Ponemon Institute
Sign Up for the Ponemon News Feed for special reports and important updates regarding privacy and security

News & Updates

Reshaping Financial Services IT: CIO Best Practices for the Shift Toward Mobile Speakers: Dr. Larry Ponemon, Chairman, Ponemon Institute Ojas Rege, VP Strategy, MobileIron Session Times: April 1st 8:00 AM PDT (San Francisco) / 4:00 PM BST (London) April 2nd 9:00 AM HKT (Hong Kong) / 6:00 PM PDT (San Francisco)    Widespread consumer adoption of mobile technology has set in motion a fundamental shift within financial services organizations. CIOs are learning to leverage the power of mobility to deliver a strategic business advantage by helping their firms become more efficient and flexible. For the first time, MobileIron will share data from a Ponemon Institute survey of 400 financial services organizations about the future of BlackBerry, BYOD, apps, and governance. Join MobileIron VP of Strategy Ojas Rege and Ponemon Institute Chairman and Founder Dr. Larry Ponemon for a practical and “eyes-wide-open” look at the issues CIOs and CISOs in financial services will need to address as mobile becomes a fundamental part of their computing environment. Key topics include: • Financial services mobile adoption forecasts • Trends in migration to multi-OS environments • Dependencies for successful mobile strategy deployment • Implications of user experience and security Register Now This session will be recorded and available for replay.


RIM Council FAQs

What does RIM stand for?

RIM is an abbreviation for Responsible Information Management, a process for engendering trust and confidence in how an organization’s leaders, employees and agents handle, manage, retain and secure sensitive, private or confidential information.

RIM is the alignment of key stakeholders’ privacy and data protection preferences with business, data and technology practices within the organization. Key RIM components include: privacy, data security, information (or data) security, confidentiality, information accuracy (or quality) and data processing efficiency.

Why is RIM important to organizations?

All organizations face the challenge of safeguarding sensitive and confidential information about individuals and their business. RIM offers a practical and holistic approach to identifying and reducing the most critical privacy and data protection risks.

The failure to protect personally identifiable information adequately can result in a costly data breach. In our most recent 2008 Cost of a Data Breach Study, the cost of a data breach has risen to $202 per record from $197 per record in 2007. 

In addition to the financial impact, organizations can experience reputation diminishment and loss of consumer confidence.  A Ponemon Institute study revealed that 20 percent of customers terminated a business relationship when a data privacy breach occurred, and an additional 40 percent would consider doing so.*

The frequency of data breaches in recent years and the resulting high percentage of individuals notified that their personal information was lost or stolen have increased overall concerns about privacy and identity theft. In Ponemon Institute’s 2007 Survey on Consumer Privacy, 84 percent of consumers who had been notified that their confidential data was lost or stolen expressed increased concern or anxiety due to the data loss. Further, consumers are not only upset about the loss of their personal data but also how the data is lost.  In our study, consumers have indicated they would have more negative perceptions about a company that lost their information due to negligence than if that company lost their information as the result of a criminal act or theft.

* National Survey on Data Security Breach Notification, Ponemon Institute, September 2005

What is the RIM Council?

The RIM Council is made up of privacy and data protection professionals from more than 50 companies. Members meet regularly to determine how best to advance solutions to the challenges facing their organizations’ acquisition, use, storage, transfer, and disposal of sensitive personal and business information. These solutions are based on the RIM Framework of process management, education and awareness, monitoring, communications and redress & enforcement.

What are the goals of the RIM Council?

The RIM Council has a number of goals, which include the following:

  • Provide an ethics-based framework focused on problem solving within the context of long-term strategic needs for the management of all personal and sensitive business information assets. Develop tools that help translate policy into operational action that will enable an organization to align the information preferences of individuals and enterprises with business, data, and technology practices, while addressing regulatory considerations.
  • Address challenges faced by multi-national organizations in developing efficient and effective solutions that address cross-border information asset transactions.
  • Provide added value to member organizations through leveraging research and development resources and identifying where possible cost/benefit models.
  • Identify future challenges and opportunities to position and keep members in a proactive rather than reactive mode.

How frequently does the RIM Council meet?

RIM Council members meet frequently through conference calls and in-person meetings.

How is the RIM Council structured?

The RIM Council organization is managed by the Ponemon Institute and governed by its chairman and paid staff appointed and managed by council members and their delegates. The chairman and staff are counseled by an Advisory Board composed of an appointed group from member companies.

Member organizations may be nominated to sit on the Advisory Board. Members may have multiple individuals from their organization participate in RIM Council meetings and/or working groups.