Canopius

Solution

Canopius was very clear that this was not an issue to be solved by IT and technology in isolation. Francis worked with a team of experienced information governance consultants at Oyster IMS and together they devised a business-led program to identify information owners, gain senior management backing, and create a clear ongoing communication strategy. In parallel, OpenText™ ControlPoint™, with its OpenText IDOL™ indexing engine, was selected to support this business engagement. ControlPoint helps implement business rules to verify data, identify and remove trivial information, tag data based on content, archive appropriate data, and migrate information.

Francis comments on the process: “ControlPoint is completely customizable for teams, or even different individuals, so depending on the requirements, it will treat their data in a certain way. Once the process was implemented, as we recognize that our business changes all the time, we set up a regular monitor and review schedule to ensure this is not a ‘one-off’ exercise, but becomes second nature to us.”

Bringing structure to unstructured data soon started paying dividends. Canopius is an acquisitive company and one of the department’s audits found a ‘lost’ HR area that the current team were not aware of. As HR data is inherently sensitive, it was vital to manage it appropriately. The team also found examples of confidential information saved to a less secure area and could rectify this immediately. With new data coming in from different companies, ControlPoint’s ability to recognize common data formats and define granular policies for different data sets proved very useful.

For example, Francis used ControlPoint to manage an e-disclosure request for a litigation: “Locating 2.5TB of relevant information would have taken me at least a month before. Using ControlPoint and working with Oyster IMS, I was able to collate information across multiple repositories and respond to the request within a morning.”

Canopius is subject to GDPR ‘right of erasure’ requests. ControlPoint searches across information siloes and returns all instances of the requested data for deletion. Data subject access requests are also managed through ControlPoint, which hugely streamlines and speeds up the process. According to Francis: “We already used ControlPoint when GDPR came into force. It really put us ahead of the game as we had done the groundwork and were already applying GDPR principles to our data.”

Results

Following the ControlPoint implementation, Canopius has so far deleted over 4.3 million files. As Francis says: “By shrinking the haystack, you will find the needle faster. We spend less time looking for something and more time making data-driven business decisions.”

Efficiency and productivity improvements are not the only benefits Francis has noticed: “With ControlPoint, we have reduced our storage costs, and improved our response to audits and GDPR information requests. By knowing exactly where our data is and what purpose it serves, we have enhanced our whole information governance regime. We are confident that this will reduce our exposure to penalties or sanctions related to data privacy breaches and are beginning to explore how we can extract meaningful insight from our unstructured data.”

He concludes: “Micro Focus (now part of OpenText) and Oyster IMS have helped reduce our liability and given us the tools to make intelligent decisions on our data retention policies. This is a great example of business and IT working together for success.”

Locating 2.5TB of relevant information would have taken me at least a month before. Using ControlPoint and working with Oyster IMS, I was able to collate information across multiple repositories and respond to the request within a morning.