Posted on: October 01, 2014in Blog
Good Record Retention Policies Help Thwart Government Sanctions
After the storm of financial scandals that erupted at the dawn of the last decade, the Sarbanes-Oxley Act of 2002 (“SOX”) was passed by Congress to ensure, among other things, more transparency from business enterprises. As it pertains to record retention, SOX often triggers the need for companies to preserve data regardless of whether a government investigation has actually commenced.
Importance of Information Management Prior to Investigations
Where such investigations are reasonably anticipated, it is therefore all the more important to fully comply with established data preservation requirements. Fortunately, companies are able to proactively protect themselves by implementing legally compliant document retention policies capable of satisfying requirements and helping to steer them clear of obstruction of justice claims and related sanctions.
Determining what to preserve and what to delete
The most pressing issue that record retention policies must effectively address is determining when data may be purged and when it ought to be preserved. There are internal and external factors that must be considered before establishing how long records should be retained. Internal factors include: ongoing business use, internal audit requirements, and the historical value of data.
Decision makers would be wise to give thorough consideration to internal factors when forming specific policies, such as an email retention policy. In the event that retention policy maximums must be increased in length, a risk assessment should be performed to determine the potential risks and costs that the company bears.
Statute of limitations and legal requirements
The key external factor relevant to forming data preservation policies is the applicable statutes of limitation laws. Statute of limitations laws proscribe the period of time during which an organization can either sue or be sued for a particular matter or how long a government agency can conduct an investigation or audit of the company.
With an informed retention policy in place, businesses should then create preservation notices to track and manage potentially responsive business records or other data.
Accordingly, statutes of limitation periods must also be considered in determining how long records should be retained. While statutes of limitations are not required retention periods per se, they are a critical external factor that must be considered in forming effective data governance policies and procedures.
With an informed retention policy in place, businesses should then create litigation hold notices to track and manage potentially responsive business records or other data. This can be proactively achieved by conducting automated disk imaging; targeting data collection by forensically preserving data from a central office; collecting data from other business offices through secure remote data collection tools; or even performing discrete data collection methods throughout an investigation.
With such thorough preservation and collection methods in place, the liability of obstruction of justice claims or related sanctions is even further mitigated.
D4 Weekly eDiscovery Outlook
Power your eDiscovery intellect with our weekly newsletter.
Posted November 16, 2017
5 Workflow Tips for Conducting a Foreign Language Review
Posted November 10, 2017
What You Need to Know About Managed Review and the eDiscovery Process
Posted November 02, 2017
7 Steps to Help You Defensibly Migrate eDiscovery Data
Posted October 27, 2017
CLE Webinar with Lewis Brisbois: How to Do Social Media Collection and Presentation Right
Posted October 26, 2017
Despite Clawback, Defendant’s Reckless Abandon of Rule 502 Bites Back
Posted October 20, 2017
How to Use the eDiscovery PST Export Tool in Office 365 E3
Posted October 12, 2017
Recent eDiscovery Cases for Mobile Phones and Social Media
Posted October 05, 2017
Raising Objections to the Format of ESI Productions: Do it Early and Do it Clearly
Posted September 27, 2017
5 Reasons eDiscovery Alternative Fee Models Make Sense for You
Posted September 22, 2017
Why it's Crucial to Have a Corporate Mobile Device Policy