• Call Toll Free: 1-855-909-3300

Crucial Questions To Consider Before Implementing A Sharepoint Compliance Plan

Last year, the Identity Theft Resource Center released a crucial report revealing the total number of breaches industry-wise. A look at these numbers shows the high amount of SharePoint compliance risk that exists for businesses in different industry verticals.


SharePoint Compliance


Overall, more than 102 million people faced the adverse impact due to the total number of data breaches. Following is given a quick breakdown of the various categories and the number of breaches associated with them


  • Medical/Healthcare – 277 breaches of total 112,832,082 records
  • Educational – 58 breaches of total 759,600 records
  • Government/Military – 63 breaches of total 34,222,763 records
  • Business – 312 breaches of total 16,191,017 records
  • Banking/Credit/Financial – 71 breaches of total 5,063,044 records


It can be seen very clearly that industries requiring particular attention in terms of potential compliance risk were medical and government. Actually these were the industries that had most records exposed. It is pretty alarming and particularly troubling. It also indicates that most industries are simply unprepared to counter cases of a data breach.

Host your Accounting Software in secured Cloud

Such data breaches can essentially lead to enormous legal, financial & reputational consequences. It’s only via a highly proactive governance plan that such SharePoint compliance risk can be limited.

Risks of Poor SharePoint Governance

A recent study done by an analyst firm in the area of Optimizing SharePoint found that 75 percent organizations either make use of SharePoint 2013 , or are deeply committed to SharePoint for purpose of collaboration, records management and enterprise content management.

It’s thus right to state that SharePoint is here to stay.

If that is the case, organizations need to ensure that proper governance policies are suitably being applied in SharePoint in a manner similar to how these are applied to some other repository. If that’s not the case, the organization is bound to subject to some extremely grave consequences as mentioned below –


Poor SharePoint governance leads to increased risk of data breach within an organization.

According to a report generated by Identify Theft Resource Center (ITRC), overall 436 breaches were reported in the year 2015 and the worst part is that this number continues to go up with every passing day. In the same report, it was also mentioned that more than 135 million records got exposed due to the 436 breaches. Aren’t these some quite alarming statistics?

Moreover, insider misuse continues to grab a high percentage of overall data breach activity. This simply means that certain users have access to specific information like social security numbers, medical records, birth dates, etc when actually they should not have the access for same. This indeed is poor information governance.


Secondly, an organization experiences loss in productivity due to poor SharePoint governance.

It simply does not matter the type of industry you are working in because all organizations share the same goal and that is to amplify profitability. For this, users should be able to access all the information they require as and when they need it the most. In case this is not the case, users will be less productive.

Henceforth, organizations need to properly define the way they will make use of SharePoint prior to allowing users save documents and build sites.

What All Questions to Ask Before SharePoint Compliance Plan Implementation?

There are few important questions that firms dealing with data need to be well aware of. These questions hold high importance and are relevant to an overall SharePoint compliance plan. It must be mentioned here that Cybersecurity and information governance are linked inextricably. Business owners must be fully aware of the impact these two have on one another.

With more pieces of a business being connected together, internally as well as externally, data breach risk increases too. The proactive approach has to be the preferred method.

Creating a detailed SharePoint compliance plan involving various departments as well as the types of potential risks that may arise offers the best, right way to ensure a highly secure data environment. Businesses need to understand that over-reliance on data storage and sensitive records transmission puts across several opportunities for risk.

Given below are 6 crucial questions that organizations need to consider in this regard –

Are We Transparent Enough?

The organization should be transparent about following –

  • How they are obtaining data
  • Where that data is being stored
  • For how long data is being stored

Additionally, the data should be easily accessible to users who require it.

Do we have Consent?

If highly sensitive information needs to be obtained & stored, it should require suitable consent from all parties. It needs to be properly disposed of and the same needs to be in line with overall information governance strategy.

How long we are Retaining Data?

Defensible disposition of data as required is one of the vital tenants of a compliance plan & information governance strategy. You should always refer to industry regulations at following levels when going to construct a retention schedule –

  • Current
  • Local
  • State
  • Federal

Attractive Plans Available for Application Hosting

Are we Gathering Unnecessary Data?

Improper data that doesn’t mean anything for your business has literally no worth. Investing time and resources on such data is almost a waste. It’s hence recommended that data should be collected only when it’s actually critical to the business.

Moreover, you may have to face storage and compliance related issue due to improper handling of trivial or obsolete data.

Are we keeping Data Secure Enough?

Suitable security measures are extremely critical to the overall compliance plan of every organization. Hence, these must be a top priority even for the non-records.

Are we providing data to Third parties?

Whenever data is sent outside the organization, it becomes highly crucial to understand how exactly that specific data will be treated. Surely, your organization can suffer and finally end up in severely bad situation in case your data residing within a third party gets breached.

Just handing over your data to a third party does not confine your responsibility. Your data is and always will remain your responsibility; no matter where it lives.

Overall, when you are willing to consider a Dedicated SharePoint Server compliance plan, it is a must to ask these important questions first and then accordingly obtain buy-in from all departments. A crucial requirement of Information governance is effective cooperation throughout the organization. It thus becomes essential for the CIOs and records management team to lead these efforts.

Leave a Reply

Techarex NetWorks Products