• Home
  • /
  • Publications
  • /
  • 2012
  • /
  • Risk Management ? Record Retention Policies ? Electronic Data Changing The Way the Game is Played.
Search Publications

July 2012

Risk Management ? Record Retention Policies ? Electronic Data Changing The Way the Game is Played.

Every business entity needs to have and enforce an appropriate document/data retention/destruction policy.  The ever-increasing use of electronic information makes such a policy more important than ever, especially if subsequent litigation develops.  The nature of that policy, vigilance of its enforcement, and suspension to avoid destruction of evidence may have significant implications in litigation when documents are not produced and charges of evidence spoliation are raised.

A document retention policy is simply a company's procedures for the preservation and non-preservation of information. This includes traditional records and documents, as well as documents or information stored in electronic or other formats, including e-mail, text messages and information stored on mobile devices – think Smart-phones, iPads and lap-top computers. Retention policies address the life cycle of a business' records on all computer devices from their creation, through storage and destruction.  Our ever-changing mobile-data driven business models require a record retention policy that recognizes and meets these changes.

Retention policies should be custom-made to fit each business' needs. There is no one-size-fits-all plan. Policies vary from industry to industry and from company to company. State and federal laws may mandate the retention of certain documents. Companies doing business outside the United States must comply with foreign laws. Contractual relationships may also require the retention of certain documents.

Different kinds of documents must also be treated differently and have differing retention periods. For example, records concerning employee retirement plans must be maintained indefinitely, while e-mail may be disposed of more quickly. Last, but not least, a company must obviously retain the documents it needs to operate. All of these factors, and more, must be carefully evaluated in creating a business' retention policy.

Once a business no longer needs a document and its retention is not otherwise required, it should generally be destroyed. It is permissible to destroy documents, including deleting computer files and shredding documents, unless at the time of the destruction there was a duty to preserve them. Retaining such documents is a needless expense and liability exposure if .

Document retention policy can be critical in positioning a business to effectively and efficiently defend against future lawsuits. In litigation, this may benefit a company in several ways. First, a retention policy allows a business to justifiably dispose of unneeded documents while retaining and managing only necessary documents.

A retention policy also helps to hold down litigation costs. In litigation, if one party makes a discovery request for certain documents, the other party has a duty to conduct a diligent search for documents in its custody that may be responsive to the request. The more documents there are, the more time consuming and costly the search and production. Imagine the expense of having attorneys comb through filing cabinets full of documents and tens of thousands of e-mail that were needlessly kept. In a recent case, a business sought protection from the court to avoid having to do so. The court denied the request, stating that the company chose to store the information, and it would have to bear the cost of producing it.

The following is an example of the basic steps needed to create and implement an effective document retention policy:

  • Inventory all documents generated or received by the business.
  • Survey all laws, regulations, or other requirements mandating retention of documents.
  • Evaluate business needs for document retention and the cost of retention
  • Categorize documents into compliance groups.
  • Evaluate potential impact of retention or non-retention on future litigation.
  • Create a written retention policy taking into account the foregoing considerations.
  • Implement the policy.
  • Periodically audit compliance.
  • Periodically evaluate and update the policy.

A well-designed policy must also require the cessation of document destruction upon notice of a pending lawsuit or governmental investigation. As the Andersen investigation illustrates, failure to do so can have serious consequences. Destroying documents with notice of a pending governmental investigation may give rise to criminal liability. In civil litigation, such destruction can give rise to arguments that harmful evidence was intentionally destroyed. If a court believes documents were intentionally destroyed when an investigation or the litigation was anticipated, it may instruct the jury to presume the worst about the content of those documents (see California Forms of Standard Jury Instructions, BAJI 2.03). Thus, a completely harmless memorandum could become a "smoking gun." A court may also sanction a party for abuse of the discovery process for destroying documents with notice of potential litigation (California Code of Civil Procedure § 2023). These sanctions may include ordering that the party pay fines or attorneys' fees, ordering that certain facts are deemed admitted, and even entry of judgment against the offending party. Attorneys participating in destruction of evidence are also subject to discipline by the state bar.