Amy C. Purcell was featured in the Financial Times' Agenda article "Boards Face Tough Choices on When To Store and Dump Data." Full text can be found in the January 11, 2016, issue, but a synopsis is below.
As cyber attacks become more commonplace and increasingly expensive, data security professionals and the Federal Trade Commission suggest that boards of directors need to inventory personal information and indicate if certain data should be "retained, where it is and what it is being used for." The disposal of unnecessary data may prevent a company from becoming the next victim of a cyber-attack.
"You need to make sure you're asking the right people the right kinds of questions, because your inventory is only as good as the information that you're obtaining when you're embarking on this data inventory," says Fox Rothschild's Amy Purcell.
Purcell recommends that boards ensure the inventory process is methodical and offers geographic information on where data is held, as well as what division of the company is in possession of it. Once the inventory is complete, she says, directors can work with management to identify the sensitivity of different types of data.
According to Purcell, the bigger benefit of data inventory is the ability for a company to make better strategic use of its data.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
