Skip to main content
Your RMIS data is at the heart of critical decision making. When it comes time to change vendors, your risk management data shouldn’t cost you. Yet, if some vendors charge exorbitant fees to get it back, is it really your data?

With some RMIS vendors charging between $10,000 and $35,000 for data exports, taking months to reluctantly deliver the data, and ultimately putting it into formats that are difficult to work with, getting your organization’s own data back may prove more challenging than it should be. Understanding exactly what the barriers are to retrieving your data could be fundamental to planning a future vendor switch.

Don’t underestimate the value of RMIS data

In the article Data Governance - What, Why, How, Who & 15 Best Practices Scott Taylor of Meta Meta Consulting explains how everyone is in the data business, in one way or another. “Everything we touch turns to data. Business is transforming from analog to digital. No matter what your product is, data is your product. Business is changing because of data, and data is power. With the right tools, you can harness that power right now.”

RMIS data fits that description of a powerful asset. Used properly, it is actionable data that drives a variety of key business decisions and can affect operations across many departments. That inherent importance, however, is also why some RMIS vendors hold it hostage. Its value creates leverage that can be used to punish an organization for deciding to move on and partner with a vendor that delivers better service and technology.

The pain of a bad vendor “breakup”

Following your decision to move to a different vendor, things may not go exactly as planned.

“They’ll take your data hostage. They’ll tell you that, should you decide that their solution isn’t right for you, then your data will be wiped out permanently. Everything that has been stored or submitted into their application or solution will be irreversibly lost. Alternatively, they might make data migration impossible or unnecessarily difficult.”

Is Your Vendor Holding Your Data Hostage?

It’s neither ethical nor responsible. Unfortunately, it’s an all-to-common response in today’s RMIS marketplace. A “jilted” vendor can employ any number of tactics to ensure you feel the pain:

  • Charging you for exports of your own data
  • Dragging out the process (disrupting transition timelines)
  • Providing data in difficult to use formats or neglecting to include a data dictionary (requiring resources to untangle)

Each of these is intended to make it more expensive to depart, which at high enough levels, can effectively lock you in with a vendor you’d rather leave.

Prepare now for the divorce 

Data portability policies should be clear and specific. Hesitation or overly general answers should raise red flags. 

Finding out how portable your RMIS data is should be a part of the evaluation of any potential vendor. Thomas J. Trappler, author of When your data's in the cloud, is it still your data?, notes “I know this sounds like advising someone to find a divorce lawyer before getting married, but to mitigate the risk of vendor lock-in, you need to plan in advance for the eventuality that you may decide to switch to a different provider or bring your data and processes back in-house.”

What if you didn’t make data extraction a point of clarification for your current vendor? You need to ask now — even if you don’t plan on moving anytime soon. Jon Lincoln advises in the CIO article How to Choose the Right Software Vendor, “... Ask the vendor what happens if you leave and how you would get your data back.” 

With acquisitions and changes in the RMIS marketplace, your organization may need to explore options sooner than anticipated.

What you need to ask

Trappler advises sorting out five key aspects regarding data portability:

  • Describe the process by which your data will be returned, whether done midterm or upon contract termination.
  • State the amount of time the provider will have to turn over your data.
  • Specify that the data must be provided in a commonly used format that is pertinent to your expected needs, and not in a proprietary or otherwise inaccessible format.
  • Define how long after termination of the contract your data will remain accessible.
  • Quantify the cost to you (ideally none) to export your data.

Good data governance practices require your organization to identify these policies. Ideally this should be done before signing the contract, but figuring out your worst case scenario gives you a much better sense of what complications a migration may face.

Data portability options should be transparent and clear

The process of accessing your data shouldn’t be difficult or confusing. The Forbes Technology Council post 15 Things Every Business Should Consider Before Buying Enterprise Software summarizes, “Good vendors will gladly tell you how to do it, while bad ones will want to lock you in and take your data hostage.”

Origami Risk provides a clear outline of the process and makes client data available for export at no charge as part of the base requirements of any client contract.

For more information about how Origami approaches returning client data, click here.

What to do if your org faces a potential hostage situation with your RMIS provider

It may be of little solace, but you are not alone. Fortunately, however, that means we’ve assisted many companies in sorting out their data-exit options with a number of providers. With that experience we’ve seen the specific tips and tricks that could help shorten timelines and reduce potential costs associated with migrating RMIS data. Data hostage situations are challenging, but not insurmountable.

Don’t let the value of your RMIS data be used against your organization. Find out where you stand, and don’t let unreasonable data migration policies lock you in and prevent a vendor switch. After all, it really is your data.

Talk to a specialist today and evaluate what your data migration options are.