March 02, 2009 08:45 ET

Informative Graphics Corporation Releases Strategies for Securing Privileged Information, Reducing Data Breaches Through Electronic Redaction

Redaction a Key Consideration for Protecting Personally Identifiable Information and Mitigating Risk in Intentional and Inadvertent Breaches

SCOTTSDALE, AZ--(Marketwire - March 2, 2009) - Informative Graphics Corporation (IGC), a leader in content visualization, collaboration and redaction technology, today issued a paper on recommended strategies for protecting Personally Identifiable Information (PII) as data breaches rise worldwide. Titled "Electronic Redaction: How to Properly Redact Documents," the paper defines proper redaction and methods for securing privileged information. The paper is available for free download at http://www.redact-it.com/whitepapers/.

According to Nemertes Research, "Redaction should be considered for PII in archived personnel records to mitigate risk in an intentional or inadvertent breach. Though historically a legal/litigation function, the need for redaction ties directly to archive, retention and enterprise content management (ECM) policies to protect personally identifiable information (PII). This requirement is highlighted in Nemertes' benchmark, 'Security and Information Protection,' in which 52.6% of participants say that the most costly regulations to comply with are the privacy-related regulations: HIPAA, FERPA, GLBA, PCI and CA SB1386. PII that isn't needed should be redacted."

Many states with data breach laws specifically mention data redaction as offering an exemption to disclosure requirements (as is the case in Arizona's Senate Bill 1338). States that have information-breach-notification laws hold businesses liable for the security of nonpublic personal information (NPI) and several states have made it a criminal offense to steal personally identifiable information. Arizona House Bill 2484, for example, makes identity theft a felony. An example of compliance would be to redact customer privacy data so that it would no longer be accessible to unauthorized parties. With the proper redaction solution, organizations can meet the needs of businesses while reducing data security risks.

Unauthorized access to privileged information impacts state and local governments, major corporations, small businesses and universities, exposing organizations to potential legal challenges or even criminal charges. Because of these concerns, IGC has issued recommendations to help organizations protect sensitive content. These guidelines include:

--  Inspire an across-the-board culture of familiarity and participation
    in security procedure. Security of information involves principals
    throughout the business.  Therefore, a general agreement of content
    security processes must be established to create an effective security
    strategy.
--  Implement new security technologies incrementally. While the long-term
    mission should be defined, focus on near-term landmark goals where possible
    to build an early and attainable record of success.
--  Automate security processes to minimize human error. Enterprise
    Content Management (ECM) systems provide access to an organization's file-
    based data, and as a result, can expose sensitive information to
    unauthorized users. An automated way to prevent this is intelligent removal
    of privacy information and sensitive content from files using integrated,
    role-based electronic redaction.
--  Select a redaction expert to trust with sensitive information. This
    person will be responsible for setting up the company's redaction policy,
    including recommending or selecting the redaction tool (or working with the
    IT department to do so), learning to use the selected tool properly, and
    then either performing all redactions or training other users.
--  Write a formal redaction policy with respect to who performs
    redaction, what kind of documents require it, and training required for
    current and new employees.
--  Identify the organization's redaction needs. A redaction tool that
    fits business needs can save significant financial and human resources.
    

IGC provides automated electronic redaction-enabled technologies that integrate with today's leading ECM platforms to address security of privacy data. Solutions include Redact-It Enterprise®, a highly scalable, fault-tolerant redaction server for bulk processing of document and image files on-demand as part of a workflow process. The software is used by state and local governments, law firms and corporate legal departments to cleanse privacy information. Documents include government forms, digital documents and files retrieved for litigation purposes and public records. Redact-It is tightly integrated into leading enterprise content management (ECM) systems and scan/capture systems such as EMC Documentum, Interwoven WorkSite, Kofax Ascent Capture, Microsoft SharePoint, and Open Text Livelink ECM.

"The number of data breaches over the past twelve months has been staggering," said Gary Heath, President and CEO of IGC. "Moving forward, organizations are challenged with managing and securing critical corporate and consumer content and therefore need to be aware of today's risks. With advanced electronic redaction resources at their disposal, IT professionals will be in better shape to protect information under their watch."

"Electronic Redaction: How to Properly Redact Documents" is available for free download now at http://www.redact-it.com/whitepapers/

About Informative Graphics

Informative Graphics Corporation (IGC), founded in 1990, is a leading developer of commercial software products for multi-format viewing, collaboration and redaction. Renowned for their cost-saving value, ease of use, features and scalability, ICG products are deployed by thousands of corporations, law firms and government entities in the United States and internationally. In addition to Redact-It Desktop and Enterprise, IGC also markets Brava!, a two-dimensional viewer with redaction and annotation capabilities. IGC maintains offices in the United States and has key distribution and OEM partners worldwide. For more information, visit www.infograph.com.

Informative Graphics is a registered trademark of Informative Graphics Corporation, and Redact-It is a trademark of Informative Graphics Corporation. All other names are the properties of their respective owners.