What to do with all this Data
The Basics of a Record Retention Policy
Every business should have a record retention policy and should have its legal counsel review this policy to make sure all areas are appropriately addressed. The policy should simply spell out what records should be retained and for how long.
Data sources to consider protecting include voicemail messages, facsimiles, e-mails, instant messages, document images, electronic data and paper documents. If your business does not have a policy that is comprehensive enough to cover all these areas, it is time to update your record retention policy.
Within this policy, you should address statutes of limitation, discovery rules, contract requirements, registration and filing requirements and other applicable rules and regulations relevant to your business or industry. Once you establish a record retention policy, everyone in the business should be aware of it and it may be appropriate to communicate the policy to your customers and vendors too.
Document Imaging and Storage Systems
Electronic document imaging and storage is becoming a common method of data storage, replacing paper file cabinets and large storage areas. There are currently hundreds of types of software that a business can use to scan, organize and store records. The software will automatically convert documents to PDF format and save them in a virtual filing cabinet.
The most important part of this type of data storage is a secure environment that allows for offsite storage. Offsite storage is critical; if there is a problem at the office, the offsite facility must be able to restore the data immediately. The cost of this service is based on the amount of data being stored. Two items to consider when deciding on this method of backup are the cost and the ease of retrieving data from the offsite storage.
However, the use of such an electronic system makes having a record retention policy all the more important. The following suggestions cover how to handle specific types of electronic records.
E-mail has become the favored mode of communication in most offices. Like all other computer data, e-mails are subject to discovery in a lawsuit, so each company should maintain its own policies about how and when to use e-mail from the office. The company’s record retention policy should provide guidelines on when e-mails should be deleted or retained, depending on their nature. Software is now available that will “shred” e-mails and make the data unusable. If used, such software should be set up so that it agrees with the office’s general document retention policies.
Normal office practice is to delete voicemail messages immediately after the recipient has listened to them and to verify the information from these messages with follow-up phone conversations or written communications to clients.
Telephone conversations are generally not recorded or saved on a computer, however, do not assume this to be the case and discuss this with your IT professional. Federal laws allow for phone conversations to be recorded as long as one party has given consent, but state laws vary, so a company’s legal counsel should be consulted before recording and saving phone conversations.
Fax communication is rapidly becoming obsolete, although it is still common for some companies. In many cases, the fax machine has been replaced by software that allows the user to read and save the fax, along with the date, time, and other information, on the computer.
Most fax machines maintain records of what documents were sent and by whom, when, and where the documents were sent. These records should be purged on a routine basis. Most fax machines have setup options that allow users to change settings so data are not stored if the sender prefers that option.
The growing form of electronic communication is the instant message, but depending on the service you use this may not be a secure form of communication. Instant messages software often leaves a trail on the computers that route the information, so be careful about sending confidential information through this means.
Selection of Retention Periods
Probably the most important item a company should address in its record retention policy is how long records need to be maintained. This decision depends on the types of documents, the services offered by the company, and any laws or regulations that define the holding period.
One consideration in determining how long to retain records is the statute of limitation, which governs the amount of time within which a plaintiff may bring a lawsuit against you. This period is governed by state law and may vary depending on the type of action, such as malpractice or breach of contract. Normally, the statute of limitation starts on the date that the client first had knowledge or should have known of the act, error or omission that gave rise to the action.
CLICK HERE FOR AN EXHIBIT that includes the most common accounting and tax documents with a recommended record retention guideline. While this exhibit may not be the right period for you or include the specific documents for your business it can be used as a guide to help you develop a more comprehensive record retention policy.