Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

The Rules of Electronic Record-Keeping: Page 2 of 5

Sites To See

ARMA International, The Association for Information Management, monitors government initiatives in the United States and Canada
National Archives and Records Administration, oversees management of all U.S. federal records and archives
Public Record Office, contains information on U.K. public records and archives
Reference Model for an Open Archival Information System (OAIS), ISO standard for an open archival model

At the very least, be aware that copies of any and all data could become evidence for your opponent in a legal action. If you store all data in large document repositories and don't have a data-retention policy and procedures for restricting non-business-related documents and messages, you raise the risk of an inadvertent e-mail message becoming a liability.

Take Microsoft. The company was put on the defensive in antitrust proceedings after the Justice Department uncovered incriminating e-mail messages. Microsoft could have avoided this problem if it had implemented and followed a document-retention policy consistently across its data and e-mail stores. The good news for Microsoft, however, was that it was able to produce from its archives e-mail messages that helped its case--messages that were allegedly deleted from AOL's and Netscape's backup tapes. More recently, Merrill Lynch's lack of an effective data-retention policy caused the firm major embarrassment when an investigation by the New York State Attorney uncovered internal e-mail messages from some analysts criticizing stocks they had been promoting publicly.

So enterprises should limit data retention to the exact sum of its parts--solely those documents and records needed for operational, historical and legal purposes. Institute policies and procedures for managing data repositories so you're prepared and protected in the event of litigation. Your records-retention policy also should distinguish between business and non-business communications, which requires training employees on maintaining the former and deleting the latter. A data-retention policy will hold up best in court if it's enforced consistently across the enterprise.

You also need a solid media storage strategy to improve accessibility to data and ensure the data's longevity. Frequently used data, including e-mail and corporate directories, for instance, is typically maintained on magnetic disks that are available to users at all times. Data that's accessed less frequently, including old payroll information, however, is migrated to more cost-effective, near-line storage technologies, such as optical jukeboxes or tape libraries.