What to do with old e-mail: properly managing your company's electronically stored information.

AuthorHanlon, J.P.
PositionADVICE / LAW

THESE DAYS, MOST documents created, received and stored are electronic rather than paper. Figuring out what to do with them is something most executives want to delegate as far downstream as possible. After all, why should senior management care about where old e-mail messages are kept, what computer systems are being used, and what that new employee in IT does?

The answer is simple: If the company is involved in civil litigation or investigated by a government agency, failure to have a plan to appropriately preserve and manage electronic information and documents can result in huge monetary fines, paralyzing civil liability, and, at its most extreme, criminal charges. The responsibility for a comprehensive plan for handling and preserving electronic information is a serious issue--and it starts at the top. If you're not already protecting your company, consider these tips that can be used as a starting point for valuable self-assessment and planning.

Decide what to keep.

For each business type, it's critical to not only be aware of the applicable law, but also understand the types of information that must be kept pursuant to the law. Designate an information/ record retention officer to create, maintain, update and disseminate schedules of legal and regulatory record-keeping obligations for all the departments within your company. Set up retention schedules and periodic purging dates. Destroying information consistent with such a schedule can be both prudent and economical.

Understand your IT infrastructure. Understanding the information technology infrastructure of your business is another key starting point for developing an approach to managing information. The best way to do this is to conduct an IT audit, which may include:

* Mapping the IT infrastructure to show how computers are networked, including all servers, firewalls and routers with host name, IP address and purpose of the server written in plain English.

* Identifying which IT personnel have primary responsibility for each system.

* Knowing the physical location of data.

* Ensuring employees understand backup procedures,

Know when the obligation to preserve begins. In several recent high-profile corporate fraud prosecutions, businesses...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT