Legal holds, tax audits, regulatory investigations are all easy and obvious justifications for suspending normal retention rules and keeping records longer than specified in the Records Retention Schedule.
Business functions or units are also given the opportunity to review the list of records due for destruction and determine whether those records can in fact be destroyed per the RRS. This implies that there may be business reasons to retain records longer. Besides the obvious ones above, does anyone have any specific criteria for acceptable reasons to suspend destruction protocols?
Would retention to take account of audit cycles such as tax audits, not be taken account of in your retention rules?
HJBS Ltd GLASGOW
We include internal investigations in the list of events that might halt destruction.
We no longer ask the BU permission to destroy information with a fixed retention period. We do consult with the BU on event-based retention items to ensure the triggering event has occurred. Best,
MassMutual Financial Group
Hello If content comes up for ‘review’ rather than automatic destruction, some records may be movable to other record sets. Here are two reasons that are fairly common:
a) Of historical interest. E.g. demolition of a town-centre office block, the photos, video or other collateral might be deemed noteworthy for future users or readers especially if it has social interest, landscape significance etc. The demolition man might just think, “Job done, delete”.
b) Knowledge capture from expired projects. Move records, e.g. ‘lessons learned’ to a more enduring functional folder for knowledge capture, and possibly keep other assets such as business case, design artefacts etc, again for KM purposes.
There are other reasons other than Holds, often identified uniquely (?) to each circumstance but giving these two examples enable the user community and information asset owners to start thinking of alternatives to just ‘destroy’. We have seen retention schedules state e.g. ‘Destroy all project files 5-yrs after project close’ without pausing to extract ‘knowledge’ or ‘lessons learned’.
Cheers, John S
IKM Solutions Ltd
I definitely agree with John’s point “a”. Have a bit of an issue with point “b” however. I have found that, particularly with ‘project’ documents, so long as the retention period is of a reasonable length based upon the velocity of projects in the industry and company at question (such as the example 5 yrs.), lessons learned and business case and similar document types, are of little to no value as technology, industry and many other factors that were force vectors in the project at-that-time, have changed enough to give the knowledge in the content low to no current/future applicability.
I have seen this in IT projects, construction/major projects groups, business re-eng, etc.
One worthwhile exception would be to delete any emails containing malware rather than retaining per email retention schedule, so that you can purge/lockdown or otherwise render such malware emails harmless.
American Medical Association
I like Allen’s suggestion to purge e-mails that contain malware, regardless of the retention schedule.
This you may want to retain longer are items of historic value to the company. For example, the first policy sold, the invoice for the sale the put the company over $million for the first time, etc. Such records should be moved out of the standard records system and into an archive designated for historical items.
Ken makes a good point. Our records retention schedule includes the typical records that are to be sent to the AMA Historical Archives.
American Medical Association
One thing I would note, would be to ensure that any criteria identified for suspending retention rules should be explicitly stated in the RRS or your Records Management Policy to avoid ambiguity and / or ‘loopholes’ allowing users to keep records which should be deleted.
About 2 years ago we did an information management study for a Petro Chemicals company in the UK. They had spent a significant amount of time creating a pretty comprehensive RRS.
At the bottom of the RRS it stated: ‘Document Owners may bypass retention requirements where they believe the records may be of some use’
In one sentence they pretty much invalidated their entire RRS and gave everyone the green light to declare their information
was of ‘some use’ and therefore not have to worry about the destruction / deletion of records and information. In my experience, give users a ‘loophole’ such as this and it will be exploited to the maximum.
Agree with Paul. We have any exceptions explicitly stated in out RRS.