- More porn sneaks onto the iPhone
- 'Swatting' case shows need to ban caller-ID spoofing
- Why the iPhone can't be "killed"
- Nortel enterprise chief wants to bring back Bay
- US sets final emergency responder wireless pilot
As if you aren’t busy enough, you now play the role of protector of electronically stored information.
With new regulations and the recent changes to the Federal Rules of Civil Procedure, legal departments are turning to IT leadership to manage the retention, deletion, search and recovery of electronic information. For IT management in large companies, this means tracking billions of e-mail messages, database records and desktop files as they move across tens of thousands of servers and desktop computers.
In many organizations, figuring out what to keep is as difficult as managing the data itself. To help, here are 10 guidelines for the retention and deletion of electronically stored information:
Start by looking in the mirror: When it comes to the retention of electronic information, businesses have a tremendous amount of latitude. While the new Federal Rules of Civil Procedure make it advantageous to have a policy, they don’t govern how long data needs to be held. So, if you are worried about e-mail and other information, delete it quickly. If you think it is valuable to your business, keep it for as long as it is useful.
Don’t let users determine what you keep: If you are letting users decide which messages and documents are kept, you don’t have a retention policy. Good retention policies automate the preservation of electronic information and then mandate the destruction of documents in accordance with stated policies.
Understand the cost of litigation: According to the international law firm Fulbright and Jaworski, the average billion-dollar U.S. company is currently facing more than 500 discrete lawsuits. Electronic discovery for a single lawsuit can cost hundreds of thousands or even millions of dollars. If mistakes are made, litigation can be lost on process grounds, regardless of the merits of the case.
Take advantage of safe harbor provisions: New court rules allow organizations with standard retention policies to delete information unrelated to the case with impunity. If you don’t have a formal retention policy, the deletion of any information may be held against your organization in court.
Remember the regulations: There are thousands of city, state and federal rules which require retention of electronic records – from Occupational Safety and Health Administration (OSHA) to the Sarbanes-Oxley Act to the Fair Labor Standards Act. While a 60-day e-mail retention policy may be the right strategy for litigation, you’ll need to make sure your policy includes exceptions where regulations require longer retention rules.
Partner Content
Explore the Ultrium Edge
The powerful tape technology can address data security with tape encryption as well as long term data protection.
Find Out More
Disk and Tape Square Off
Discover what disk and tape really cost and which solution provides lower total cost of ownership and optimizes energy use for your organization
Download this White Paper
Don't Fall for the Myths
The Clipper Group explores the truth behind the myths of tape, digging into the misconceptions in the disk vs. tape debate.
Review this information
information examination
An examination of information security issues, methods and securing data with LTO-4 tape drive encryption
Read this analysis
Comments (5)
Software retention policyBy Anonymous on March 11, 2008, 1:05 pmstandards template or outline on software retention policy
Reply | Read entire comment
Who is responsible?By John Feeney on February 15, 2008, 10:52 amYour not the only one that has been speaking out on this an falling on deft ears.... e-Discovery is a big issue with lawyers today. As part of my participation...
Reply | Read entire comment
Thank goodness somebody speaks sense!By Eldin Rammell on February 11, 2008, 5:45 amHallelujah! Thank goodness a couple of professional records and information managers have responded to this article. When I read "So, if you are worried about e-mail...
Reply | Read entire comment
Retention and who should NOT be in charge of managing itBy RIMMAN on February 10, 2008, 1:28 pmSeriously, if you work for an organization whose legal department is relying on IT to manage the retention, deletion, search and recovery of electronic information......
Reply | Read entire comment
RE: 10 guidelines for setting retention policiesBy Peterk on February 9, 2008, 10:54 pmThere is a lot of good basic information in this article but if you were to follow it exclusively your organization would be in trouble. What organizations need...
Reply | Read entire comment
View all comments