Record Management, Retention, and Destruction Policy
Record Management Policy Template 62 pages - 12 easy to use forms - Citations for Laws - Retention Periods Defined
Template includes citations for Federal and selected state record retention requirements -- Plus it includes an interviewee checklist that can be use when implementing a record management process
All business are required by law to keep confidential client information, as well as employee or company data for a minimum amount of time - in essence they need a Record Management Policy.
All companies create records in the regular course of business. These records may be created to meet business needs, comply with existing legal requirements or to protect the organization in case of litigation. Some are physical, most are electronic.
A fundamental best practice for minimizing business risk is to implement a legally-defensible records management program. The first requirement of such a program is to determine the legal requirements for records retention and destruction. These requirements are the foundation for producing a defensible records retention schedule.
Next steps include:
- Creating policies and procedures like the Records Management, Retention, and Disposition Policy that conform to a retention schedule framework similiar to the one defined in Janco's policy template
- Consistently execute and enforce the retention and disposal rules defined in the policy,
- Integrate the policy to entire operational infrastructure.
Which records can be saved and which can be disposed off?
There are numerous business records that should be held on to for a minimum of seven years, which can include employee agreements, business loan documentation, litigation records, as well as general expense reports and records including overhead expenses and professional consultation fees.
Other documents may be kept for shorter, longer or an indefinite period of time and it's important to know what legal requirements are enforced for your industry to not only stay compliant, but to also dispose of documents you may no longer need. Regularly maintaining filing cabinets and securely disposing of old documents can help minimize risk of sensitive information falling into the wrong hands. The risks of keeping old documents containing sensitive data can be high – resulting in identity theft, fraud and potential financial loss or reputation damage.
There are many common myths about tape, disk, data protection and archiving including that archiving and long-term data retention are only for regulatory compliance purposes. The reality is that while regulatory compliance data, including Sarbanes-Oxley, ISO, financial or HIPAA medical, require long-term retention, other records and data, including those that do not fall under regulatory requirements, can benefit from - if not require - long–term data retention.
Record Management Policy Template Includes Citations for Federal and Selected State Record Retention Requirements
A record is essentially any material that contains information about your company’s plans, results, policies or performance. In other words, anything about your company that can be represented with words or numbers can be considered a business record – and you are now expected to retain and manage every one of those records, for several years or even permanently depending on the nature of the information. The need to manage potentially millions of records each year creates many new challenges for your business, and especially for your IT managers who must come up with rock-solid solutions to securely store and manage all this data.
The Record Management, Retention, and Destruction policy is a detail template which can be utilized on day one to create a records management process. Included with the policy are forms for establishing the record management retention and destruction schedule and a full job description with responsibilities for the Manager Records Administration.
United States Employers have a number of record retention requirements that are mandated by the federal government. Download Federal Record Retention Requirements here.
The areas included with this Record Management Policy Template are:
- Record retention requirements for SOX sections 103a, 302, 404, 409, 801a and 802.
- Record Management Policy
- Compliance and Enforcement
- E-mail Retention and Compliance
- Job Description Manager Record Administrator
- 12 forms for Record Retention and Disposition Schedule
- Record Management Best Practices
- Employee Record Retention Federal Requirements
- Personnel Records
- Administrative Records
- Facility Records
- Financial Records
- Sales Records
- Computer and Information Security Records
- Computer Operations and Technical Support
- Data Administration
- General Systems and Application Development
- Network and Communication Services
- User and Office Automation Support
- Safety Records
All of these forms are contained within the Records Management Policy Template.