Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

The Rules of Electronic Record-Keeping: Page 5 of 5

Sean Doherty is a technology editor and lawyer based at our Syracuse University Real-World Labs®. Write to him at [email protected].

Federal and state laws dictate how you should keep your electronic records. The UETA (Uniform Electronic Transactions Act) adopted in many states, for example, and the Electronic Signatures in Global and National Commerce Act of 2000 define a record as information "created, generated, sent, communicated, received or stored by electronic means." And Title 44, Sec. 3301 of the U.S. Code defines a public record as all "books, papers, maps, photographs, machine readable materials, or other documentary materials, regardless of physical form or characteristics."

ERP Rollout Time
How Long to Keep Records

Enterprises are required by federal and state laws to maintain records for business, legal and tax purposes. Although many business records have a three-year shelf life, federal and state tax records usually need to be maintained for seven or more years. Employee and financial records need to be permanently stored and have special reporting requirements set by the FLSA (Fair Labor Standards Act), OSHA (Occupational Safety & Health Administration) and SEC (Securities and Exchange Commission). And records that may be the subject of litigation should be maintained beyond the period of the applicable statute of limitations.

Also, federal and state regulations vary according to business sectors, and state laws have different requirements for tax and worker's compensation records. Under the HIPAA (Health Insurance Portability and Accountability Act), for instance, health-care providers must keep documents relating to uses, disclosures and authorization forms on patient information for six years. And pharmaceutical companies need to comply with FDA requirements for electronic records and signatures in lieu of paper documents and handwritten signatures to ensure authenticity and confidentiality.