The Library of Congress might talk about its 235 terabytes of data, but some U.S. companies already have it beat—try petabytes, literally thousands of terabytes of data. If your company has more than 1,000 employees, you’re no doubt in the petabyte world. As the cost of servers and digital memory decreases, the amount of data created and stored by businesses increases at staggering rates.
Lots of data can mean only one thing when it comes to litigation: crippling discovery costs. One of the leading document review tools had a 100 percent increase in the number of documents hosted from 2010 to 2011, from fewer than 5 billion to nearly 10 billion. When faced with this explosion of electronic data, your first and best line of defense in limiting discovery costs is having a well-drafted document retention policy and following it to the letter.
Elements of a good document retention policy
First and foremost, your policy must be tailored to the regulatory regime in which your company operates and also to the needs of your business. Highly regulated industries have very precise standards that they must meet with respect to certain types of documents. Banks, for instance, are required by federal statutes and regulations to maintain customer account data for seven years. Broker-dealers, financial institutions, the health care industry and certain segments of the energy industry, among others, need to pay particular attention to the regulatory requirements of their sectors and tailor their policies to those requirements. All companies should keep tax records in accordance with Internal Revenue Service (IRS) dictates.
If your company does not operate in highly regulated industries, the guidelines are more flexible. Documents should be retained for the duration of their useful life—and no longer. There is no magic formula for determining the useful life of a document. In some companies, emails are useless the day after they are sent (assuming, that is, that the 10 emails required to schedule one meeting were ever “useful”). In other companies, emails may constitute critically important records, necessary for documenting the entity’s operations, management and oversight.
As a rule of thumb, documents regarding the corporate form and structure should be retained forever. Contracts should be retained for seven years (the typical statute of limitations for breach of contract). Documents related to a particular contract or project should be retained for the duration of that contract or project, or until the retention period expires for the documents reflecting the agreement. Most other materials, such as drafts, should be retained for a maximum of two years, barring some reason why they should be retained for longer.
Setting retention periods requires extensive discussions with senior management and employees of all levels to understand how and why certain records are used in the company. The policy must allow employees to keep the documents necessary to do their everyday jobs, while getting rid of superfluous documents and data.
The hard part: Following through
A well-drafted document retention policy is only as good as its implementation. Executing the policy requires support from a corporate records management program and a well-trained information technology group. The records management officers (who likely will wear other hats as well, unless the corporation is very large) must conduct regular trainings on the policy and circulate periodic reminders of the need to dispose of records as they reach the end of their useful life. A successful program will have records managers who do not scold employees for retaining more documents than necessary, but rather partner with them to determine what to keep and what to dispose of.
The information technology group must provide technical support, including monthly email purges and regular data deletions. To effectively perform this function, you must have a comprehensive data map of all of the company’s data, including both active data and data archived on backup tapes or other media. The retention period is defined by the content of the data, not the storage device. In other words, if an email should have been deleted years ago, it should not be retained for longer simply because it resides on a backup tape.
Benefits and challenges
The single greatest benefit to having, maintaining and following a document retention policy is that you will have fewer documents to review and produce in the event of litigation. If you do find yourself in litigation and relevant documents reached the end of their retention period and were disposed of, courts are unlikely to impose spoliation sanctions. The need to manage documents and data is almost universally recognized as a valid reason for destroying documents —provided the destruction was carried out in accordance with a well-documented, regularly followed program and was not done for the sole purpose of eliminating relevant evidence.
The single greatest challenge is knowing when to suspend routine document destruction in light of pending litigation. The Federal Rules of Civil Procedure, their state analogs and the Zubulake line of cases all make clear that when a party reasonably anticipates litigation, it has a duty to suspend regular document destruction and retain relevant data. This objective standard can be triggered even before a complaint has been filed. Failure to issue a litigation hold can result in exactly the spoliation sanctions you were seeking to avoid.
Establishing and maintaining an effective corporate records management policy is not a glamorous undertaking, but it is a necessary one. There are not many instances where the old adage that an ounce of prevention is worth a pound of cure is literally true, but in this area failure to manage your documents efficiently can break your litigation budget.