Save as PDF

Privacy, Records Management and Information Governance

Rimon’s Privacy, Records Management and Information Governance (PRMIG) team guides companies on properly establishing legally compliant and defensible information governance, privacy, eDiscovery preparedness, and security.

The information cycle for companies and other organizations involves two points: 1) understanding that keeping records for too long can increase costs, privacy and security risks, 2) but not keeping them long enough, or keeping them improperly, can result in costs just as damaging. Additional challenges arise in this digital age for both developing and implementing sound strategies towards creation, retrieval, retention, sharing, and maintenance of records and data. Most notably, recent regulatory draconian mandates have thrust privacy and security compliance to the forefront of corporate concerns. Rimon’s PRMIG team, however, can help companies handle the challenges information presents, by:

  • Identifying knowledge assets, including developing protection and security strategies
  • Establishing legally defensible privacy compliance programs
  • Improving business processes
  • Developing and implementing compliance procedures, such as internal policies, procedures, and controls
  • Reducing storage management costs
  • Mitigating risk associated with eDiscovery, litigation and security breaches

Since the turn of the millennium, our PRMIG’s founding partner, John Isaza, has delivered common sense advice to his clients. He has done work for some of the most highly regulated industries on many of the above types of compliance engagements, including the oil and gas industry, financial sector, domestic and foreign government entities, foreign companies, technology sector, health care, education, insurance services, food and entertainment industry, manufacturing, automotive, and the legal services sector. Until fairly recently, Mr. Isaza was one of only a handful of attorneys in the world specializing in this area of law. Today he is recognized as a global leader in PRMIG compliance.

Areas covered in a typical engagement include:

  • Facilitating privacy programs tailored for compliance with major legislation such as GDPR and CCPA
  • Providing recordkeeping regulatory requirements and retention recommendations for all 50 U.S. states and in over 150 countries
  • Facilitating security assessments
  • Overseeing change management programs from initial assessment through implementation
  • Ascertaining recordkeeping compliance with major legislation such as Dodd-Frank, Gram Leach Bliley, HIPAA, and Sarbanes-Oxley
  • Completing Generally Accepted Recordkeeping Principles compliance assessments and audits of systems for accountability, transparency, integrity, protection, compliance, availability, retention, and disposition
  • Developing process-based or big-bucket records retention schedules
  • Maintaining domestic or international legal and regulatory records retention requirements
  • Presenting and advocating PRMIG programs to senior management
  • Delivering needs assessments and RFPs for technology needed to develop comprehensive PRMIG and eDiscovery preparedness programs
  • Identifying risk areas arising from current electronic data and other PRMIG practices
  • Delivering legal opinions regarding going paperless, records or information destruction, backup policies, and triggering events for legal holds
  • Creating or improving policies for records retention either in the cloud or on private servers such as e-mail, instant messaging and other electronic communications
  • Creating or simplifying the records retention schedule and electronic file plan to work seamlessly with electronic records, including taxonomy developments
  • Strategizing legal holds and electronic document preservation in the event of litigation
  • Developing and implementing processes for data preservation orders, litigation holds, or legal holds

Providing eDiscovery and PRMIG expert witness services on any of the above topics

Rimon Attorneys With Expertise in Privacy, Records Management and Information Governance Include: