Azan Iwasaki explains how the New Zealand firm recognized the metadata risk and implemented a solution.
Simpson Grierson recognized that document metadata was a risk to data protection many years ago – well before New Zealand’s Parliament proposed a tightening of its Privacy Act, with suggested changes including mandatory data breach notification and possible fines of up to NZD$10,000.
Document metadata includes information like an author’s name, track changes, embedded objects, and a host of other properties that could potentially contain someone’s personal data. If metadata isn’t cleaned from documents before they are sent outside the firm, it could be discovered, shared, and ultimately breach a person’s privacy.
Simpson Grierson was using a metadata cleaner that, as Information Services Director Valerie Fogg explained, the product wasn’t as failsafe as it needed to be to minimize risk properly.
“Our old solution wasn’t cleaning cross-references from documents emailed by the Commercial team,” Valerie explained. This was a major issue for the firm because staff couldn’t retain cross-referencing in cleaned documents. Simpson Grierson needed a metadata cleaner that would work across every email and every document and not cause any issues.
Simpson Grierson switched to cleanDocs, our metadata management solution, and customized it to work for staff from all four practice areas. The IT Department established cleaning policies to manage metadata according to the specific needs of each practice area. “This helped solve the issue of cross-reference scrubbing for the Commercial team since they could define at a departmental level which metadata should be scrubbed or remain untouched,” said Valerie.
What’s next for Simpson Grierson? Valerie told us the firm plans to use cleanDocs’ email recipient checking technology to minimize further the chance of a data breach happening. “[It] will empower the firm’s staff to manage risk individually, so the burden of data protection won’t only fall on the shoulders of the IT Departments,” Valerie continued. “Users have to do their own risk management, no matter how busy they are.”
Watch how cleanDocs stops accidental data breaches with a hybrid approach to metadata management and email recipient checking.
About the author
Azan drives and manages sales in Australia, New Zealand, and Asia. He brings with him over 15 years' experience in the IT industry including many years as a software engineer and developer. Azan holds a degree in Computer Science from the Victoria University of Wellington.