We will be publishing a report on e-mail archiving shortly and have discovered some interesting policy issues with regard to current enterprise archiving practices.Here are two key findings from the research:* 45% of organizations do not have any policies or systems in place to prevent users from deleting important e-mail.* Only 53% of organizations have an e-mail retention policy.The implications of these findings are quite profound, particularly in light of the myriad of data retention regulations that apply to virtually all employers, and the increased scrutiny of federal and state regulators in the wake of recent events. For example, five Wall Street brokerages were fined a total of more than $8 million in December for failing to keep e-mail for the appropriate length of time. Before that, a major consumer products manufacturer was fined for destroying records stored in its e-mail system, and a leading telecommunications company was fined for recycling its back-up tapes after the company had been sued, thereby destroying records pertinent to the legal action.There seems to be a perception among many firms that e-mail retention is important only for financial services and healthcare firms. Wrong! E-mail retention applies to virtually all firms, regardless of size. For example, if an employee in the U.S. sends his boss e-mail informing her of his exposure to a toxic substance, the information in that e-mail must be preserved in some form for 30 years, according to the Toxic Substances Control Act. In Canada, records of minor building fires must be retained for two years after a report is made to the appropriate government authorities. In Spain, ISPs must keep data about their customers for at least one year.While most data retention requirements do not specify the medium in which records must be kept, the increasing use of e-mail means that a growing proportion of records will be transmitted and housed in e-mail. Organizations of all sizes must get serious about dealing with this content.