Data, data and more data, is there such a thing as to much data? If so, what should you keep? What should you get rid of? How long should you keep personal and corporate information and then sometimes litigation processes are won or lost based on what you have or might not have? Let’s explore some of the things you might want to keep and some of the things you are just storing for some unknown reason and should just simply get rid of.
So why do we keep so much data? In our digital world, one of the biggest reasons is that it is easy to do! Technology gives us many options when it comes to storing data such as; external drives, flash drives, CD’s and cheap and easy cloud storage so, why not keep everything? These cheap and easy storage methods give us the security blanket of thought, you may never know when you are going to need something so let’s just save it all. However, finding it when you need it might be a bigger challenge. Some of the other reasons we keep data is for tax purposes, to save time finding receipts, in case of an emergency, litigation and ownership records. All these are valid reasons but there should be a limitation to how long you should or want to store all these historical records.
In the corporate world it can become a little more complicated question but just as important. Storing mounds of electronic data or paper data can become expensive and finding it in a sea of data can be even more difficult, so having a plan on what you are storing and how long to keep it is simply a matter of planning and strategy. The real first step in planning should be to take a hard look at the type of data you are storing. Items such as form letters, letters of general inquiry, and employee certificates will have a far shorter lifespan then tax returns, real estate transaction documents, and business incorporation documents. Then, there is the legal questions of the types of data you are storing, such as medical information so, you have to check if there are any legal statutes based on the type of business you are that may determine how long you must by law retain records.
There are software packages that can help you organize your data which will also help you determine the lifecycle and purging processes of the data. In smaller organizations you might be able to manage this through a good file and folder structure and then managing the retirement of those folders on a regular basis. In a larger organization having an electronic document workflow software package is going to be required if management of revision and lifecycle is important to you.
Writing a data retention policy can be a confusing document to write. A common mistake is that companies have the IT department write it when reality based on some of the legal questions around how long to keep and store data, this isn’t the best idea. Retention policies actually become more of a legal document than an IT policy or procedure, so you might be better severed having your legal counsel draft this process rather than your IT person. In the development of a data retention process you have to first develop a set of criteria that data is going to be measured in order to determine if it is to remain live, be archived or destroyed in some cases. Starting with the simple parameters like the age of the document, the type of document, and the legal impact of the documents will start you down the road of segregating the data into categories such as keep live, archive or destroy.
Part of your retention policy must include email and this is one area where people feel that they must keep everything that someone sends them. The reality is statistics say that only about 3% of stored email will ever be accessed again. That doesn’t lessen the value of the data and that comfort zone of knowing that somewhere I have that one email that will keep me out of court. The problem with email is literally finding the data when you need it. Employees come and go, mail gets archived to various network locations and combined with other email boxes. There are many good mail archiving products on the market such as the Barracuda mail archivers, and now Microsoft Exchange 2016 has the archiving server processes. These products can help you capture, store, organize and find email when you need it and can help you with documented work processes that will meet regulatory needs.
When it comes to data retention practices it can be a big job if your data doesn’t already have some kind of structure. It can seem overwhelming and it is going to be a step by step processes which may require changes in operations and culture in order to organize and bring structure to what can seem like run-away data. In some cases the best place to start is by going through a process that will identify duplicate files on workstations and the network and elimination of those duplicate files. Then, moving to email and so forth and so on. Legal and regulatory rules in some cases are going to have to be considered in order to determine what can go and when and what must be kept forever, and for the stuff that must be kept forever how are you going to store it and protect it, then find it when you need it.
About the author: Scott Lewis is the President and CEO of Winning Technologies Group of Companies. The Winning Technologies Group of companies is made up of Winning Technologies, XpressHost, Lingo Communications, and Investigative Protection Services. Scott has more than 27 years of experience in the technology industry, is a nationally recognized speaker on technology subjects such as Collocation, Security, CIO level Management, Data and Voice Communications and Best Practices related to the management of technology resources.