Contoural Blog
Insights, best practices, and thought leadership around information governance, records management, and data privacy from Contoural experts.
Tom Mighell, JD
November 17, 2025
Everywhere we turn, someone is using a new tool to communicate, and we’re faced with a dizzying array of chats, encrypted messages, video recordings, transcripts from AI tools, prompts and outputs created by generative AI, and a host of other odds and ends. The sheer volume and variety of these formats have made information governance and data retention a far more complicated endeavor than ever before.
Kerry Childe, JD, CIPP/US, CIPM
August 28, 2025
A data inventory is critical to managing your information, and if you do business with Minnesotans, it’s now required under Minnesota's new consumer privacy law, the MNCDPA. A Personal Data Inventory is focused on just the personal information your organization collects, uses, maintains, and shares with third parties, as well as the processes surrounding that activity. As we frequently say to clients, on webinars, and to anyone who will stand still long enough to hear us: “How can you protect it if you don’t know it exists?”
Bill Horn, PhD
August 15, 2025
Hoarding isn’t a malicious act. In today’s tech-driven workplace, saving data is nearly effortless. Whether it’s a quick email backup to a personal folder or keeping old project files “just in case,” employees often don’t stop to think about the consequences. Trying to fix the problem with threats or policy reminders rarely works. What’s needed is a thoughtful approach to change management, one that tackles habits and attitudes alongside technical controls.
Kerry Childe, JD, CIPP/US, CIPM
January 11, 2025
When organizations come to us looking to implement or update a data retention policy, it’s usually driven by privacy compliance issues. With growing enforcement of global and domestic privacy laws, organizations are under pressure to minimize how long they keep personal information. That’s a good reason to act, but when we dig in, the organization begins to see that privacy isn’t the only consideration, and in many cases, it’s not the most complex.