Marketplace lending is transforming many aspects of the lending industry. The technology platforms on which these marketplaces operate affect both the origination and the secondary market into which these loans are sold and increasingly securitized. Intuitive webpages collect borrower data, algorithms automate underwriting, providing borrowers with lower rates, better user experience and faster closings. Investors […]
Articles about our FinTech Solutions.
Many organizations today manage, use, store and/or distribute documents that contain Personally Identifiable Information (PII). This is done internally for employees or, depending on their area of business, for customers, patients, residents and students. This digital economy relies heavily on the storage, access and transfer of data so putting in place policies and technology to manage this is becoming critical.
Document management adds a layer of complexity as the data is not only stored in databases (metadata), but also in the content of the documents. If your business model requires the distribution of documents then technology needs to be put in place to redact the data in the documents as well as encrypt the data in the database.
Examples of PII
The following list provides examples of PII data:
- Name and other names used;
- Social Security number, full and truncated;
- Driver’s license and other government identification numbers;
- Citizenship, legal status, gender, race/ethnicity;
- Birth date, place of birth;
- Home and personal cell telephone numbers;
- Personal email address, mailing and home address;
- Religious preference;
- Security clearance;
- Mother’s middle and maiden names;
- Spouse information, marital status, child information, emergency contact information;
- Financial information, medical information, disability information;
- Law enforcement information, employment information, educational information; and
- Military records
DocuNECT provides a number of security features and functionality to manage the storage, access and distribution of PII data.
Encryption at Rest and in Transit
Data needs to be protected when it moves from server to user and also when it is stored. DocuNECT encrypts the data in transit and at rest. When you define metadata to store documents, you can encrypt and mask the data. For example, a credit card number can be displayed as * except for the last 4 digits.
Free-Form Auto-Redaction of PII in Documents
If you want to distribute documents the PII needs to be protected in the content of the document. DocuNECT has a powerful business rules engine that can identify and redact the PII so the documents can be safely distributed. This functionality is not based on x/y coordinates of data, but uses technology to identify the PII contextually using the content itself. Therefore, this functionality can be used for both structured and unstructured documents.
DocuNECT can distribute the redacted documents in a number of format specifications, whether it be a defined folder structure or a third party business application.
Role-Based Access to Documents and Data
Access to the documents and data can be tightly controlled so only the right users have access to the right information.
Audit Trails and Reporting
Every document and data action is audited in the system, from user access to document actions. This allows the complete chain of custody to be stored to help with compliance.
The document management marketplace has been with us for many years and is still going strong. The longevity of the market creates conditions where companies can have more than one document management system. Systems can be inherited through acquisition, disparate departmental systems, or systems from software vendors that is no longer supported.
The following list provides the business drivers behind document/data system centralization:
- Reduce IT complexity and maintenance costs
- Reduce Infrastructure complexity
- Adhere to regulatory retention, audit and compliance policies
- Eliminate information silos
- Safeguard information integrity
The following list is our top 5 challenges with document migration projects:
1. Old Technology
This goes with the territory. If customers are looking to migrate content, the source system is likely to be hosted on older technology/hardware using older software versions. The target is the reverse. Therefore, the migration process has to span technical environments that can be some years apart in compatibility. Another issue here is system accessibility, as support for older APIs need to be maintained.
2. Missing/Corrupt Documents
A migration forces a read of every document in the system and if the system has not been used for a while missing/corrupt documents can be discovered. These need to be identified and mitigated through the migration process.
3. Data Interpretation and Translation
The taxonomy of data that is stored with the documents in the source system may have been designed some years before. For example, an index value that made sense 10 years ago in one business context can have little value now, or categorization of certain document types has changed and need to be translated. This situation causes the business to get involved to advise on the data translation scheme. This is important to do, but can increase the timescales of the project.
4. Managing Time Expectations
Legacy systems can accumulate a large number of documents and data which can take time to migrate. Although timing expectations can be set during the project initiation, it is recommended to perform a pilot/test migration to prove the process and understand the timing. The following points should be considered:
- Resource Utilization/Network Throughput – Document management is resource and network intensive as it moves both data and documents and migrations involve continuous movement of data.
- API and Document Processing Overhead. It easy to think that you can roughly estimate a document management migration by timing just the file copy. However, there is the overhead of the source and target system APIs, and any additional processing that is required while migrating, such as OCR’ring or rendering the document to a different format.
- Impact on Production. If the source/target systems are in use, the migration process could utilize the resources enough to slow down the system which impacts the business users. This situation may force the technical resources to be increased, or the need to run the migration out of production hours.
5. Differences in Document Management System Taxonomies
Not all document management systems are made equal. Objects or data contained in the source system may not all have a “slot” in the target system, or are simply managed differently. This means that a discussion with the business is required to reconcile and understand the differences. Areas that have caused discussion in our experience are:
- How to Handle System Data
- Differences in Managing Security
- Moving Annotation Objects
Migration projects need careful planning and the above points should be considered and discussed with the business before timescales are presented and socialized.
Portford has developed a document migration methodology to accompany our own DocuNECT migration technology to address these challenges and to make sure migration projects are successful.
Contact us now if you want help in planning your next migration project.