatory, contentious and non-contentious matters. She has 18 years’ experience in both legal technology and regulatory compliance, having worked on high profile projects within financial crime, insurance, pharmaceutical, automotive, and telecoms. Lisa specializes in business and strategic consulting in the governance, regulatory and compliance sectors, managed document review, LIBOR, FX surveillance and reporting, AML and remediation solutions, project management, eCourt and eDisclosure, and cloud platforms, such as Microsoft Office 365, to assist clients in successfully supporting the legal/compliance function.

Prior to her role at Lighthouse, Lisa was a Director at PwC where she assisted the Forensic Technology and Corporate Investigations department to develop external market awareness for the company’s legal technology support services and worked closely with the Data Analytics and Business Consulting teams to effectively deliver solutions to clients. She also supported clients with contract lifestyle governance and compliance alongside PwC Legal.

Before joining PwC, Lisa was the Director of Professional Services at UNIFIED, where she oversaw and lead complex projects across the EDRM. She was responsible for supporting business growth through strategic objectives, building a corporate profile and market presence. Prior to PwC, Lisa was the Head of eDisclosure at Grant Thorton UK LLP and worked to ensure client engagement, internal education and training, as well as vender management. Beyond this, Lisa was the owner of Legal Inc Ltd. and has held a number of legal roles for several UK law firms.

Lisa is PRINCE II certified and is a legally trained graduate of Birkbeck, London University LLB.