E-Document Management: A Litigator Looks at Retention Policies
Computerworld - For IT professionals, top management and their lawyers, the explosion in awareness and use of electronic documents in litigation presents great challenges.
For example, the widespread use of business e-mail has often required the revamping of document retention policies and the dedication of substantial resources to ensure that the enormous volume of electronic communication is properly treated from the perspective of regulatory and litigation preparedness.
The problem may soon get worse with a similar explosion in the use of new communications methods such as digitized voice mail, a medium that has the potential to become as permanent and accessible as e-mail.
Electronic records are generally subject to discovery in litigation to the same extent as paper records. Yet such records, because of their volume and ease of creation, retention and destruction, can present unique challenges to a business. This article attempts to outline some of the important concepts that a business should consider in constructing a policy to deal with the retention of such e-documents.
First Principles
First, having no policy is a policy. A business that has no centralized policy regarding retention of electronic records in effect delegates decisions about which records to create, retain or destroy to all the employees who have access to record-making or record-keeping functions. Employees with limited perspectives on management and legal issues shouldn't be relied upon to make decisions that could affect the entire business.
Second, "bad" documents are being created, even as you read this sentence. It isn't possible to retain only good documents. Indeed, it's not necessarily possible to determine in advance whether a particular document will help or hurt a business in the event of litigation. A directive to retain only good documents, moreover, could be subject to severe scrutiny in the event of litigation. Thus, any e-document retention policy must be based on neutral principles that can be readily explained and defended in court.
Finally, policies are only words. To be effective, a policy must be implemented. It must also take into account practical business constraints that may affect the ability to implement it. Furthermore, in most instances, some form of training, supervision and troubleshooting must be built into the implementation. Where significant problems arise in implementing a policy, moreover, a business must be prepared to modify its policy to ensure that it works in practice. A poorly implemented policy may cause as much trouble as having no policy at all.
Purposes of the Policy
Before constructing a policy, it's vital to consider its specific purposes. Although it's possible



- Excel 2010 Cheat Sheet
- Register for this Computerworld Insider Cheat Sheet and gain access to hundreds of premium content articles, guides, product reviews and more.
- Overcome Top 7 Admin Challenges of Active Directory
- As Active Directory's role in the enterprise has drastically increased, so has the need to secure the data. Gain insight on creating repeatable,...
- Insiders Can Ruin Your Company. Take Action.
- Did you know that 80 percent of threats to an organization come from the inside? The threat from insiders is often overlooked in...
- Top Solutions and Tools to Prevent Devastating Malware
- Custom malware frequently goes undetected. According to Forrester Research, the best way to reduce risk of breach is to deploy file integrity monitoring...
- Streamline Compliance and Increase ROI
- Streamline, simplify, and automate compliance related activities; especially those that impact multiple business units. This white paper from NetIQ, outlines solutions that will...
- X-Ray of the PCI Process-4 Proactive Steps
- This white paper from Forrester Research Inc., helps break PCI into understandable components. Security and risk professionals will gain knowledge and insight into... All Gov't Legislation/Regulation White Papers
- Optimizing Networks for the Cloud
- Join guest speaker, Rohit Mehra, IDC Director of Enterprise Communications Infrastructure, to explore current trends, discuss best practices for optimizing Data Center and...
- Apps QuickStart Series Part 2: Designing and Deploying SQL Server on VMware vSphere
- Download this webcast to learn about the design considerations for virtualizing SQL workloads, performance and scalability information and high-availability options, as well as...
- Apps QuickStart Series Part 1: Designing and Deploying Exchange 2010 on VMware vSphere
- Download this webcast to learn the virtual hardware design considerations for Exchange 2010, deployment using the building block approach, options for high-availability and...
- Customer Spotlight: How IPC The Hospitalist Company Implemented Oracle on VMware
- Have you been looking to hear about customer's experiences with the new VMware vCenter Site Recovery Manager product? View this webcast to learn...
- Virtualize Business-Critical Applications with Confidence
- Virtualizing business-critical applications has become a key focus for organizations as they move along their virtualization journey. With the launch of VMware vSphere®... All Gov't Legislation/Regulation Webcasts