Shaun Saldanha, eDiscovery Manager (Litigation Risk) at the TD Bank Financial Group, and Rob Gerbrandt, Senior Consultant with Ledjit Consulting Inc. looked at the development and implementation retention program.
Types of data:
Structured and Unstructured
Where a document resides is irrelevant: a document is a document is a document
Instant messages: some companies deals with them as ephemeral and transitory documents. At TD, they divided the documents in a regulatroy framework and equated instant messages and emails as one type of document.
The idea is to retain the right information, in the right location for the right amount of time
COSO framework
Key player is people: without people, the system falls apart. Employees need to be involved at all stages of the process to identify all the risks that need to be managed, from planning to implementation and auditing.
Key drivers:
- Regulatory needs (Banks, SEC, SOX, etc.)
- Industry
- Business needs
One can’t focus only on the applicable laws, but also and perhaps most importantly, on the needs of the organization, hence the necessity to involve employees at all levels.
Most attendees’ organisations do not have a direct channel and opened communication between IT and legal. They need to talk when handling urgent issues. It is important to develop a clear process with continuous dialog. However, the process will depend on the organization and its risks profile.
How often is legal involved in the planning of technology implementation? What about decommissioning systems?
Federated cost : IM benefits to the whole enterprise. No particular group, particularly the legal department which is already a cost center without a prefixed budget, wants to foot the bill… Furthermore, many lawyers feel that legal is now forced to pay the price of historic information mismanagement! “Wasn’t it the IT department taking care of information? – No, IT only cares about the “T”, i.e. technology; the “I”nformation belongs to the end-users…” So, one of the first questions that needs to be answered is who pays what and how? Retention might be an opportunity for green initiatives and vice versa.
Primary challenges of retention programs is:
- Lack of clear ownership
- “Why not keep everything? Storage is cheap”
- Not a “sexy” initiative
The best way to get buy-in is to start small by grabbing the low-hanging fruits and quickly show the ROI.
Posted by Dominic Jaar
Tags: Conference, document retention policy, E-Discovery, e-discovery process, e-discovery readiness, email, information management framework, instant messaging, record, Robert Gerbrandt, Shaun Saldanha, structured data, TD Bank Financial Group, unstructured data
Ledjit on LinkedIn
Ledjit on Delicious
Puhleeeeeze the correct term is Records Retention program. Why do attorneys persist in calling it a document retention. But Records Retention is but one part of an overall records and information management program
It doesn’t matter whether the content is electronic, paper or microform they are all records. And the are all subject to discovery.
The key is to build a program around standards such as ISO 15489 or those developed by ARMA International (the professional association for records managers) For example you might want to review ANSI/ARMA 8-2005 Retention Management for Records and Information, or ANSI/ARMA 9-2004 Requirements for Managing Electronic Messages as Records or the ARMA International guideline Evaluating and Mitigating Records and Information Risks. These and much more can be found by visiting ARMA International’s website http://www.arma.org and their online bookstore.
one final website to visit would be the Institute of Certified Records Managers http://www.icrm.org
Peter,
Thanks for your comments and the references we use on a daily basis. While we agree that the subject of these policies is the retention of records, they often also cover documents that are not records, hence the reference to document retention policy. With respect to your comment about “e”, I think we all understand that all documents are subject to discovery. However, the presentations at this conference focused on electronic documents.
Dominic Jaar wrote that “also cover documents that are not records”
It’s a pity, but the same issue again.
IT people implements new language. Information was recorded, we have documents about this event.
But, according to IT, documents are not records.
Records it’s records.
We have working papers, and we have the final document – decision, they are all records.
Every thing depends how do you arrange your records, do you keep the final only without background information, or you keep complex of documents pertain ing to the case/ issue / data.
Every document is considered records and records retention applies to all documents.
Mr Babin,
I think sometimes we are forced to agree to disagree. I appreciate the fact that you what to simplify things. However, the reality of most organisations and the way they handle information is, IMHO, better served by creating a distinction, albeit theoretical to certain, between a mere document, that may only be transitory in nature, and a “record”, which is declared as such by employees in compliance with a policy.
That being said, I would be interested, and so would our readers, to see an example of a retention policy referring exclusively to the notion of “record”: can you share a link?
Cheers!
Dj)