Are you an email hoarder? I certainly am. This is something that I have talked with my friends about quite a few times. I upgraded my Gmail account storage a while ago so that I don’t have to delete email. I use it as a filing system. Of course I do delete spam, advertisements, and mailing lists. But, I keep anything that I think might be useful in the future. This has come in handy on several occasions. A friend will mention a product or service, or I realize that I want to check out something specific and I think “Hmm… I am pretty sure that I got a pitch about that.” Then, I can do a quick search of my Gmail, find it, and act on it.
Email has become critical to business. It’s how most of us communicate on a day to day basis to get things done. I personally prefer email to phone calls. It helps me to have things in writing, so it’s my go to. However, many people and organizations remain unclear on various issues about handling it, for instance how long to keep it, what to do with it, and when to delete it.
Today it is essential that that every organization whether large or small implements an email retention policy which ensures that it is compliant with business requirements, and regulations relating to e-discovery, the Freedom of Information Act, the data Protection Act, taxation regulations, and other current legislation.
Ideally the policy should be as simple as possible in order to facilitate its implementation. The policy should cover almost all of the email traffic, though there will always be some exceptions. The biggest issue is how long messages should be retained.
Today the cost of storage is much less of an issue than it used to be and costs are continuing to decline, however as the volume of email increases the cost of complying with e-discovery increases rapidly.
Typically general business email, which is usually the bulk of it, should be retained for three to five years; however other email needs to be classified carefully. For instance email regarding finance must be retained for at least ten years and there are special requirements for email concerning HR and legal issues. Sometimes email concerning company officials needs to be retained indefinitely. In fact the regulations regarding email retention are highly complex and sometimes contradictory; they can be a minefield. It is also important to take account of attachments. Employees need to be able to recognize these different classes and to take appropriate action.
The potential costs of getting things wrong are huge. The tendency is for employees to retain email for far too long, as the fear is that deleting it prematurely is potentially more dangerous than retaining it longer than is necessary. Duplication is another problem that needs to be addressed; often there are many copies of a message in different repositories and folders.
In fact to put the onus of implementing email retention policies on individual employees is a bad policy in so many ways. Firstly it is almost impossible to achieve; there is so much space for errors to be made. The only real way is to implement an automated system such as the cloud based unified email management and archiving solution developed by Mimecast. Such systems take the pressure off individuals and IT while giving users instant access to archived email and providing fully automated compliance with email retention and deletion policies that can be administered from a single web based console.