Significant legal and financial risks await any company that neglects to securely retain paper and digital documents and ensure secure data destruction at the end of their life cycle. More about that in a minute.
There’s another looming threat to consider. More than 80 per cent of consumers believe organisations that fail to protect their personal information are untrustworthy.1 The potential damage to your brand from a data breach indeed can result in loss of business, thus impacting the bottom line.
Reducing or responding to risk drives most information management and governance programs. In fact, four of the top five reasons companies adopt record-keeping systems and retention schedules have to do with mitigating risk.2 The fifth reason? Good business management practises, but this is cited far less often than the need to avoid investigations, lawsuits and regulatory penalties.3
The challenges of proper information management and governance touch every department of every company. Your organisation needs solutions that enable tight, economical, legally defensible practises that minimise risk at every level, including when shredding documents. You can go it alone, but why do that when an experienced partner such as Recall brings global expertise, as well as advanced software and systems, to help you avoid trouble?
Don’t Go Solo
In addition to seeking advice and knowledge from a document expert, what can you do to make records management compliance easier and more economical?
First, don’t try to do it yourself. Few companies, regardless of their size, have the resources needed to comply with the myriad laws, regulations, policies and agreements that cover business records. A knowledgeable partner can help you meet the document and record-keeping requirements by providing the following services. Look for vendors with systems that organise paper and digital documents, managing them under one set of procedures and a single retention and destruction schedule. These systems also identify each document, making your finding records quick and easy.
By establishing a hybrid system to manage all paper and digital records, your employees can become more productive when they no longer spend hours searching for a misplaced document. What’s more, you can avoid penalties for being unable to locate information requested during legal discovery proceedings.
Your First Responsibility: Safeguard the Information
It’s your company’s responsibility to secure the private information of your customers, business partners and employees. All it takes to place your company in jeopardy is for one set of documents containing personal information to be accidentally discarded in the rubbish bin behind your office or for a disgruntled employee to steal sensitive records. To prevent such a scenario, hire a records management partner to provide secure storage of documents. You can restrict access to documents by storing them in a secure offsite facility, thus ensuring that only authorised personnel can handle the documents.
Next: Make Sure Your Company Is Compliant
The steps you take to secure information must extend beyond how records are created and stored. Many documents must be retained for periods required by national and local governments as well as regulatory agencies, industry or internal policies, and your contracts with third parties. Recall CommandIG™ world-class software enables you to:
Last Step: Dispose of All Records — Properly
Throughout your business, it’s critical that you are able to maintain a chain of custody so that paper or digital documents do not become a legal or financial liability. When you send documents offsite for storage or hire a company for document shredding or hard-drive destruction services, track your information every step of the way. Look for a document management company that can provide proof of how your documents have been handled, which is a critical component of your long-term storage and secure shredding programs.
And, the vendors should provide you with a Certificate of Destruction, which is evidence of compliance, at the end of each document’s life cycle.
The Good News: You Can Do This
The biggest barrier to proper information management and governance is not a lack of money, but rather the lack of education, communication and leadership within companies.4 Whilst challenging, these needs can be addressed without huge, hard costs.
By training employees to properly create and store records, you’ll have more control of your documents and help reduce the risk of liability. Regular auditing of information management policies and procedures can help you determine the effectiveness of the training and how well your company has implemented advanced systems designed to enable you to maintain a solid chain of custody.
12012 Consumer Study on Data Breach Notification, Ponemon Institute and Experian, June 2012, http://www.experian.com/assets/data-breach/brochures/ponemon-notification-study-2012.pdf (accessed 8 February 2016).
2Annual Report 2015-2016, Information Governance Initiative.