So now comes the million dollar question and one of the biggest information management challanges IT administrators face: What data to keep?
So where do you begin? It really depends on who you ask and a lot of it goes back to the what is driving your organization’s compliance and email policy as mentioned in Part 1 and Part 2 of this series. Questions to always keep in mind include, are you looking to delete documents or use an email archiving system? What is driving your decision (federal/industry regulations, storage management, etc.)? Only a true understanding of your retention policy will help you make that call. When considering what data needs to be kept, consider the following questions:

  • Is the retention policy driven by the age of the documents? If so, what are the date values, when the document was first created or when it was last modified?
  • Is the policy driven by the contents of the documents? Maybe you are looking for certain keywords or phrases that must be kept because they contain confidential information.
  • Policy may be determined by where the document exists in the mail file (inbox, sent or a personal folder). Are there going to be “protected” folders that users can place documents in that will not be archived?
  • Who needs to be included and who can be excluded from the policy? You may determine that only certain departments or groups of people apply to specific policies. Therefore, you’ll need to address their information differently. Some users may not fall under any compliance laws, and you’ll be able to take a more aggressive approach to managing their email.

Your legal team really needs to look at your industry and determine if there are any federal regulations that are driving your policy. If there are not, then you have some more freedom surrounding your compliance and email options. If federal regulation does apply, then you need to figure out how the regulations apply and ensure the correct documents are kept.

Either way, having a well documented policy and being able to prove the policy is being followed to the best of your knowledge will help your organization’s policy is ever challenged in court.

Stay tuned for Part 4, coming soon.