Posted on May 15, 2018 by TURNER PADGET LITIGATION TEAM
Keeping documents has never been easier or cheaper. Cloud storage has opened up nearly infinite room to save digital files and data indefinitely. However, just because you can save documents conveniently doesn’t mean it’s always a good idea. While storage is relatively inexpensive, the risks related to retaining unneeded records can be costly.
If your business documents have been stacking up in the absence of a formal retention plan, it’s time for a spring cleaning. Don’t have a retention plan? All businesses should have one.
Here’s where you can start:
Know Your Data
Understand and identify all types of documents that are used in your business. Many documents likely have legally mandated requirements for retention and disposal. Employers must keep payroll records for three years under the Age Discrimination in Employment Act of 1967 and the Fair Labor Standards Act, which also requires employers to hold on to employee evaluations and some other records for two years. The Occupational Safety and Health Administration requires that records of employee injuries be kept for five years, with some exceptions. Legal counsel can help organize a document retention plan to keep your business in compliance.
Many documents, including emails, do not have to be kept indefinitely, but you can run into problems if you dispose of them selectively. A policy that is applied consistently across the company takes the guesswork out of retention for your employees. Your IT administrator should be able to set up a program for automatic deletion after a certain time.
However, everything changes if you think you may be involved in a lawsuit. Consequences can be severe for businesses that are too quick to dispose of documents. Regulatory agencies and courts may impose significant monetary sanctions when documents are destroyed improperly, and judges may instruct juries to assume that missing documents would have proved the other party’s case.
Recognize the Risks
State and federal agencies have viewed the protection of consumer data with increased scrutiny following a series of high-profile cyber breaches. South Carolina’s Financial Identity Fraud and Identity Theft Protection Act places requirements on how businesses collect, maintain and dispose of consumer data. Additionally, federal rules require financial institutions to ensure the security and confidentiality of consumer information, including income data, credit history and Social Security numbers. Any documents you store should have appropriate security in place.
A hidden cost can emerge if your business is involved in litigation: Combing through documents to satisfy discovery requests – which may require redaction and many, many hours of hands-on time – is expensive. The more documents saved, the costlier this process becomes.
Ultimately, which documents your business keeps should be determined by a policy designed with compliance and risk avoidance in mind, rather than the capacity for electronic storage. Ask a lawyer for help in crafting a document retention policy that minimizes your legal exposure.