Linkedin-in Youtube Facebook-f

Document retention policy

As more and more data is stored as
electronic files, it is important to
know what records should be kept and for how long. A company never knows
when a document may be needed when
faced with litigation.

U.S. companies now need to keep track
of all the e-mails, instant messages and
other electronic documents generated by
their employees thanks to new federal
rules.

The rules approved by the Supreme
Court last April require companies
involved in federal litigation to produce
“electronically stored information” as part
of the discovery process when evidence is
shared by both sides before a trial. Because
of the new rules, an IT employee who
copies over old computer files could be
committing the equivalent of “virtual
shredding” if the old information is called
as legal evidence.

Smart Business talked to Jason A.
Cherkas, senior network administrator at
Tauber & Balser, P.C., about what needs to
be kept.

What is a document retention policy?

A document retention policy provides
procedures for the regular examination,
preservation and destruction of documents received or created in the course
of business. Such a policy will identify
documents to be maintained and contain
guidelines for how long these documents
should be kept and/or destroyed. It
should be noted that there are different
retention periods for human resource,
tax and other regulatory hard copy or
electronic files. You should consult with a
tax or legal professional concerning these
requirements.

Why is it important to have a document
retention policy?

Since a wealth of information is now
being stored electronically, it is necessary
to purge data because it is no longer useful
and is being maintained beyond its retention period. Purging unnecessary data will
not only decrease the need for more storage capacity but will also reduce the length
of time necessary to perform backups of
company data.

A document retention policy may also
protect a company from litigation. On Dec.
1, 2006, new amendments to the Federal
Rules of Civil Procedures became effective
and addressed how electronically stored
information can be exposed during a legal
matter. These amendments make it very
important for company personnel to know
what, where and how data is being stored
and destroyed.

Electronic data stored on servers, e-mail
mailboxes, tape backups and staff workstations can be subpoenaed for litigious
matters; however, if the cost to retrieve
data from offsite storage or from an old
backup system is deemed too significant,
the data may not have to be provided.

What should be included in a document
retention policy?

A policy should contain five sections.
What: Define what data in hard copy
or electronic format your company has.
At a minimum, data and software maintained on network servers as well as
staff workstations should be included in
the policy.

Where: Define where data is stored. An
up-to-date record of all hard copy and electronic files should be maintained and made
accessible.

When: Define when data can be
destroyed off the network. Following the
advice of a professional, you should have a
set date, preferably on a quarterly schedule, to destroy documents. As a general
guideline, electronic and hard copy documents are kept for four to seven years but
some are maintained permanently. The
retention period for tape backups should
be six months to one year.

Who: Define who is responsible for maintaining and destroying documents. This
person should keep a record of what is
destroyed and how it was destroyed.

How: Hard copy documents should be
shredded and electronic documents
should be deleted from all systems.

What steps can be taken to ensure the success of a retention policy?

The most common failure with a retention policy is that the policy is not being followed. Your company may follow the policy when it is initially rolled out but adherence to the policy may become lax over
time. Another step that needs to be
reviewed and one that is often overlooked
is the use of backup tapes and offsite hardcopy storage. Consequently, tape backups
must be included in the retention policy.
Most companies store tapes offsite, which
may inevitably contain data that was previously purged from their network. Typically,
there is not a need to store tapes older than
six months to one year offsite. The same is
true for companies that store hard-copy
documents offsite, which should be included in the retention policy as well.
Educating company personnel on what the
retention policy is and the need to comply
will ensure its success.

JASON A. CHERKAS is a senior network administrator at
Tauber & Balser, P.C., with more than 10 years of experience,
including working for a Fortune 100 company before joining
T&B. He has been a speaker at numerous IT conferences and was
recently certified as as electronic discovery specialist. Reach him
at (404) 814-4911 or [email protected].

Sign Up For News In Your Market

Stay up-to-date with local business news and networking events from Smart Business. Sign up to receive advice from business professionals, or register for information on our networking events near you!

Sign Up Now

Markets

The April Digital Editions Are Now Available!

View this month’s Smart Business magazines on our easy to view, Digital Platform.

Click to View

Linkedin-in Youtube Facebook-f
© 2024 SMART BUSINESS NETWORK INC. ALL RIGHTS RESERVED | Built and Powered By Metisentry

835 SHARON DRIVE, SUITE 200, CLEVELAND, OH 44145  | P: 440.250.7000 |  PRIVACY POLICY