Retention Best Practices Worth Repeating

It’s a message we’ve articulated before but it’s worth repeating: organizations must prepare themselves and their electronic records now so they don’t face serious legal headaches and possible sanctions later. This article by Matthew Schwartz from the IT Compliance Institute presents a great summary of what the Federal Rules of Civil Procedure amendments mean and how companies can wrap their head around what they need to do to comply.

Schwartz gives several best practices for those looking for a way to jumpstart their retention policies:

Know what to retain

 

Have an effective policy for retention

 

Simplify the number of retention rules at your company

 

Craft retention rules based on business functionality

 

Don’t trust users or automation (use combo or create broad rules for retention)

 

AIIM director of market intelligence and BizTechTalk blogger Dan Keldsen is quoted in the article noting that court success requires, “having that process [retention and discovery] well documented and followed, and moving towards a stance that provides undeniable authenticity of the content provided, such as the recommendations by Judge Paul W. Grimm [in Lorraine v. Markel American Ins. Co.] to utilize trusted time-stamping in content placed into repositories.” Our mantra at Surety is that authentication is a critical, but unfortunately often overlooked, aspect of records management. An organization’s retention policy is only as strong as its authentication abilities and this needs to be part of every conversation about records management and retention.