alphaspirit - Fotolia


Records retention policy dos and don'ts

Every business needs a data retention policy, but not just any. Know what points to consider when helping customers establish data retention policies.

Ensure your customer has a records retention policy in place before looking at solutions for any kind of archiving. They must be able to meet regulatory compliance requirements. Data retention regulations exist for almost anyone who employs and does business in the U.S., so helping your customers understand that will ultimately help you better understand their needs and make a sale.

Bill Tolson, of, says the first step in understanding retention is to create the records retention policy, so that you know exactly what you need to be doing for this customer and the kind of technology they'll need for archiving.

So what do you need to know before helping a customer establish a data retention policy? Here are mistakes to avoid, originating from our sister site

Don't forget email and IM are business records.

Don't overlook information that may be considered business records, including policies, procedures and audit reports.

Don't assume that retention for business information should be seven years. It depends on the industry, company, etc.

Don't automatically destroy everything after it's no longer needed -- it may be needed even later.

Don't assume your customer can handle a critical situation without getting legal involved.

Don't think limiting mailbox space will enforce retention.

Don't ever trust customers to do the right thing.

Don't assume everything is automatically destroyed when it should be. People may keep their own archives.

Don't go to a lawyer, ask for a retention policy and accept that he or she will know what to draw up.

Don't overlook the five tenets of information retention:

  1. Keep in mind lawsuits and discovery requests.
  2. Your customers really do need information retention policies.
  3. They first need a secure storage environment for your electronic business assets.
  4. Information needs to be searchable and retrievable in a timely manner.
  5. Time equals money and discovery costs can be huge if no proper retrieval is in place.

Next Steps

Need for data management frameworks opens channel opportunities

Dig Deeper on Regulatory compliance with cybersecurity laws and regulations