A document retention policy is in reality a document destruction policy. Therefore, a key reason for an organization to adopt a document retention policy is to establish a program for the deletion/destruction of information that is not required for business, regulatory and other needs. This reality is made necessary by the fact that digital information is growing at an unprecedented rate and that much of it is contained in “unstructured” storage such as email, SharePoint and shared network drives. Data hoarding not only increases direct information technology costs but it presents other substantial risks and costs to an organization ranging from discovery of “smoking gun” documents during investigation, litigation or audit; to reputational damage from information security breaches (hacking).Read More
In 2005 the ABA Business Law Section published a short book titled, Sailing in Dangerous Waters: A Director’s Guide to Data Governance. It warned in stark terms:
Those Directors who defer or delegate to specialized personnel their understanding and command of data governance will be at increasing risk of incurring personal liability for failing to fulfill their fiduciary duty of care to ensure that their companies comply with rapidly emerging legal requirements concerning deficiencies in data governance.[i]Read More
Gartner defines Information Governance as an accountability framework that includes the processes, roles, standards, and metrics to ensure the effective and efficient use of information in enabling an organization to reach its goals. One of the core requirements of a legally defensible Information Governance program is a reasonable and consistently applied Records & Information Management system (“RIM”). Accountability and defensibility hinge on the ability of an organization to govern its information in all formats and on all media, and to ensure or prove that it is compliant with all legal requirements.