Is your IT room litigation-ready?

The bright morning sun greets you as you walk the last 50 steps to your company’s front door.  The weather is good, your maintenance team has finished its backups within the maintenance window for three days in a row now, and your stock options are even starting to take on some value.  Things are starting to go your way.

But what is that crowd gathered around the company’s main entrance?  Why is the CEO looking anxiously in your direction?  And why are all those people dressed in blue rolling boxes of tape out the front door?

It may be only 8:00 a.m., but as you cross the threshold into the building you realize that it is already a bit late in the day to ask yourself one critical question: 

Is your IT room litigation-ready?

It’s a scary thought, but at some point between the time that you began to read this article and the time it will take you to finish it, one of your colleagues running an IT operation somewhere in the U.S. or Europe is probably participating in a real-life version of what I described above.

Regulations now hold companies accountable for maintaining records – and the audit trails for those records – in a growing number of industries. Laws and regulations differ from segment to segment of course, and from country to country.  But they all have certain things in common, particularly when it comes to understanding whether or not you have maintained records for the appropriate amount of time, have made them accessible to people who have a right to use them, and have provided them with the appropriate amount of protection from those who shouldn’t have right of access.

Regulatory compliance has a lot to do with the supervision, retention and retrieval of the data you look after.  This typically includes not only records kept in client files, but also may include a requirement for tracking every e-mail that references those files.  It may make sense for you to look at this as a service-level agreement (SLA) you have with the law.  (For information on SLAs and service-level management, a worthwhile site is https://www.slm-info.org/.)

There are lots of lawyers out there willing to help, and many make a pretty good living trying to protect their clients from just this sort of thing. As an IT manager, you ought to be doing your part as well.

Several vendors are making a business out of helping companies protect themselves from legal exposure due to document mismanagement.  These include EMC, IBM, iLumen, Iron Mountain, Ixos, KVS, Renew Data, and ZANTAZ, among others.

It is probably well worth your while to look into what these folks have to offer.  After all, some time in the future it may very well be a dark and stormy night…