This is perhaps one of the most-asked questions in all of records management. Too often I hear one of two, equally bad answers: Keep Records for Seven years: This seems to be the de facto answer, especially for financial services records. As near as I can tell, this comes from the U.S. Internal Revenue Service rules around when they can audit individual and corporate tax returns. If you've heard another original story for why we should keep all records for seven years, please share, and I'll update this post. Keep Records Forever: This generally is presented as one of four arguments: Just in case we get sued (or for some other legal reason) There's gold in them thar records! Analytics! AI! BIG DATA!!! Storage is cheap, figuring out what we can get rid of is not. Storage is cheap, penalties for getting rid of records inappropriately aren't. How Long Should I Keep This Business Record for? Although popular answers tend to be “keep records forever” or “keep records for 7 years” which is based on financial record-keeping requirements, the best answer comes down to a number of factors including record type, industry, and more. Often, your organization’s records management program will have processes in place to determine how long to keep business records.
Allow me to introduce you to Wendy McLain, Manager of Enterprise Content & Records Management at Valero. Valero is a publicly-traded international oil and gas company, with revenue in the billions of dollars. Wendy will be presenting at The AIIM Conference 2018. Her session is called "How We Learned to Love Event-Based Retention: A Valero Energy Case Study in Records Management." I thought this would be a great time to catch up with Wendy and ask her some questions.
All too often, businesses discover the need for a document retention policy either when it is least convenient to implement or too late in the game. Particularly in today’s litigious environment where virtually any form of information (paper, electronic, or audio) can be used in litigation, being proactive in this regard can save an organization from headaches and high costs. An organizational retention policy provides for the systematic review, retention, and destruction of information and records received or created in the course of business. Below are eight items to consider when developing your company’s retention policy.
As regulators and courts increasingly exercise their oversight powers, it can be expected that they will hold organizations accountable to explain the evaluations which underpin their ESI (Electronically Stored Information) preservation protocols. The business impact of this heightened level of regulatory and judicial scrutiny is that enterprises that ignore the ESI preservation risks inherent in local and remote working, as well as the management of employee Web 2.0 communications, do so at their peril. Since over 93% of enterprise records are electronic, and the volume and mix of data types are exploding, millions of electronic documents are now routinely collected from all locations where an organization has custody, control, or access to electronic documents – be it in London, Lima, or Timbuktu. The dynamic nature of ESI means that critical documents can easily be overwritten, modified, destroyed, or corrupted during normal use. It does not matter whether this happens accidentally or maliciously. The result is the same – loss of potentially relevant evidence giving rise to probable criminal penalties, fines, or court sanctions for spoliation.