The legal and commercial risks and issues to consider when managing emails



Similar documents
10 Steps to Establishing an Effective Retention Policy

Archiving UK law, regulations and implications for business

A Guide To Retention And UK Compliance Laws

Data controllers and data processors: what the difference is and what the governance implications are

The potential legal consequences of a personal data breach

Compliance in the Corporate World

technical factsheet 176

Rackspace Archiving Compliance Overview

White Paper. Improved Delivery and Management of Critical Information: Solicitors Regulation Authority Compliance

Archive Legislation: archiving in Italy. The key laws that affect your business

Security in Fax: Minimizing Breaches and Compliance Risks

DOCUMENT RETENTION STRATEGIES FOR HEALTHCARE ORGANIZATIONS

archives: no longer fit for purpose?

Align Technology. Data Protection Binding Corporate Rules Processor Policy Align Technology, Inc. All rights reserved.

Heslop & Platt Solicitors Limited

Clause 1. Definitions and Interpretation

E-Discovery: The New Federal Rules of Civil Procedure A Practical Approach for Employers

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Archiving, Retrieval and Analysis The Key Issues

Office of the Chief Information Officer

LEEDS BECKETT UNIVERSITY. Information Security Policy. 1.0 Introduction

Data Protection Act Guidance on the use of cloud computing

WHITE PAPER. Deficiencies in Traditional Information Management

CORPORATE RECORD RETENTION IN AN ELECTRONIC AGE (Outline)

CONSULTATION PAPER NO

INTERNATIONAL SOS. Data Protection Policy. Version 1.05

Who s next after TalkTalk?

Dean Bank Primary and Nursery School. Secure Storage of Data and Cloud Storage

Considerations for Outsourcing Records Storage to the Cloud

Archive Legislation: archiving in the United States. The key laws that affect your business

HOW TO HANDLE A WHISTLEBLOWER REPORT IN THE EU

Company Profile. First Page. Previous Page. Next Page. Last Page. A Member of Harel Mallac Group

Archiving for the Financial Industry

Information Circular

Data Protection Policy

Compliance Management Systems

Information Security Policies. Version 6.1

STFC Monitoring and Interception policy for Information & Communications Technology Systems and Services

5 ways Mimecast relieves the headache of

CLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES:

ECSA EuroCloud Star Audit Data Privacy Audit Guide

CA Message Manager. Benefits. Overview. CA Advantage

Newcastle University Information Security Procedures Version 3

Leathes Prior Solicitors Terms of Business

Information Governance Challenges and Solutions

University of Aberdeen Information Security Policy

UNCLASSIFIED. UK Archiving powered by Mimecast Service Description

Align Technology. Data Protection Binding Corporate Rules Controller Policy Align Technology, Inc. All rights reserved.

(4) THAMES VALLEY POLICE of Oxford Road, Kidlington, OX5 2NX ("Police Force"),

John Partridge Solicitor t/a SME Legal Services terms and conditions

Compliance Policy ALCO recommended standard

Protection. Code of Practice. of Personal Data RPC001147_EN_WB_L_1

How not to lose your head in the Cloud: AGIMO guidelines released

FIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS

Information Security Policy September 2009 Newman University IT Services. Information Security Policy

Written evidence for the Department of Business, Innovation and Skills: a small business commissioner

GUIDE TO ACHIEVING COMPLIANCE a South African perspective

Mitigating and managing cyber risk: ten issues to consider

CA Records Manager. Benefits. CA Advantage. Overview

An Agreement dated [ enter date ] governing the conduct of Insurance Business between:

Public Consultation regarding Data Sharing and Governance Bill. Contribution of Office of the Data Protection Commissioner

Proposed guidance for firms outsourcing to the cloud and other third-party IT services

The Cloud and Cross-Border Risks - Singapore

Data protection issues on an EU outsourcing

Security Survey 2009: Privileged User Management It s Time to Take Control Frequently Asked Questions and Background

A Beginner s Guide to Information Governance

LORD CHANCELLOR S CODE OF PRACTICE ON THE MANAGEMENT OF RECORDS UNDER

Australia s unique approach to trans-border privacy and cloud computing

Cloud Computing: Legal Risks and Best Practices

Appendix 11 - Swiss Data Protection Act

Privacy Rules for Customer, Supplier and Business Partner Data. Directive 7.08 Protection of Personal Data

Privacy and Cloud Computing for Australian Government Agencies

INFORMATION TECHNOLOGY SECURITY STANDARDS

Discovery Technology Group

Unsolicited visits and surprise requests for information by the Financial Services Authority. April 2009

SCOTLAND S COMMISSIONER FOR CHILDREN AND YOUNG PEOPLE STANDARD CONDITIONS OF CONTRACT FOR SERVICES

Records and Information Management. General Manager Corporate Services

Caedmon College Whitby

St. Peter s C.E. Primary School Farnworth , Internet Security and Facsimile Policy

PRINCIPLES ON OUTSOURCING OF FINANCIAL SERVICES FOR MARKET INTERMEDIARIES

Record Retention, ediscovery, Spoliation: Issues for In-House Counsel

Processor Binding Corporate Rules (BCRs), for intra-group transfers of personal data to non EEA countries

PRINCIPLES ON OUTSOURCING OF FINANCIAL SERVICES FOR MARKET INTERMEDIARIES

TOWN OF COTTESLOE POLICY MANAGEMENT

Statement of Guidance: Outsourcing All Regulated Entities

Cybercrime: risks, penalties and prevention

Capstone Compliance Using Symantec Archiving and ediscovery Solutions

GUIDELINE ON THE APPLICATION OF THE OUTSOURCING REQUIREMENTS UNDER THE FSA RULES IMPLEMENTING MIFID AND THE CRD IN THE UK

Access to Health Records

FINAL May Guideline on Security Systems for Safeguarding Customer Information

Standard conditions of purchase

So the security measures you put in place should seek to ensure that:

University of Sunderland Business Assurance Information Security Policy

CyberEdge Insurance Proposal Form

Monitoring Employee Communications: Data Protection and Privacy Issues

Nine Steps to Smart Security for Small Businesses

A three step plan for migrating to Microsoft Exchange 2010

IT Governance Charter

Information Governance Strategy & Policy

Daltrak Building Services Pty Ltd ABN: Privacy Policy Manual

Transcription:

The legal and commercial risks and issues to consider when managing emails Change Harbour, October 2012 About Change Harbour Change Harbour Ltd is a consultancy organisation that delivers innovative strategic, technology, process, sourcing and organisational design solutions to the legal industry. Change Harbour will design the most appropriate solution for our client s needs and will then engage with the relevant technology, business process or sourcing providers to manage the implementation of that solution. By learning from commercial best practice, monitoring developments from other industries and challenging the perceived norms within the sector, Change Harbour contributes positively to the maturing of the legal support industry. For further information, please see www.changeharbour.com. About Mimecast Mimecast () delivers cloud-based email management for Microsoft Exchange, including archiving, continuity and security. By unifying disparate and fragmented email environments into one holistic solution that is always available from the cloud, Mimecast minimizes risk and reduces cost and complexity, while providing total endto-end control of email. Founded in the United Kingdom in 2003, Mimecast serves over 6,000 customers worldwide and has offices in Europe, North America, Africa and the Channel Islands. For more information, please visit or email info@mimecast.com.

Contents 03 The problem with email management 04 Addressing the problem 05 Understanding the regulatory requirements 05 Data Protection Act 1998 05 Sarbanes-Oxley 06 Freedom of Information Act 07 Understanding the legal and commercial risk 07 Email ediscovery 07 Reputation 08 Summary 09 Implementing the right solution 09 Training 09 Technology 11 Costs 12 Conclusions 2

The problem with email management With recent high profile cases, such as the News of the World hacking scandal, hitting the news headlines, the issue of email retention has quickly moved up the IT Director s agenda. Much soul searching has taken place as they ask themselves how easily they could retrieve email evidence if required to do so by a court of law. Growing e-discovery, compliance and knowledge management requirements mean that organisations must be more vigilant in demonstrating control than ever before. For law firms relied upon to advise clients in all business sectors this is particularly critical. Yet with such a large percentage of internal and external business communications performed via email, this is becoming an increasingly difficult task. In common with other highly complex advisory industries, the legal sector is a knowledge-based business. Legal departments within organisations, as well as law firms create, consume and publish huge volumes of legal and business information. It is critical that the knowledge and information relating to the management of a law firm s clients, and the delivery of legal advice to them, is managed, protected and controlled in order that: The client s intentions can be satisfied correctly in the most efficient and appropriate way. The law firm can demonstrate that their business is managed properly as required by the industry s regulating body, the Solicitors Regulation Authority (SRA). The client s intentions can be satisfied in a way that demonstrably conforms to the laws and regulations that relate to the specific business sector and jurisdiction they operate within. Historically, this has been achieved by recording the preparation and delivery of advice through the retention of physical files or through document management systems. However, in today s business environment this is no longer sufficient. Email has become an important tool in the preparation of legal advice and has replaced documentation as the primary method of delivering that advice. The use of email in business has grown exponentially over the past decade; according to various studies, knowledge workers today send and receive more than 25,000 email messages per year and it is estimated that 294 billion emails were sent in 2010. However, with so many messages sent it can be hard to find what you need; according to Mimecast s Shape of Email study just 14% of business emails are of critical importance to the receiver. This is perhaps why research also shows that workers spend one to two hours per day (25% of the working day) simply reading and managing their email. According to some estimates, 60-70% of business-critical data is, at some point, contained in email but it is often hidden among a huge volume on non-critical email. The content of a single email can therefore be critical to the success or failure of a business: It may contain information that can make a billion dollar deal achievable. It may contain evidence of a decision that could be the subject of litigation. It may contain client sensitive data that needs to be protected and kept secure. It may contain personal information that the firm is not legally entitled to retain. It is also an issue that is not adequately addressed. For example, in a recent AIIM survey: 17% of organisations captured important emails in an email management system, while 39% still use personal Outlook folders. Over 30% of organisations described their email management as chaotic. 1/3 of organisations had no policy to deal with legal discovery and 1/4 would take a month to produce email documents. 3

Addressing the problem To address these challenges and prepare for litigation and compliance reviews, enterprises - including law firms and legal departments need to incorporate email management into a standardised, policybased system that ensures all relevant messages are stored safely and in accordance with any pertinent industry laws and governing bodies. There are no hard and fast rules governing the retention of emails. It is a complex area that is open to misinterpretation and confusion. In some respects it is easier to say what effective and appropriate email retention and management is not: It is not the blanket saving of all emails forever. It is not the setting of arbitrary time limits for all messages before deletion, and It is certainly not doing nothing. A well-managed business should develop and implement policies that classify, store, manage and destroy emails in a way that is documented, complies with the appropriate regulations/laws and is consistent with that business s approach to risk management. A well planned enterprise-wide email retention policy outlines email content, sets retention and deletion criteria and provides the flexibility to accommodate litigation holds and enable appropriate role-based user access. Ideally, the implementation of the policy will be automated and include an archiving and retrieval engine that enables the business to locate messages in a timely and cost-effective manner. By having a policy and implementing it effectively, organisations can theoretically reduce email e-discovery costs, improve regulatory compliance, improve access to information, reduce the risk of litigation and improve IT performance without increasing costs. In summary, there are four main areas that are critical to implementing a successful policy: The relevant regulatory requirements must be understood; this is not easy as the regulatory framework can complex and confusing. The legal and commercial risk around the management of email must be understood. The appropriate processes must be put in place to manage the policy. The right technology needs to be in place to support the policy without introducing prohibitive complexity and cost. 4

Understanding the regulatory requirements It is critical that all email retention policies incorporate the requirements of the mandates governing the industry in which an organization operates. There are many common regulations to consider: Data Protection Act 1998 What is it? The Data Protection Act 1998 (DPA) gives individuals the right, on producing evidence of their identity, to have a copy of personal data held about them. The Act covers any data about a living and identifiable individual. The Act applies only to data which is held, or intended to be held, on computers ( equipment operating automatically in response to instructions given for that purpose ), or held in a relevant filing system. Key points Data must not be disclosed to other parties without the consent of the individual. Individuals have a right of access to the information held about them. Personal information must be adequate, relevant and not excessive. It may not be kept for longer than is necessary and must be kept up to date. Personal data shall not be transferred to a country or territory outside the EEA unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data. All entities that process personal information must register with the Information Commissioner s Office The departments of a company that are holding personal information are required to have adequate security measures in place. Those include technical measures (such as firewalls) and organisational measures (such as staff training). Subjects have the right to have factually incorrect information corrected. Global Considerations The Commission considers that personal data sent to certified US businesses under the Safe Harbor scheme is adequately protected. That means they agree to: follow seven principles of information handling; and be held responsible for keeping to those principles by the Federal Trade Commission or other oversight schemes. Other countries are covered if you are satisfied that, in the particular circumstances, there is an adequate level of protection. Satisfying regulations To satisfy DPA requirements, organisations can: assess adequacy themselves, use contracts (European Commission approved model clauses), have Binding Corporate Rules approved by the Information Commissioner; or Receive consent from the Data Subject. Personal data can be transferred overseas where it is necessary for carrying out certain types of contract or if the transfer is necessary to set up the contract. Sarbanes-Oxley What is it? The Sarbanes-Oxley Act (SOX) is a piece of US legislation that regulates financial reporting. It was passed in the wake of the Enron episode and several other notable financial scandals in the US that involved suspect financial reporting. 5

Understanding the regulatory requirements Key points Sarbanes-Oxley regulations impose severe penalties on any business that deliberately alters or deletes documents in order to defraud customers or other third parties Global Considerations Any company with a listing on NASDAQ or the New York Stock Exchange has to comply with the Sarbanes-Oxley Act, even if it is a European company with headquarters outside the US. UK subsidiaries of US corporations need to ensure that the transactional data that they hold and share with their US parent will meet the requirements of the Act. Satisfying regulations To comply with SOX guidelines, companies must retain auditable emails for a minimum of five years from the end of their last fiscal year. Freedom of Information Act What is it? The Freedom of Information Act 2000 ( FOIA ) came into force on 1st January 2005 and gave the public new rights of access to recorded information held by public authorities. Email communications fall within the definition of recorded information. Key points Anyone, anywhere, without giving either proof of identity or details of their motive for making a request, can ask for a copy of an email Satisfying regulations The deadline for responding is 20 working days from the date of receipt of the request, and many public authorities have discovered that their current facilities for searching and retrieving archived emails have caused considerable difficulties in meeting the deadline. One of the most alarming aspects of the FOIA is the fact that it is retrospective. Public authorities are obliged to provide information in emails that were generated before the date the FOIA came into force, requiring them to search through archives. Industry-specific regulations Organisations will also need to pay specific attention to the regulations governing the vertical industries in which they operate. These industry specific regulations are constantly evolving, for example: The Financial Services Authority (FSA) is the independent body that manages the regulation of financial services providers in the UK under the Financial Services and Markets Act 2000. The FSA lays down strict requirements to protect the consumer against malpractice, and has wide investigatory and enforcement powers to ensure those requirements are observed. The FSA s regulations require all financial institutions to store all business emails sent and received for up to six years, and some emails indefinitely, so that cases can be reviewed. Two examples from the US: FINRA rules demand that financial services firms establish formal, written policies and procedures that detail their email retention policies. After outlining these policies, a business must then demonstrate that all retention processes are in full compliance with FINRA guidelines. HIPAA regulations apply to any email message or other electronic records that contain sensitive information about an individual s medical history. The preservation period for a medical record is a minimum of five years, though some related statutes dictate that certain information be retained for the life of the patient. 6

Understanding the legal and commercial risk Email ediscovery In the US,email is now the leading piece of evidence requested at civil trials. More pointedly, approximately one-fifth of companies have been ordered by courts to produce employee email (Robert F Smallwood). In the UK, a wronged party generally has six years from the date that a contract has been breached to bring a court action. Even when a court action is taken promptly, a case may not come to court until several years after the event, and often the only clear, contemporary evidence will be contained in emails. Conversely, an organisation may need email evidence to launch its own action to protect its position. A party in a dispute may have a significant advantage over its rival if it can retrieve the evidence faster and at a lesser cost than the rival. The lack of readily available evidence may lead to a settlement of a dispute that might otherwise have been successfully fought and won. An additional point to note is that the weight that can be attached to favourable evidence is based on the reliability of that evidence. The evidence obtained from an insecure and unreliable system that is not governed by clearly documented and enforced rules will be open to dispute and questioning by the opponent. Where an organisation can show, by production of supporting evidence, that the system in which the email evidence was held is secure and separate from the main system and that the policy in relation to archiving is consistently applied, that organisation has the best chance of its evidence being believed. Where it can be shown that the policy is consistently applied because the system operates in accordance with policy rules, rather than human compliance, the weight of the evidence can be even greater. Failure to have the best possible archiving system and procedures could mean the difference between winning and losing an important case. Given the expense of fighting court actions, this is something where organisations should look to manage away the risk. Reputation In order to cater for changing business practice and requirements the Solicitors Regulatory Authority (SRA) introduced a new code of conduct and Handbook in October 2011. This changed the focus of the SRA towards a more flexible outcomes focussed regulation to put in place a more flexible framework. Some of the principles, outcomes and required indicative behaviours included in the framework will have implications for the way the documents and emails relating to a piece of work (termed the matter file ) are managed. These indicate that each law firm should manage email because it is an integral way in which they service their clients better. Relevant Principles Principle 5: You must provide a proper standard of service to your clients Principle 6: You must behave in a way that maintains the trust the public places in you and in the provision of legal services Principle 8: You must run your business or carry out your role in the business effectively and in accordance with proper governance and sound financial and risk management principles Principle 10: You must protect client money and assets: You should protect money, documents or other property belonging to your clients which has been entrusted to you or your firm. 7

Understanding the legal and commercial risk Relevant Outcomes Relevant Indicative behaviours Outcome (4.1) you keep the affairs of clients confidential unless disclosure is required or permitted by law or the client consents Outcome (7.3) you identify, monitor and manage risks to compliance with all the Principles, rules and outcomes and other requirements of the Handbook, if applicable to you, and take steps to address issues identified Outcome (7.6) you train individuals working in the firm to maintain a level of competence appropriate to their work and level of responsibility Outcome (7.8) you have a system for supervising clients matters, to include the regular checking of the quality of work by suitably competent and experienced people; Outcome (7.10) where you outsource legal activities or any operational functions that are critical to the delivery of any legal activities, you ensure such outsourcing: does not adversely affect your ability to comply with, or the SRA s ability to monitor your compliance with, your obligations in the Handbook; is subject to contractual arrangements that enable the SRA or its agent to obtain information from, inspect the records (including electronic records) of, or enter the premises of, the third party, in relation to the outsourced activities or functions; does not alter your obligations towards your clients; and does not cause you to breach the conditions with which you must comply in order to be authorised and to remain so. IB (7.1) safekeeping of documents and assets entrusted to the firm. IB (7.3) identifying and monitoring financial, operational and business continuity risks including complaints, credit risks and exposure, claims under legislation relating to matters such as data protection, IT failures and abuses, and damage to offices. IB (7.4) making arrangements for the continuation of your firm in the event of absences and emergencies, for example holiday or sick leave, with the minimum interruption to clients business. In addition to SRA guidelines, law firms are increasingly seeing express requirements from their clients as to how they manage and control confidential information in relation to the matters they handle. It is becoming increasingly common for law firms to be asked to demonstrate capabilities in relation to ISO27001 by being able to audit who has access to client specific data and prove that procedures are in place to control that. Summary: Although many regulations exist beyond those listed in this document, all regulatory bodies, regardless of industry and commercial considerations, make meeting the following requirements a key aspect of compliance: Integrity, where information must be in its original state without being altered or deleted. Security, where all retained information must be protected against security threats, including access by unauthorized persons and any outside forces that could physically damage or endanger the availability of archived messages. Availability, where organizations must prove that all emails subject to the retention policy can be easily accessed by authorized personnel in a timely manner. 8

Implementing the right solution As highlighted, organisations across all industries, including the legal sector, are under increasing pressure to develop and implement robust, comprehensive email retention policies that comply with various legal and regulatory bodies. Whatever policy a business determines appropriate for them, given their interpretation of the various regulations and laws, the critical factor is actually how they go about implementing that policy. There are two critical enabling factors that can support the effective implementation of an email management policy: Training The value of having an email retention policy defined and in place is lost if many employees remain unaware that such guidelines exist. To ensure that such a policy is observed across an organisation, it is important that all employees are trained and able to demonstrate that they understand content and storage procedures, as well as any rules restricting the use of tools, such as personal folders. Some organisation roles have specific archiving requirements, which must be captured in the larger retention policy and associated training. For example, brokers at financial services firms are required to keep all of their electronic correspondence for up to six years. Similarly, in pharmaceutical companies, scientists who perform drug tests must keep test-related emails for even longer, as these may contain highly sensitive information that can be requested as evidence in e-discovery An effective education programme should therefore include: the reasons these rules are in place. instructions for using any supporting technology the consequences of non-compliance at both a business and personal level. guidance for those roles that have unique retention requirements. Technology A retention policy should be supported with an automated solution that enables the efficient and cost-effective storage and location of emails for e-discovery, litigation, compliance and knowledge management purposes. The technology solution should be designed on the following principles: Centralisation The solution should allow organisations to centralise and keep email in as few places as possible. Allowing users to save email to hard drives, personal folders or disparate file shares is ultimately unacceptable. Locating the necessary data on all local hard drives or personal folders throughout a large organisation is a difficult, time-consuming and expensive process that often fails. 9

Implementing the right solution Automatic capture All relevant email should be automatically captured. To comply with regulations and litigation mandates businesses must demonstrate that all emails are captured and subject to the retention policy. As such, organisations need to implement a solution that captures in realtime every message that falls under the rules of the retention policy. Access It is not realistic to rely on human intervention to capture the relevant content and solutions should not allow for human intervention to alter or delete content after its use. Businesses should be able to ensure that all their employees have access to the electronic assets they need to carry out their business responsibilities. As such, the solution should support the establishment of policies and rules that enable certain messages to be saved for personal communication, while allowing all other messages to be managed by the default retention strategy. Litigation readiness and legal holds These rules should also allow users to search for all archived email in both production and archive systems. Ideally access to the archive should not require intervention from the relevant IT department, but should be achievable by the end-user on demand. Email retention policies to be flexible enough to be suspended if a legal hold is necessary. If an organisation is anticipating legal action, it might choose to retain all emails in order to preserve the information that may be used as evidence during litigation. Protection and resilience It is critical that a solution supports policies that can accommodate legal holds, because courts can impose sanctions for the spoliation of any messaging content or electronic records that are relevant to a legal proceeding. Where email is stored and archived must be correctly managed and resilient. This means that the archive should: Be 100% available. Ideally your solution should have full redundancy. Ensure that the information held there is properly encrypted to prevent unauthorised and third party access. Fully protect all information from any form of virus, malware or intrusion. Provide for rapid access and retrieval. 10

Implementing the right solution If a solution is correctly implemented, organisations may subsequently benefit from: improved system performance, enhanced availability of data, reduced maintenance costs and minimised legal and commercial risk. Costs Though there are many specific legal and regulatory guidelines around email retention, no court or compliance authority demands the archiving of every email ever sent or received. As a result, organizations should implement a retention policy that reduces the storage burden by ensuring that the emails essential to meeting compliance and litigation guidelines are saved, while those that are not needed are deleted. By reducing storage through retention and deletion policies in line with legal and compliance mandates, IT can limit storage-related expenditures and streamline email administration tasks, which often comprise more than 40% of total IT support costs. In addition, this approach limits the amount of content requiring evaluation during the legal review phase of e-discovery, further reducing costs. 11

Conclusions In whatever way you interpret the various laws and regulations relating to information and email retention, your organisation must have a policy that satisfies the business sector within which you and clients operate. However, that policy becomes redundant if it is not implemented correctly and implementation is not straight-forward. Holding information on your premises and in your systems does not, by definition, mean it is well protected, secure, resilient and accessible. Indeed, if the systems and processes your organisation employs are not sufficient, this approach may be deemed to be negligent. Given the huge volume of content, the increasing complexity of the regulatory environment and the heightened risk of litigation; using a specialist technology provider to help ensure compliance should be fully considered. In fact, in many instances, utilising an established and specialist service provider may be the only way you can guarantee the successful implementation of your email retention policy. The maturing cloud computing and sourcing sector mean that organisations of all sizes can benefit from the technology platforms, economies of scale and processes these specialist providers can offer. The need to comply with regulatory demands and to manage your legal risk effectively does not discount the use of cloud based or managed services. In fact, in many instances, it may be the only way forward. 12 2012 Mimecast. ALL RIGHTS RESERVED. WHI-WP-094-001

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information