IMPLEMENTING AN EFFECTIVE DOCUMENT RETENTION POLICY



Similar documents
UNDERSTANDING E DISCOVERY A PRACTICAL GUIDE. 99 Park Avenue, 16 th Floor New York, New York

Best Practices Series Document Retention and Best Practices

CORPORATE RECORD RETENTION IN AN ELECTRONIC AGE (Outline)

Elements of a Good Document Retention Policy. Discovery Services WHITE PAPER

Records and Information Management and Retention

E-Discovery: The New Federal Rules of Civil Procedure A Practical Approach for Employers

PRESERVATION AND PRODUCTION OF ELECTRONIC RECORDS

REED COLLEGE. ediscovery GUIDELINES FOR PRESERVATION AND PRODUCTION OF ELECTRONIC RECORDS

The E-Discovery Process

Data Preservation Duties and Protocols

Best Practices in Electronic Record Retention

REALITY BYTES: A NEW ERA OF ELECTRONIC DISCOVERY

THE INCREASING RISK OF SANCTIONS FOR ORDINARY NEGLIGENCE IN E-DISCOVERY COMPLIANCE

In-House Solutions to the E-Discovery Conundrum

Electronic Discovery

Preservation and Production of Electronic Records

DOCUMENT RETENTION STRATEGIES FOR HEALTHCARE ORGANIZATIONS

Records Retention & E-Discovery. Preserving Electronically Stored Information for Litigation

ACADEMIC AFFAIRS COUNCIL ******************************************************************************

Electronic Discovery How can I be prepared? September 2010

ediscovery: The New Information Management Battleground Developments in the Law and Best Practices

The Importance of Appropriate Record Retention Policies

FDU - Records Retention policy Final.docx

How To Write A Hit Report On A Lawsuit Against A Company

ELECTRONIC DISCOVERY. Dawn M. Curry

Electronic Discovery: Litigation Holds, Data Preservation and Production

10 Steps to Establishing an Effective Retention Policy

Corporate Governance - The Importance of a Compliant Record Retention Program. by Christopher N. Weiss 1

Amendments to Federal Rules of Civil Procedure. electronically stored information. 6 Differences from Paper Documents

University of Louisiana System

Michigan's New E-Discovery Rules Provide Ways to Reduce the Scope and Burdens of E-Discovery

E-Discovery Toolkit for Educational Institutions

Measures Regarding Litigation Holds and Preservation of Electronically Stored Information (ESI)

REINHART. Labor & Employment E-News E-NEWSLETTER ATTORNEYS:

Electronic Data Retention and Preservation Policy 1

Litigation Hold Notices & Electronic Discovery A R E S O U R C E F O R W S U E M P L OY E E S

LEGAL HOLD OBLIGATIONS FOR DISTRICT EMPLOYEES

DOCSVAULT WhitePaper. Concise Guide to E-discovery. Contents

How to Win the Battle Over Electronic Discovery in Employment Cases. By Philip L. Gordon, Esq.

Legal Developments in ediscovery: Implications for Security Management

E-DISCOVERY: BURDENSOME, EXPENSIVE, AND FRAUGHT WITH RISK

E-Discovery in Employment Litigation: Making Practical, Yet Defensible Decisions

PROTOCOL FOR PRESERVATION AND PRODUCTION OF ELECTRONIC RECORDS AT WESTERN WASHINGTON UNIVERSITY

ESI Risk Assessment: Critical in Light of the new E-discovery and notification laws

Rackspace Archiving Compliance Overview

E-DISCOVERY & PRESERVATION OF ELECTRONIC EVIDENCE. Ana Maria Martinez April 14, 2011

PROPOSED ELECTRONIC DATA DISCOVERY GUIDELINES FOR THE MARYLAND BUSINESS AND TECHONOLOGY CASE MANAGEMENT PROGRAM JUDGES

Archiving Benefits

What Happens When Litigation Starts? How Do You Get People Not To Generate the Bad Documents?

Lowering E-Discovery Costs Through Enterprise Records and Retention Management. An Oracle White Paper March 2007

Assembly Bill No. 5 CHAPTER 5

INFORMATION GOVERNANCE: THE CORNERSTONE OF RECORDS MANAGEMENT

Electronic Data What Does it Include, its Retention and Disclosure

Developing an Integrated e-discovery and Corporate Records Management Program. Presented by: Janeine Charpiat Information Security Professional

COMING: NEW FEDERAL RULES ON E-DISCOVERY

WHAT TO DO WHEN YOU RECEIVE A LITIGATION HOLD NOTICE. A Guide for University Faculty, Staff, and Others

Archiving and The Federal Rules of Civil Procedure: Understanding the Issues

HOWARD UNIVERSITY POLICY

Article originally appeared in the Fall 2011 issue of The Professional Engineer

SUTLEJ TEXTILES AND INDUSTRIES LIMITED DOCUMENT PRESERVATION AND RETENTION POLICY

102 ediscovery Shakedown: Lowering your Risk. Kindred Healthcare

CITY OF ANDERSON ELECTRONIC RECORD RETENTION POLICY

Spoliation of Evidence. Prepared for:

New E-Discovery Rules: Is Your Company Prepared?

FEDERAL PRACTICE. In some jurisdictions, understanding the December 1, 2006 Amendments to the Federal Rules of Civil Procedure is only the first step.

A Brief Overview of ediscovery in California

E-Discovery in Practice: A Roadmap for Financial Institutions

AppliedDiscovery. WhitePaper. RetentionPolicy

United Cerebral Palsy of Greater Chicago Records and Information Management Policy and Procedures Manual, December 12, 2008

Discovery Technology Group

Electronic Discovery and the New Amendments to the Federal Rules of Civil Procedure: A Guide For In-House Counsel and Attorneys

E-Discovery and Electronically Stored Information (ESI):

Department of Veterans Affairs VA Directive 6311 VA E-DISCOVERY

SOUTH EASTERN SCHOOL DISTRICT

How to Avoid The Biggest Electronic Evidence Mistakes. Ken Jones Senior Technology Architect Pileum Corporation

The E-Discovery Challenge Moves to the C-Suite

By Ross C. D Emanuele, John T. Soshnik, and Kari Bomash, Dorsey & Whitney LLP Minneapolis, MN

GUIDELINES FOR ELECTRONIC DISCOVERY AT THE UNIVERSITY OF WASHINGTON

Proposed Changes to Federal Rule 37(e)

The Intrusive Nature of Discovery in U.S. Patent Litigation

A PRIMER ON THE NEW ELECTRONIC DISCOVERY PROVISIONS IN THE ALABAMA RULES OF CIVIL PROCEDURE

Metadata, Electronic File Management and File Destruction

E-Discovery Perils: The AutoArchive Function Not Gone, But Forgotten?

COALSP 2013 E-Discovery Case Law Update. Drew Unthank Partner Wheeler Trigg O Donnell LLP

4/10/2015. Be Prepared: How The New Changes To The FRCP Affect Information Governance. Your Presenters. Agenda

DISCOVERY OF ELECTRONICALLY-STORED INFORMATION IN STATE COURT: WHAT TO DO WHEN YOUR COURT S RULES DON T HELP

Electronic Discovery and Disclosure:

LSUHSC-NEW ORLEANS RECORDS RETENTION AND DISPOSITION POLICY

The Rules have Changed

Supreme Court Rule 201. General Discovery Provisions. (a) Discovery Methods.

ediscovery Update February 2010

COURT OF QUEEN S BENCH OF MANITOBA PRACTICE DIRECTION GUIDELINES REGARDING DISCOVERY OF ELECTRONIC DOCUMENTS

Hong Kong High Court Procedure E-Discovery: Practice Direction Effective September 1, 2014

RETENTION OF UNIVERSITY RECORDS

Outlaw v. Willow Oral Argument Motions for Sanctions

NEW RULES FOR ELECTRONICALLY STORED INFORMATION

Minimizing ediscovery risks. What organizations need to know in today s litigious and digital world.

security and compliance best practices

7Seven Things You Need to Know About Long-Term Document Storage and Compliance

Avoiding The Pitfalls Of Electronic Discovery

Transcription:

IMPLEMENTING AN EFFECTIVE DOCUMENT RETENTION POLICY EDWARD E. SHARKEY 4641 MONTGOMERY AVENUE SUITE 500 BETHESDA, MD 20814 (301) 657-8184 ESHARKEY@SHARKEYLAW.COM WWW.SHARKEYLAW.COM

CONTENTS The Risks... 3 Policy Benefits... 4 (1) Advance Business Goals... 4 (2) Reduce Costs... 4 (3) Ensure Legal Compliance... 4 (4) Ease Access to Records... 4 (5) Avoid the Risk of Spoliation Claims... 5 (6) Destroy Unnecessary Documents... 6 Elements of an Effective Policy... 7 (1) Address Both Paper and Electronic Data... 7 (2) Identify Types and Locations of Data... 8 (3) Establish a Destruction Schedule... 8 (4) Include a Legal Hold Policy... 8 (5) Enforce Consistently... 9 (6) Assess and Update Periodically... 9 2

THE RISKS When he received his bonus for the year 2000, the bank s vice president was not satisfied. He complained to a member of the bank s human resources department. The bank refused to recalculate it. Angered by the bank s position, the vice president resigned. When he left, the bank did not save the emails in his company account or copy the documents on the hard drive of his company computer. It did not save bank documents relevant to the bonus either. Two years later, the former vice president sued the bank, claiming that it breached his employment contract when it calculated his 2000 bonus differently than his 1999 bonus. At trial, the court made it clear that, as soon as the bonus dispute arose, the bank should have preserved all documents relevant to the calculation of the vice president s bonuses. The court specifically noted the bank s failure to save and produce an email, sent by the vice president in 2000, concerning his 1999 bonus. It also noted the bank s failure to turn over specific records used to calculate the bonus (annual profit and loss statements for the years 1999 and 2000). Because of these failures to preserve and produce, the court instructed the jury that it could assume, in the absence of evidence, that the email and the statements would have been harmful to the bank s case. In the end, the jury awarded the former vice president hundreds of thousands of dollars. Arndt v. First Union Nat l Bank, 2005 WL 1330534 (N.C. Ct. App. 2005). In 2000, a scientist working at Merck on the clinical trial of Vioxx, an arthritis medication, sent an email to his boss. The email implied that an elderly woman taking the drug as part of the clinical trial had died of a heart attack. Despite the scientist s warning, Merck marketed the drug, and, in later documents, it listed the elderly woman s cause of death as unknown. In September 2004, Vioxx was pulled from the market because it was increasing patients cardiac risk. The pharmaceutical company declared that it did not know, prior to putting the drug on the market, that it increased the risk of cardiac problems. Later, the scientist s 2000 email surfaced. Not only did it create a public relations nightmare, but, because it was evidence that Merck knew of the cardiac danger, it served as the hook on which thousands of plaintiffs hung their claim that the company should be held liable for causing their heart problems. See, e.g., Salinas v. Merck & Co., 2006 U.S. Dist. LEXIS 12196 (D. Tex. 2006). The bank s failure to preserve email for a sufficient time period resulted in a negative jury instruction at trial. The pharmaceutical company, on the other hand, suffered dire consequences because it kept an email too long. What do the two companies have in common? Neither followed a document retention policy that was adequately designed and implemented. If they had, documents such as the bank s email would have been saved for production in the litigation that eventually arose. At the same time, records like the scientist s email would have been purged as a matter of routine once they were no longer useful and no law required their preservation. Despite these and other benefits of document retention policies, the bank and pharmaceutical company are not alone in their failure to have one. Many companies fail to do so. Countless others have policies that are not consistently enforced or have not been updated to address documents that are electronically created and stored. 3

This paper begins by addressing the benefits of a properly designed and implemented document retention policy. Its second section will guide readers through the development of a policy that can suit the needs of any business. POLICY BENEFITS (1) ADVANCE BUSINESS GOALS The main purpose of any document retention policy is to further the goals of the company for which it is created. Obviously, different businesses require different types of documents for the performance of their day to day operations. A policy that directs the maintenance and storage of necessary documents, while calling for the purging of unneeded ones, contributes to the smooth operation of any business. (2) REDUCE COSTS An ancillary benefit of a document retention policy is the reduction of overhead costs. There are infrastructure costs associated with storing documents. For example, a company must pay staff members to maintain and classify documents. Electronic document storage comes with additional costs, such as the expenses of hardware, software, archival systems, and networks. For these reasons, a document policy that provides for the routine purging of documents reduces the cost of information management. (3) ENSURE LEGAL COMPLIANCE Another manner in which a comprehensive document policy assists a company is that it ensures that the company complies with legal requirements. A variety of local, state, and federal laws define time periods for which specific categories of documents must be retained. For example, the Sarbanes Oxley Act of 2002 requires that certain corporations retain audit records. The Department of Labor mandates that contractors who receive funds from a federal agency keep relevant documents for three years after the contract s completion. Employers subject to the Family and Medical Leave Act must retain documents related to benefits for six years. Pursuant to the Internal Revenue Code, records must be maintained as long as they may become material in the computation of any tax. Penalties for non-compliance range from hefty fines to years in prison. A document retention policy not only assists a company in complying with all applicable legal provisions, but it can also communicate preservation requirements to employees so they do not unknowingly, unlawfully destroy documents. (4) EASE ACCESS TO RECORDS A document retention policy will also facilitate access to records. Access to records is important for a variety of reasons. The value of a company s institutional knowledge is dependent on employees ability to refer to and use it. Easy access to company documents is also necessary to provide responses to specific information requests that come from outside the organization. Companies often receive specific requests during an audit or other investigation. When the company does not have an institutional, organized system for 4

the storage of records, the time spent responding to specific requests swells, and there is a risk that all of the records required for a comprehensive response cannot be gathered. Similarly, when the company keeps many documents that it need not save, countless hours can be wasted sifting through thousands of pages to find the few that are responsive. Spending administrative time gathering responsive documents is disruptive to the company s day to day operations and, is, ultimately, costly to the business. A policy that not only calls for the destruction of unnecessary information, but also specifies the location of documents that are retained, eases access to records and can facilitate the timely, comprehensive response to requests for information. (5) AVOID THE RISK OF SPOLIATION CLAIMS Specific requests for information also come in the form of discovery from opposing parties in litigation. In this context, being ill-prepared to provide timely, comprehensive responses carries the additional risk of exposure to a spoliation claim. Spoliation is the destruction or alteration of material evidence in pending or foreseeable litigation. Courts have proven to be willing to impose severe penalties on companies for failures to preserve material evidence. These penalties include monetary sanctions, preclusion of beneficial evidence, admission of adverse inferences, and/or default judgment. In December 2006, the Federal Rules of Civil Procedure were amended to specifically include electronic media in the category of information that is discoverable in civil litigation. Electronically stored information includes writings, drawings, graphics, charts, photographs, sound recordings, images, and other data or data compilations stored in any medium F.R.C.P. 34(a). The duty to preserve extends to documents produced and stored electronically. The duty to preserve attaches when a party reasonably anticipates litigation. Though frequently identified with precision in retrospect, this point in time is not always apparent in the moment. Litigation may be reasonably anticipated well before the filing of a complaint. For example, receipt of a demand letter or even an informal complaint is a sufficient basis from which a party should reasonably anticipate litigation. Once the claim is anticipated, the party must take immediate, affirmative steps to preserve information that 1) is relevant to the claim, 2) is reasonably calculated to lead to the discovery of other, admissible evidence, 3) is reasonably likely to be requested in discovery, or 4) is the subject of a pending discovery request. The Rules seek to avoid the imposition of sanctions on parties who have made honest mistakes in failing to preserve electronically stored information that is subject to the duty to preserve. More specifically, Rule 37(f) provides that, absent exceptional circumstances, a court cannot impose sanctions for failure to preserve electronically stored information lost in the routine, good-faith operation of an electronic information system. In their notes, the Civil Rules Advisory Committee has defined routine operations as the way computer systems are generally designed, programmed, and implemented to meet the party s technical and business needs. The routine operations of an electronic information system include: 1) programs that recycle storage media used for disaster recovery, 2) automatic overwriting of information that has been deleted, 3) programs that change metadata to reflect the latest access to particular information, 4) programs that automatically 5

discard information that has not been accessed within a defined period or that exists beyond a defined period without affirmative effort to store it, and 5) spam filters. Thus far, all courts and commentators agree that the protection afforded by Rule 37(f) is of little value where a comprehensive document retention policy has not been followed. This is because an established, consistently enforced, and reasonable document retention policy is important in establishing that a party undertook a good faith effort to preserve electronic documents. Because the duty requires that a party take immediate, affirmative steps to preserve potentially relevant information, a policy is unlikely to protect a company if it does not include provisions for the implementation of a litigation hold. A litigation hold, sometimes called a preservation order or hold order, is a process by which a company informs its employees of pending or anticipated litigation and the obligation to preserve relevant records and suspend the normal destruction policy for potentially relevant records. (6) DESTROY UNNECESSARY DOCUMENTS Arguably the most important function of a document retention policy is that it provides a mechanism by which documents that are of no use to the organization can be destroyed. Records that are not potentially relevant to pending or anticipated litigation, that are not subject to legal maintenance requirements, and that are not needed for business reasons can be destroyed in compliance with a reasonable records management policy. Indeed, the United States Supreme Court has recognized the legitimacy of managing information through policies that systematically destroy information. The Court specifically acknowledged that policies are created in part to keep certain information from getting into the hands of others, and that, under ordinary circumstances, it is not wrong to instruct employees to destroy documents in compliance with a valid policy. Arthur Anderson, LLP v. U.S., 125 S. Ct. 2129, 2135 (2005). Even so, it is important to note that no court will look favorably upon a policy adopted for the sole purpose of destroying potentially discoverable information. Indeed, the use of such a policy can provide grounds for a spoliation claim or imposition of sanctions. Moreover, some laws, such as the Sarbanes Oxley Act, make it a crime to destroy documents for the purpose of concealment or damage control. 6

ELEMENTS OF AN EFFECTIVE POLICY To best serve the needs of the organization, a document retention policy should: (1) ADDRESS BOTH PAPER AND ELECTRONIC DATA A company s policy must address both paper and electronic records because electronic and paper documents differ significantly in several respects. Electronic documents are created in far greater volume than paper ones. In 2003, the number of emails sent in one day nearly exceeded the number of mail messages handled by the United States Postal Service in an entire year. One desk worker can get an average of fifty emails per day. At the same time, electronic documents require significantly less physical storage space. One gigabyte of data, which is about seventy five thousand pages of a Word document or one hundred thousand emails, is equivalent to forty banker s boxes full of paper. A single personal digital assistant (PDA) and one flash drive can each store several gigabytes of information. An ordinary desktop computer can hold eighty to one hundred and twenty gigabytes of information. A network server can hold electronically what it would take trucks to hold in paper form. For these reasons, if a business does not implement controls, a company can quickly accumulate billions of pages of unneeded documents. In addition, electronic documents are duplicated more easily than paper documents. Consider a single email. The original author can send it to many users. Each recipient can forward the email to many others by hitting just a few buttons on the keyboard. At the same time, email and software systems used to transmit the messages automatically create multiple copies as the messages are sent and resent. As a result, there are often many copies of the same electronic document in different locations. A document policy that does not address all of the copies in all locations is not useful. Electronic documents, unlike those in paper form, are also changed with ease. Some changes are automatic. For example, a document s metadata, accessible information embedded in electronic documents, is designed to track access to, modification of, and relocation of files. Each time a Word document is opened, its metadata is amended. Because alteration of evidence falls within the ambit of spoliation, a document policy must include provisions for dealing with these changes. Finally, electronic documents are more persistent than paper documents. When a paper document is taken away with the trash, it is not likely to turn up again. As most now understand, deleting an electronic file does not erase it from the computer s storage devices. Rather, the computer finds the file and changes its status to not used. The computer will eventually overwrite not used data, but, until that time, the file is recoverable. Any policy that calls for the routine purging of documents must address the persistence of electronic records. 7

(2) IDENTIFY TYPES AND LOCATIONS OF DATA To be comprehensive, a document retention policy should include a road map of the types and locations of records. In addition to paper documents, information stored in email (including attachments), word processing documents, spreadsheets, presentation documents, graphics, animations, images, audio, visual and audiovisual recordings, instant messaging, and portable devices (PDA, Blackberry, Palm) should be covered by the policy. (3) ESTABLISH A DESTRUCTION SCHEDULE Absent a duty to preserve, documents should be retained only for as long as reasonably necessary. Under state and federal law, various types of documents are mandated to be preserved for varying periods of time. Businesses must ensure that the policy complies with all laws and regulations requiring preservation of different categories of records for specific periods of time. When determining the parameters for destruction, a business should consider its commercial needs, legal compliance requirements, and the costs of storage. Then it should document the legitimate business reasons for the destruction parameters. Because of the persistence of electronic documents, a business should include in its policy provisions for wiping and overwriting electronically stored information. Although it is the only way to be certain that deleted electronic information is actually gone, there are concerns with wiping and overwriting. As of January 2008, there is no court decision on the validity of wiping as part of a document policy. Paper documents, however, are routinely discarded in an irretrievable manner, and there is no legitimate reason to distinguish the destruction of paper and electronically stored information. (4) INCLUDE A LEGAL HOLD POLICY The legal hold policy will be used to notify employees when a duty to preserve has arisen. The policy should identify a team that will be in charge of implementing the hold. The team should consist of personnel from the legal, information technology, records management, human resources, and finance departments, as well as member(s) of senior management. One member of this team should be designated as the employee who will coordinate and act as the company s representative pertaining to the electronic information system in the litigation context. It will be that person s job to discuss all preservation efforts if a spoliation claim is ever made against the company. The legal hold policy should direct employees to notify designated personnel if they become aware of facts that are reasonably likely to lead to litigation. It should also outline the steps the company is to take, once it becomes aware of these facts, to initiate a hold. The first step in any litigation hold situation should be the distribution of a general hold instruction. This initial instruction should be given to all employees in writing. The general instruction should delineate the types of documents that must be preserved, the relevant time parameters, and the subject of the materials that must be preserved. It should also provide employees with specific instruction on how to preserve. 8

The policy should also outline steps for the company to take, once the initial hold has been initiated, to identify individuals who have potentially discoverable information ( key players ) and communicate directly with them. It should also require that the key players relevant files be copied. The policy should include provisions to ensure that employees and other key players are complying with the hold. For example, it should require that the hold be periodically reissued to all employees and that members of the team periodically follow up with key players. The policy should include provisions directing members of the team to keep a log of the steps taken to preserve data. To be useful, the log must detail the preservation instructions that have been given, list the people contacted regarding preservation, and describe all other steps that have been taken to preserve potentially relevant information. (5) ENFORCE CONSISTENTLY Failure to consistently enforce the document retention policy can result in the policy having effects opposite of those intended. For example, in December 2000, Frank Quattrone, an investment banker at Credit Suisse First Boston (CSFB), knew that the NASD and the Securities and Exchange Commission were investigating several of the bank s practices. With the investigations in mind, Quattrone sent an email to the bank s employees, reiterating that the bank s retention policy required the destruction of many types of documents and strongly suggesting that employees catch up on file cleaning before the winter holidays. After he was advised to get counsel of his own for a grand jury investigation related to the bank s practices, Quattrone resent the email to the bank s employees, this time strongly advising them to follow the document retention policy s procedures. Quattrone was later convicted of interfering with investigations for encouraging the destruction of documents, despite the fact that such destruction was technically part of the bank s document retention policy. To ensure consistent enforcement, the policy should contain provisions for monitoring employee compliance. It can be included in employee codes of conduct, training materials, or employee handbooks. (6) ASSESS AND UPDATE PERIODICALLY The needs and goals of businesses evolve. Legal requirements change. Technology continues to advance. For all of these reasons, it is important that companies periodically reassess and amend their document retention policies to ensure that they continue to further business interests, comply with legal requirements, and address all the forms and locations in which records are stored. ** 9

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information