Migrated from eDJGroupInc.com. Author: Barry Murphy. Published: 2010-05-25 19:53:32Format, images and links may no longer function correctly. Since the amendments to the Federal Rules of Civil Procedure (FRCP) went into effect in December 2006, organizations have struggled to effectively manage information in a manner that makes eDiscovery efficient. There was an assumption at the time that we could just extend records management policies to the rest of our information and solve the problem that way. But, records management is complex; corporate file plans are often well over 1,000 categories deep – how can employees be expected to classify every single document, email, or other information asset into a file plan category? The key is to make reasonable efforts to set retention policies for all content, and let records be classified by the experts into the file plan.
But, setting retention policies on non-record content is no easy task. There are information assets that are not corporate records, but may be important to a specific employee and help make their job easier. Maybe I want to save an email about an interesting idea a co-worker had. Is it a record? Probably not, but I know I’m going to be frustrated when the time comes to remember the idea, but the email is gone thanks to my 90 day and delete policy on email. In my experience, organizations err on the extremes with retention policies, especially for user-generated content like email. They either keep it forever or get rid of it too quickly. It’s okay to have a 90 day and delete policy, but only if there is a way for the employee to designate certain emails for longer retention. And, the mechanism for retention should not be a personal archive, it should be a centrally managed system – otherwise, eDiscovery becomes a nightmare.
So, how can we get started on setting retention policies? Sometimes, initiatives die simply because it seems so hard to agree on what the policies should be. The key is to align policies with value via information classification. Information assets are valuable either because external rules say that an organization must keep the asset for a certain number of years or if the asset is knowledge or corporate intellectual property. Who knows if the asset is valuable? Employees know – and so there must be easy ways for them to manually classify those assets (drag-and-drop into folders, buttons integrated into content creation tools, etc). However, there also must be some usage of automated classification (whether based on keywords or other content analytics tools). The problem with user classification is that it is inconsistent (I classify a marketing update in my marketing folder one day and in my folder about company updates the next, for example) and impossible to expect employees to have the time to classify everything that comes in front of their eyes.
When it comes to automation, don’t immediately assume that some magic box is going to be responsible for all classification. It’s possible to automate in more simple ways. For example, I’ve worked with clients that have a list of “hot” keywords that indicate that an email is probably important. Those emails are then tagged with metadata based on the presence of the keyword and the metadata tags drive the application of a specific retention policy. It’s all about baby steps – some organizations do have advanced content analytics in place for classification. Most don’t, however, and we all need to start somewhere.
Another challenge for organizations when setting retention policies is the desire to get too granular. If anyone is going to classify an asset, they aren’t going to spend 10 minutes figuring out which folder they should drop it into. With email, for example, give employees three buckets with varying retention periods (3 months, 1 year, 3 years). There will be a need to do more classification on corporate records, but that is what records management groups do best – let them worry about the most important information assets.
One last point about retention policies – no matter what kind of policies you have in place, they are no good without a good legal hold process implemented and enforced. That means not only doing notification and tracking, but also locking down content without just relying on the custodian to hand over their materials cooperatively.
Retention management is hard, but it’s necessary. Good efforts will reduce eDiscovery costs and will have ancillary benefits like storage optimization and smoother knowledge management processes. Shoot us a note if you need any help getting started.