Corporate Law Info

Document retention policy

ESI Policy

How to develop a records inventory, take special care to review and understand where and how electronically stored information (“ESI”) sits on any client’s systems. This process (often referred to as “data mapping”) may be performed by in-house IT personnel with or without assistance from outside consultants. In-house counsel also should be involved to help flag specific types of high-priority ESI that may have been the subject of prior discovery demands.

Through this process, you should be able to identify:

The locations of ESI

Who is responsible for ESI

Which employees and staff interact with ESI systems

External systems and storage locations

Employee interactions that affect ESI, such as the ability of employees to save their emails locally

Existing active data retention policies

Existing back-up data retention policies

Examine Legal and Regulatory Retention Requirements

Once you develop a records inventory, consult federal, state, and local law to determine what (if any) minimum document retention periods cover each category of records. Governing law will vary depending on the client’s business and industry, but some examples include:

Sarbanes-Oxley Act of 2002 (116 Stat. 745)

Consumer Product Safety Act (86 Stat. 1207)

Fair Labor Standards Act of 1938 (52 Stat. 1060)

Federal tax law

Contractual restrictions

Privacy laws

Also be sure to consult any international law requirements if these apply to your client’s business.