Skip to content

5 Ways to Build a Better Retention Policy

by on May 10, 2011

In my post last Tuesday, I gave four good reasons why you need a current, consistently enforced data retention policy. Now that we’re all sold on why we need a retention policy, let’s look at how best to approach developing (or updating) one.

Building_plan
Here are some guidelines for creating a data retention policy that will serve your organization well into the future.

  1. Formalize it.
    Only a written, formal policy that’s consistently enforced and routinely audited will protect your organization and have a lasting effect on the way data is handled.

  2. Make it cross functional.
    From the first steps of developing the policy, involve all stakeholders—both functions that own the process and functions that own the data. Cross-functional efforts are not generally known for their speed, but having a comprehensive, fully supported policy as your outcome will be worth the time and effort.

  3. Be specific. Spell out exactly what needs to be retained, for how long and why, as well as which staff or functions within the organization will have different types of access to which data. Detail how you’ll handle data in all devices and media, from smartphones to data centers.In addition to specifying how you’ll retain data, don’t forget to include how you will ensure that data is properly destroyed once expired. Also, include how your company will handle a litigation hold in the event of a lawsuit so you don’t risk improperly purging evidence required during e-discovery.

  4. Segment your storage.
    When possible, try to store files with the same retention period together, and avoid mixing files that have different retention requirements. This approach can both keep down your long-term storage costs and make it easier to adhere to your policy’s stated retention timeframes.

  5. Keep it updated.
    Revisit your policy regularly to ensure that it reflects the types of data and media in your organization and the pace of change in your business. Your update schedule will be unique to your business needs.

No doubt, developing a retention policy that works for your business is much more complex than just these five tips. But it’s been said that a journey of a thousand miles must begin with a single step—and these guidelines will definitely get you started in the right direction on what can be a challenging (yet inarguably worthwhile) journey toward a living, evolving, comprehensive and effective retention policy.

One Comment
  1. Indeed. You can start off with these, and in time, you can work out the kinks in your system. Develop your own guidelines – it might be based from these 5 tips, but possibly different in style. Whatever it is, after that journey of a thousand miles, you would finish building a better policy.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: