What do a traveling Canadian Member of Parliament, a cable news legal commentator, and a director of a political organization have in common? They all had to use a meeting app to get their job done in the era of COVID-19 … just like so many of us. Yet as these examples show, with productivity reward comes the specter of risk.
Digital Conversations Now Drive Many Daily Work Encounters
Hundreds of millions of workers are on chats, video, and audio calls (many from home) with their colleagues, customers, and suppliers daily — this is the “new normal.” And according to Forrester Analytics survey data, almost one out of two of organizations (48%) expect that they will permanently maintain a higher rate of full-time remote employees even when safe return-to-work conditions are present.
The digital conversations that we have in these meeting and collaboration tools are visible, audible, and readable. We’re using video, audio, and chats for mundane catch-up calls, for CEO town-hall broadcasts, for negotiations with clients, for virtual care (telehealth) visits, and other types of conversations. But for this new work habit to be successful over the long term, IT, business, security, and information management pros must get on the same page about recording, retaining, and securely sharing this data.
IT, Business, Security, And RIM Pros Need To Act On Risks and Obligations
Our recent report “Opportunities And Risks Accompany The Use Of Employee Collaboration And Meeting Technology” highlights key issues that must be addressed when refining retention, security, and appropriate use issues for these digital conversations. Most organizations will be playing catch-up here: Just 13% of records and information management (RIM) pros reported in the Forrester/ARMA International Records Management Survey, Q4 2019, that they were managing their collaboration tools in line with official retention policies. Contrast this with the more than 40% who reported managing email. Yet meeting and collaboration apps produce text chats, documents, and video or audio files, along with system-generated transcripts — all of this considered electronically stored information in the eyes of legal stakeholders. And if it is captured, it may be discoverable.
Conversations inherently have a more casual feel than written documents — and this means that clear policies and procedures to guide employees are needed. What to record, how to get consent for recording, where and how to store and secure recordings, and when to archive or delete them all require clarity. We may discuss confidential company plans, customer problems, reveal personal or medical information, or inadvertently share sensitive whiteboards. Recorded conversations might be stored in repositories that make it deceptively easy to share them with colleagues — or even external audiences.
Highly regulated companies — such as financial services, healthcare, or public sector — will also have laws and regulations that dictate how information is captured and stored. Banks, for example, have requirements to monitor and inspect customer-facing conversations as part of supervision obligations. Governments may have sensitive policy, commercial, or citizen information in these conversations, and healthcare interactions will include medical and other personal data.
What To Do Next?
Understand the risks without sacrificing the productivity and knowledge-sharing benefits of meeting and collaboration app adoption. Next steps include:
- Revisit and refine guidance for employees when using meeting and messaging apps. Update policies, educate employees, and have senior executives lead by example.
- Ensure that the right enterprise editions of the tools are used — not free consumer apps. Enterprise editions of popular platforms will include the integrations, APIs, administrative tools, and security controls that you’ll need to govern the use, recording, retention, and sharing of digital conversations.
- Look at archiving platforms to automatically capture meeting data. Regulated industries often use archiving tools for email and text messaging content types, and these vendors have stepped up to offer connectors for many of the rapidly adopted meeting and collaboration tools. Archiving platforms already support the legal discovery, retention, or secure deletion needs of regulated businesses.
- Recognize that not all recorded meetings are created equal. The purpose of the meeting should dictate how it is categorized and retained. Routine team meetings may have short-term value, while executive town halls may need to be kept permanently. Assess the usefulness of keeping extracted text transcripts longer-term for corporate memory preservation while disposing of very large video files more quickly.
- Read the report and set up an inquiry with us. This is a topic that continues to rise in customer interest as meeting and collaboration adoption becomes normalized and governance gaps appear.
We would like to thank the companies who participated in this research: Alfresco Software, Archive360, AvePoint, Bloomberg, BlueJeans, Global Relay, Google, Hanzo, Micro Focus, Microsoft, Mimecast, OpenText, Proofpoint, Smarsh, and Veritas.