3 Challenges Created by an Ad Hoc Approach to Information Capture

We need to update the way we handle data and documents.

Scanning and information capture lead a curious double life. On one hand, it seems like we’ve been doing scanning and capture forever, at least within larger companies. Scanning and capture are stable, mature technologies with a well-documented ROI. On the other hand, they are still somewhat new when it comes to adoption by many smaller and mid sized organizations.

Organizations clearly understand the benefits of adopting scanning and capture and eliminating manual business processes. Here are the top three drivers for deploying a capture solution (out of a list of 13 possibilities):

• 44% - “We want to enable anytime, anywhere content access.”
• 41% - “We are looking to improve process productivity.”
• 33% - “We want to improve records security and compliance.”

And yet… Many organizations remain more ad hoc when it comes to implementing a scanning and capture strategy and fail to understand the business risks of this haphazard approach.

Consider the following the same research study:

• 22% - “Our offices are piled high with paper and paper processes.”
• 34% - “Most of our important business content is referenced and still filed as paper.”
• 43% - “Contracts, orders, booking forms, and the like are still signed on paper.”

Here are three challenges created by the continued reliance on an ad hoc information capture strategy:

1. Failure to standardize how information comes into an organization increases security risks.

Most organizations now have multiple delivery channels through which documents enter the organization. Oftentimes, they lack normalized processes for safeguarding that information. These inputs can range from paper to the web to email to social media and more, and become more complex as they intersect with the enterprise.

As the technologies to connect, print, and share information become more widespread, the security challenges grow more complex. When scanning and capture was centralized and limited to few employees, information security was easily addressed. The decentralization of these processes now requires a new approach that defines who has access to what and how the organization will manage device, document and network security.

Consider this from Entrepreneur Magazine:

• 85% of employees admit taking company documents that they created.
• 35% admit to taking customer contact data. 90% say there was no policy against taking data.

So how do you “check the locks” on the security of your data? Here are four ways:

1. Control access to various document types within your workflows, and systematically monitor this activity;
2. Protect information when you print, scan, or send/route those documents internally and externally;
3. Regularly train and audit staff on information security and compliance best practices; and
4. Secure sensitive information so that you can maintain confidentiality and ensure compliance.

2. The stakes are rising when it comes to personal information.

Until recently, the protection and security of information on identifiable individuals had a relatively low profile. Most countries, regions and states have data protection legislation, but they vary considerably in the protections mandated. Exposure of personal information or data breaches were relatively rare and state surveillance was generally covert and not acknowledged by governments.

This has changed quite dramatically in the last few years. Ensuring data privacy has never been easy and the increasing use of cloud and mobile devices for content access and collaboration puts additional demands on security and protection.

The new European privacy regulations (GDPR, effective May 25) highlights the growing awareness and importance of secure information management. Many U.S. companies have yet to realize it, but GDPR impacts any organization whose customers are European citizens, not just those headquartered in Europe. If your organization does business in the EU, offers goods and services to EU citizens, or processes EU citizen data, then all the provisions of GDPR apply.

The regulation goes into effect on May 25th, 2018, and the potential penalties for non-compliance are significant (organizations found to be in breach of GDPR may be fined up to 4% of annual revenues or 20 million Euros, whichever is greater).

Even if an organization is not currently subject to its provisions, GDPR is a harbinger of new information privacy and security regulations to come.

3. Ad hoc information capture complicates workflows and reduces productivity.

Processing inbound information from a wide variety of sources with an ad hoc strategy – creates a longtail of process inefficiencies. In the AIIM survey, 42% of organizations say “things are somewhat ad hoc and we struggle to match up inbound paper and electronic content.” 31% of organizations say “electronic inbound content tends to be printed and then filed and processed alongside paper.”

This all adds up to duplicative and manual processes. The continued failure by companies of all sizes to address information capture in a systematic way on the front end – and as early as possible to the point at which information is created -- not only creates opportunities for security breaches, it also introduces drag into business workflows, ultimately affecting productivity.

Conclusion

Organizations must focus strategically on how to manage digital content and understand that: 1) endusers are consuming technology differently; 2) consumer devices are being increasingly used as “on-ramps” to digital workflows; and 3) how you secure the scan and capture process becomes increasingly important.