(Disclaimer: Tech Experts is a great IT service and repair company…. But, we’re not attorneys. All of our recommendations are related to products and technology. The following article is meant to provide you with a broad overview of the issue at hand. By no means, should you rely on this article as final legal advice. For that, we suggest you contact your attorney. Portions of this article are adapted from a whitepaper published by Inboxer.)
There has been much news coverage lately about a new federal court ruling concerning email, electronic communication, and electronic document retention. IT managers, business owners and legal professionals are asking us every day: Do we really need to archive everything?
The short answer is maybe.
This entire issue centers upon an entity’s ability to produce “electronic communications” in the event of a lawsuit, other civil proceeding, or criminal action. Current regulations and generally accepted court rules don’t specify what you have to keep; rather, they specify what you have to produce (and how quickly) if you’re a party in a legal proceeding.
And that presents a huge complication. Do you simply store a copy of everything, for ever? Or do you selectively pick and choose what you think may be important in the future? Storing everything would take tremendous amounts of space, so selective storage sounds best at first. The hard part with selective storage is in knowing what might be important one, two or five years in the future.
The good news is that cost of magnetic storage has been declining at a rate of 45% per year since 1989. The cost of a terabyte of data, enough storage for 2000 scanned file cabinets, is expected to drop from $420 in 2005 to just $70 in 2008, according to Berghell Associates.
What do you need to save?
Requirements vary by industry, geography, and company type. Your attorney is probably aware of all of the requirements for your company. Here is a sample of mandated requirements:
- Sarbanes-Oxley requires accounting firms to keep records for seven years after an audit.
- HIPAA requires health care organizations to keep patient data for six years.
- Brokerage trading account records must be kept for six years after the account terminates.
- Medical records may need to be kept for two years after a patient’s death.
The first obligation of any electronic communication or document retention schedule is to preserve items as required by government agencies.
The new Federal Rules of Civil Procedure protect companies when they delete electronic records as part of “routine, good-faith operation.” Unfortunately, the phrase “routine, good-faith operation” is not defined. The authoritative Advisory Committee on Civil Rules said that an entity would usually be protected if it took “reasonable steps to preserve the information after it knew or should have known the information was discoverable.”
Clearly, the advice indicates that companies are not protected just because they follow a regular retention schedule. The length of the retention period must consider the relevant statutes of limitation and company contracts.
For example, Louis Testa, a truck driver for a fish wholesaler, unloaded a shipment at a New Hampshire Wal-Mart store. Testa slipped on some ice and snow that covered the dock ramp. He complained to a Wal-Mart employee on the dock at the time, but Testa did not take action for more than two years.
Wal-Mart routinely destroyed its records on the event in accordance with its two-year retention plan. However, the New Hampshire’s statute of limitations on personal injury was three years.
Testa filed suit after two years had passed. Wal-Mart could not produce evidence that it said included instructions sent to vendors informing them not to deliver merchandise that day. Wal-Mart lost the case (Testa v. Wal-Mart Stores). Wal-Mart had an obligation to keep messages as long as a suit could have been filed. If the retention policy had been three years for business-related documents or for ones where a complaint was made, there would not have been a problem.
Using the same logic, companies should identify the length of any contracts that might be contested in a court case. Emails may explain what was intended when the contract was written.
The issue is that deleting messages or electronic records may mean that you do not have access to evidence in a timely way and that any related messages that you could use for defense are not available.
It is a good idea to review the lengths of any key contracts and the statutes of limitation where you do business. It may be possible to delete messages after the time period expires.
Companies need to decide how much effort they want to put into managing retention. They can archive email forever, keep messages for the longest mandated retention period or statute-of-limitations time, or analyze each message and apply the appropriate time period.
- Work with your legal counsel and be sure to keep the following in mind:
- Preserve email and electronic records as required by government agencies for compliance review or for other regulatory and statutory reasons.
- Maintain messages for the time period of any statutes of limitation or contract period.
- Minimize storage and legal costs by minimizing the documents to be reviewed by legal teams: (1) spam, (2) duplicate messages, (3) system notices, and (4) personal mail.
- Deploy systems that pre-categorize and pre-index messages to reduce legal costs.
The “Legaleze:” Summary of Rules 26, 34 & 37
Rules 26 and 34 define what constitutes electronically stored information and requires early conference between parties during which information systems and data locations must be detailed.
Under this rule, a responding party should produce electronically stored information that is relevant, not privileged and reasonably accessible.
A party need not provide discovery of electronically stored information that the party identifies as not reasonably accessible because of undue burden or cost.
Nonetheless the court may decide to order discovery from such sources if the requesting party shows good cause.
Rule 34 confirms that discovery of electronically stored information stands on equal footing with discovery of paper documents.
Rule 34 permits the requesting party to designate the form or forms in which it wants electronically stored information produced.
The rule recognizes that different forms of production may be appropriate for different types of electronically stored information.
The rule therefore provides that the requesting party may ask for different forms of production for different types of electronically stored information.
Rule 37 specifies when a party is permitted to dispose of electronically stored information by exploiting routine operation of an information system and when a party is under a duty to preserve information because of pending or reasonably anticipated litigation – “Litigation Hold”.
The complete description of rules governing discovery of electronically stored information and committee notes may be accessed by visiting the following link: