The United Church of Canada uses RecordPoint to ensure its internal data remains private
When internal data was inadvertently shared due to a SharePoint Online configuration change, the United Church of Canada used RecordPoint to ensure the data had not been accessed, increasing trust in the organization's information governance program.
The United Church of Canada
The United Church of Canada is the largest Protestant Christian denomination in Canada and the second largest Canadian Christian denomination after the Catholic Church in Canada. With more than 2800 congregations and more than 388,000 members, UCC has been a RecordPoint customer since 2019, and has a strong background in data management.
The United Church of Canada uses RecordPoint to ensure its internal data remains private
The problem
Sensitive internal information was inadvertently shared more widely than intended
In a world of increasing privacy regulation and the ever-present threat of data breaches, organizations need to prioritize data privacy, not just for their customers, but also for staff.
To make good privacy decisions, organizations need to understand the data they are responsible for governing: what the data contains, where it is located, who has access, and the risk it poses if it is exposed.
This can be a challenge when organizations adopt more data sources to enable remote or hybrid working styles, each with its own set of security settings such as access controls, which must be managed.
When a SharePoint Online configuration change inadvertently shared sensitive internal data to a wider internal audience than intended, United Church of Canada was able to use RecordPoint to rapidly ensure the data had not been accessed.
General Council Archives Manager Nichole Vonk says a Microsoft update to SharePoint Online mistakenly added site owners to a site administrators' group. In practice, this meant a wide group of team members were given access to sensitive information concerning their colleagues.
The RecordPoint solution
An audit of access patterns quickly put minds at ease
While the issue was discovered and resolved quickly, the next task was to establish who had accessed the data while it was available.
Vonk says this kind of data would normally be provided by the organization’s IT team, who may be balancing multiple critical requests and who would need to run a report on access patterns.
RecordPoint made this task much easier, she says, allowing her to review data about who had accessed the relevant files.
“I was able to go into RecordPoint and show within five minutes that the documents in there had not been viewed by anyone with unauthorized access, and that they were secure. That put people's minds at ease.”
The results
Increased trust in the organization's information management program
This kind of incident can erode trust and lower confidence in an organization’s information management program. When IT, privacy, and data governance teams already struggle to gain buy-in for their digital transformation programs from the wider business, this kind of issue can be crippling.
But in this case, the issue had the reverse effect.
“The ability for me to respond immediately to a privacy concern was really useful in demonstrating the system’s value. To show that these kinds of things do happen, but we're able to quickly respond when they do. It builds trust in the system.”
Discover Connectors
View our expanded range of available Connectors, including popular SaaS platforms, such as Salesforce, Workday, Zendesk, SAP, and many more.
Stay informed with the latest insights
Assure your customers their data is safe with you
Protect your customers and your business with the Data Trust Platform.