Chapter Eight (8): Information Governance and Legal Function…

Chapter Eight (8): Information Governance and Legal Functions: According to the authors, Smallwood, Kahn, and Murphy (2019), IG is perhaps one of the functional areas that impact legal functions most. Failure to meet them could be literally put an organization out of business or land executives in prison.   Privacy, security, records management, information technology (IT), and business management functions are very important.  However, the most significant aspect of all of these functions relates to legality and regulatory compliance from a critical perspective.


Information Governance (IG) is a crucial aspect of organizational functions that greatly impact legal functions. According to Smallwood, Kahn, and Murphy (2019), failure to adhere to IG standards can have severe consequences, including the potential closure of an organization or the prosecution of its executives. This paper aims to explore the significance of IG, with a particular focus on legal and regulatory compliance.

Privacy, Security, and Legal Compliance

One of the key areas in which IG intersects with legal functions is privacy. In today’s digital age, organizations collect, process, and store vast amounts of personal information. Protecting this information from unauthorized access and ensuring compliance with relevant privacy laws is essential. Failure to meet these obligations can result in severe financial penalties and reputational damage.

Similarly, IG plays a critical role in ensuring the security of information. Organizations must implement robust security measures to safeguard sensitive data from unauthorized disclosure or breaches. Compliance with security regulations is paramount, as the consequences of inadequate security can be severe, including legal action and financial losses.

Records Management and Legal Compliance

Another crucial aspect of IG pertaining to legal functions is records management. Organizations produce and handle a wide array of records such as contracts, financial statements, and customer data. Effective records management is essential for legal, regulatory, and compliance purposes.

Organizations must maintain accurate records to ensure transparency, accountability, and adherence to applicable laws and regulations. Failure to properly manage records can lead to legal issues, such as non-compliance with regulatory requirements, destruction of evidence, or noncompliance with information preservation stipulations.

Information Technology and Legal Compliance

Information Technology (IT) is central to information governance and directly impacts legal functions. Organizations increasingly rely on IT infrastructure and software to conduct their operations, store information, and communicate with stakeholders. Robust IT systems are critical for legal compliance as they ensure the secure storage and retrieval of information, facilitate data privacy measures, and support effective records management.

However, inadequate IT infrastructure or improper management of IT resources can pose legal risks. For example, a data breach resulting from a weak IT infrastructure can expose an organization to lawsuits and regulatory fines. Similarly, unauthorized access to sensitive information due to lax IT security can result in legal liabilities and reputational damage.

Business Management and Legal Compliance

Finally, the successful implementation of IG requires strong business management practices. Legal compliance necessitates a comprehensive understanding of the legal and regulatory landscape. Effective business management ensures that organizations are aware of and comply with relevant laws, regulations, and industry best practices.

Moreover, proper business management practices enable organizations to identify potential legal risks and take proactive measures to mitigate them. This includes developing and implementing effective policies and procedures, conducting regular audits and assessments, and ensuring ongoing training and education for employees.


In conclusion, Information Governance plays a crucial role in legal functions within organizations. Privacy, security, records management, information technology, and business management are all integral components of IG that impact legal compliance. Organizations must adequately address these areas to avoid legal consequences such as financial penalties, reputational damage, or even criminal prosecution. By prioritizing IG and legal compliance, organizations can create a culture of responsible information management and mitigate potential risks.