You’ve got a pile of legal documents and your Effacts database is installed. Now what? Before you start uploading all your documentation, now is the time to create a document retention policy for your organization– or review your existing one. No organization wants to experience the moment when they realize a document that has become the subject of litigation has already been deleted. To avoid making a potentially costly mistake, we recommend including the following components in your organization’s document retention policy.
1. Define what a “document” means to your organization.
Does “document” include only contracts and claims, or does it include e-mail correspondence and instant messages between colleagues? Keep in mind that your colleagues may occasionally send work e-mails from their private accounts, save documents on their personal computers at home, and send text messages from their mobile devices.
2. Categorize documents and specify how long each category should be preserved.
While you may have several different categories of documents, it’s not a good idea to create a different retention periods for each document type. To avoid confusion, stick to just a few retention periods (3, 5, and 10 years). After the retention period has passed, take a final look to make sure there isn’t a reason why you should still keep it.
3. Appoint someone from the legal department to oversee the document retention policy.
This person will most likely be involved if the company needs to testify about the collection and retention practices, so they must be able handle the responsibility that comes along with it.
4. Make sure your retention policy complies with local laws, statues and regulations.
Some statutes and regulations require companies to retain certain documents for certain periods of time. Make sure that these files are readily accessible and kept apart from other documents to make retrieval easy and reduce the chances that they are deleted by accident.
5. Have a litigation hold policy.
There’s nothing worse than discovering an important document has been deleted when the company becomes the subject of a lawsuit or investigation. An organization may face scrutiny if a document is requested during litigation but was deleted a few months earlier. Think of it this way: the consequences for needing a document and not having it are going to be greater than the consequences for having a document and not needing it.
6. Consider how documents contribute to the everyday operations of the organization.
It’s helpful for all members of your organization if they know what information is readily available for business use. It reduces the time spent searching for that information and prevents your colleagues from giving out confidential information.
7. Have a written procedure for destroying documents.
It should go without saying that document retention is a routine part of any retention policy, but the best way to lay down the procedure is to have it in writing. If the document deletion is challenged litigation, the more the litigant is able to describe what data was deleted and by whom, and that the deletion was nothing special, the better.
8. Have the policy reviewed by the general counsel at regular intervals.
The general counsel should look over the policy at least annually to judge whether it is clear enough, the scope in case the policy is requested for litigation, whether storage costs have increased or decreased, and if there are any new document types the organization is using.
9. Educate employees about the policy.
Appoint somebody within the corporate legal department to ensure that everyone is complying with your organization’s retention policy. Even a well-designed policy will have little effect if it is not clearly communicated and followed by your colleagues. In order to get everyone on board, organizations can institute an annual “clean out your documents day.”
10. Plan for the long-term.
A document retention policy should also take into account that if the document retention period is several years, documents in electronic form should be upgraded and transitioned from one technology or software to the next.