Millions at stake
Read
Have you ever lost sleep wondering if your company is complying with its document retention policy?
Would the answer be different if you knew there could be millions of dollars at stake?
In 2002, Fluor Daniel, Inc. was ordered to produce relevant email communications of thirty-seven employees who worked on a project with Murphy Oil USA, Inc. The defendant’s email retention policy required it to dispose of backup tapes after 45 days. However, the policy was never enforced and 93 backup tapes were preserved for the litigation. These tapes included approximately 2,325,000 emails from all the defendant’s 600 employees. The court ordered the defendant to pay the costs of restoring and printing the emails, estimated at $6.2 million.
If only Fluor Daniel had complied with its own document retention policy! As many litigants know all too well, Fluor Daniel isn’t the only company that has paid the price for not following its document retention policy.
In today’s environment, electronic information is the driver of every business. Email can facilitate discussions between employees and help them reach decisions. A scanned document can be legally binding. An electronic report forecasting future buying trends can affect the strategy of a business. Electronic records allow for more efficient operations.
Unfortunately, poor information management practices increase costs and risk for a company, not only in litigation, but also in regulatory investigations (including privacy violations) and operational performance. To bridge this gap, business, legal and IT departments must come together to address these challenges.
Document retention policies have become a hot topic thanks to court decisions penalizing well-known companies and their attorneys for mishandling their electronic records. Even when documents have not been mishandled it can be costly to implement appropriate litigation holds. Because of these costs, handling records has become a priority.
But document retention policies are not a new concept. Most companies have some form of records management program which includes retention policies. These programs range from ad-hoc procedures which rely on an employee’s individual judgment to formal enterprise-wide written policies.
Lack of compliance with existing records retention policies and failure to update them are causing serious issues for companies and counsel. In many companies, some employees keep records or emails indefinitely while others delete everything. A typical company might keep thousands of boxes of old paper files in off-site storage, hundreds of back up tapes, and [2] of electronically stored information (emails, voice mails, text messages, and office productivity files) on their networks. This could translate into a loss of time and money in searching for records, excessive storage costs, loss of evidence, privacy breaches (exposing a company to fines and unfavorable publicity), and court sanctions (adverse inferences, monetary penalties and possibly even criminal obstruction of justice charges).
What’s your situation? Do you have a document retention policy – and is it enforced? Join the discussion.
Please join our June 17th seminar:
Don’t Let Your Records Knock You Out: Document Management Policies.
Jorge Rey, CISA, CISM, is a Cybersecurity & Compliance Principal at Kaufman Rossin, one of the Top 100 CPA and advisory firms in the U.S.
[…] One, Millions At Stake, documented why it could cost your company literally millions if you weren’t complying with […]