BY MONICA ENAND | GUEST CONTRIBUTOR
Two major trends are colliding that create challenges for companies: we are generating greater amounts of data in the Digital Age and we must do a better job to save it, particularly when faced with legal or regulatory matters.
If you think your company is too small, guess again. Any company can be involved in litigation (as either the plaintiff or defendant). Litigants have an obligation to save any documents or records that could be relevant to a case, from emails and text messages and mobile devices to cash register transactions and security camera footage.
Times have changed and the challenge is that there is exponentially more data and data is everywhere. According to research from IBM, “Last year, we generated five billion gigabytes of information every two days.” A generation or two ago, you could go grab some files out of the file cabinet.
Failing to preserve information can lead to trouble, including fines, escalating settlement costs and the loss of cases. The most successful companies invest in helping their employees develop data saving habits and building a culture of compliance at their organization. At its core, your culture should be built on two simple foundations: education and process.
- Lead from the Top – Executives must not only understand the importance of compliance policies, but also model behaviors. Be responsive when information is requested and be positive about why this is necessary. If you are grumpy, what do you think your employees will do?
- Create Retention Guidelines – While saving important information is necessary, what isn’t necessary is saving everything your company produces for all time. Work with IT to have some reasonable guidelines for how long to keep emails or particular types of files. Then publish those guidelines and follow them.
- Employee Policies – Contemplate what you want employees to do when something comes up – and then write it into your corporate policies. Then if someone doesn’t hold up his or her end of the bargain, you have grounds on which to act.
- Preservation Process – When a legal duty to preserve is triggered, have a process in place to hold on to information. It could be a letter, filing or the opening of a regulatory investigation. Once underway, communicate to your employees what they must save, be diligent about getting them to acknowledge their responsibility to do so, and follow-up with routine reminders.
- Training and Orientation – Make legal and compliance training part of regular training programs and new employee orientation.
- Policy for Personal Devices – Let everyone know what it means when they use personal smartphones, tablets or laptops for work, including your right and obligation to get the work information from those devices.
- Departing Employees – Many companies stumble by not saving information of employees who leave. When someone leaves the organization, have a process for collecting information from their computer and other work devices. Also, know if they stored info elsewhere, e.g. DropBox. Have an exit process in place.
- Get a Lay of the Data Land – Know what you have, where it’s located, and how long it sticks around. Data is amorphous, so knowing that security cameras overwrite files every 24 hours can be critical if, for example, an employee is injured on the job.
- Regular Audits – Success over the long run is required. Take some time to assess how the organization is doing. If you look and find one of the steps is not being followed diligently, take steps immediately to fix it.
These are not new ideas, but we need to make sure that we are adapting to our new circumstances. While we are all benefitting from the amazing power of communication and data gathering, it does not come for free. Understanding the challenges and having employees ready to comply when asked help avoid lengthy and expensive problems.
Monica Enand is CEO and founder of Zapproved, a software provider with a compliance platform.