In today's digital age, data privacy and security are becoming increasingly important. Sensitive information is everywhere, from personal data to confidential business information. Ignoring the importance of identifying and protecting sensitive information can lead to serious consequences, such as data breaches and costly fines.
Defining Sensitive Information
Sensitive information often refers to Personal Identifiable Information (PII) or Personal Data, as defined by the European General Data Protection Regulation (GDPR). However, it also includes confidential business information such as minutes from strategic meetings, contracts, invoices, and more.
Ignoring Sensitive Information
According to the Ponemon Institute's 2017 Cost of Data Breach Study: Global Overview, the average total cost of a data breach is $3.62 million, with an average cost of $141 per lost or stolen record. Additionally, there is a 27.7% likelihood of a recurring material data breach over the next two years. With the enforcement of GDPR fines up to 4% of the annual worldwide turnover, the cost of ignoring sensitive information is high.
Identifying Sensitive Information
Electronic document and record management solutions like SharePoint can identify approximately 80 types of sensitive information, such as telephone numbers and personal ID numbers. However, text analytics and Natural Language Processing (NLP) capabilities are needed to identify other sensitive data types, such as names, addresses, organisations, and diagnosis.
DiscoveryOne by Pingar enables record managers to build a custom knowledge structure to catch all types of sensitive information.
Automating Sensitive Information Identification and Categorisation
Artificial intelligence solutions can automatically identify sensitive information in any text-based content. Features in the text, such as the appearance of specific words or phrases, are used to identify such information. Once identified, documents are analysed and categorised against a corporate knowledge structure, such as a corporate taxonomy or ontology.
Businesses can use pre-existing taxonomies/ontologies as the knowledge management structures, or they can build a new one using a Taxonomy/Ontology Editor. The knowledge structure can be built manually or by mirroring a file structure using the Taxonomy Trainer, enabling artificial intelligence based on machine learning.
Once the information is correctly tagged and categorised, automatic workflows can be applied to enforce record management regulations.
Protecting sensitive information is critical in today's digital world. With the help of NLP and artificial intelligence, automatic identification and Categorisation of sensitive information can be achieved, reducing the risk of data breaches and costly fines.