Addressing And Managing The "Email Problem" With Records Retention And eDiscovery

11 September 2013 IT-Lex Technology Law Publication
Authors: Chanley T. Howell

IT-Lex Technology Law

As a result of the explosion of email over the past five years, email has become a major issue for companies when dealing with records retention and eDiscovery.

What makes email different? A number of factors.

Most prevalent is the sheer volume of email. Unlike several other types of electronic records (e.g. Word, Excel and PowerPoint files), email is used in large part for conversations involving multiple replies and recipients. Email is extremely quick and easy to create. This results in a very high number of separate emails on a single topic of conversation. When dealing with eDiscovery requests, each separate email must be dealt with. While automated technology can assist, to the extent the human element is required, the processing and resource time can be multiplied exponentially as a result of the number of separate emails dealing with a single topic or conversation.

Another differentiating factor adding complexity to email is that it is rarely organized in any cohesive manner. While Word, Excel and PowerPoint are often managed in a document management system, or at least folders, the same cannot be said for email.

How can companies reduce the costs and risks associated with email without investing in an expensive email management application?

Adopt and implement a simple and easy to understand email retention policy.

When email was in its early days and the volume of email was manageable, companies often treated email like paper records when it came to records retention. The records retention policy stated that employees should determine whether an email was a record which needed to be retained, and if so, determine which records category the email fell into and apply that retention period. Thus, an email relating to an HR matter may be retained for five years, but an email relating to an accounts payable for three years.

Given the volume of email today, this approach no longer works. Thus, companies with successful email management and retention strategies typically use a single email retention period (e.g., three to five years), allowing for limited exceptions where required under applicable law or for legitimate business reasons. While emails often have attachments which will need to be retained pursuant to the company’s retention policy, the attachments should be retained in a separate location – where the particular type of record is ordinarily maintained – and not in a user’s inbox for other email folders.

For most companies, a single retention period will typically be appropriate for most (e.g. 95%) of all emails. A company can consider exceptions to the baseline period for certain critical business functions and personnel. For example, a company that adopts a three year base retention period may want to consider a longer retention period for human resource related emails as necessary to comply with state and federal retention requirements which may be longer, or because such emails are more likely to be needed for the defense of claims which may not be asserted within the initial three-year period.

Companies can consider exceptions or a different retention period for key personnel, such as senior management. Legal hold exceptions and requirements will apply to emails just like any other record. Accordingly, the company will need to have procedures in place to segregate emails subject to a legal hold to avoid destruction through operation of the normal email destruction process, whether handled by the IT department or individual users. Finally, a legitimate business reason exception can be appropriate for retaining emails longer than the baseline retention period. However, this exception should truly be an exception, and used rarely only under appropriate circumstances. For example, email relating to a contentious merger may be appropriate for longer retention, but the legitimate business reason exception should not be used as a frequent end run around the baseline retention period.

A simple and easy to understand email retention policy can help companies cope with the increasing difficulties presented by email in responding to the eDiscovery request.

View This Blog

Insights

Bad Holiday Season News! Estimates of an increase of Cyberattacks 20%!
13 December 2019
Internet, IT & e-Discovery Blog
Driving the Future of Automotive Technology
12 December 2019
Manufacturing Industry Advisor
Massachusetts Governor Proposes Facility Fee Ban
12 December 2019
Health Care Law Today
American Rule Prevails; PTO May Not Collect In-House Attorneys' Fees as "Expenses"
12 December 2019
IP Litigation Current
ACCC 46th Annual Meeting & Cancer Center Business Summit
04-05 March 2020
Washington, D.C.
Foley/Deloitte Compliance and Privacy Officer Roundtable
27 February 2020
Boston, MA
Let’s Talk Compliance
24 January 2020
Orlando, FL
New England Alliance Annual Meeting
15-17 January 2020
Woodstock, VT