Email and Policy: Like Oil and Water

By Bob Larrivee posted 05-10-2010 12:08


Here we go again, another state agency, this time in New Hampshire, has raised the challenge of email management and was highlighted in the May 9, 2010 post on the In this article, we are shown that there is what appears to be a major discrepancy and inconsistency in the records management policies of New Hampshire government agencies in relation to email and in some cases other records when an employee leaves their position with the state.

RSA 5:37, which governs "archives and records management," mandates that "all records" made or received by public officials, or that come under their authority or possession, "are the property of the state and shall not be mutilated, destroyed, transferred, removed or otherwise damaged or disposed of, in whole or in part, except as provided by law." It is that “except as provided by law” term that presents the challenge.  One interpretation is that upon termination of employment, notice is sent by the department head to IT and all records and emails can be destroyed along with the email account being disabled. This leads us to RSA 5:38, which says that "records not having a permanent or historical value may be destroyed at the end of 4 years." But that law also allows the archives director to designate that records may be destroyed sooner or later than four years. So, where is the clarity?

RSA 5:40, requires the state archivist to publish a "manual of uniform procedures" for the handling of paper and non-paper records across state government. Here we see the guideline, "As a general rule, all transitory communications to a state entity shall be retained as necessary for reference as determined by the state entity in possession of the communication." So this leaves the decision up to the department or department head which now leads us to the point of questioning, how does one determine the value of information to be retained as a record and what are the associated policies in relation to retention and disposition based on legality rather than employment status of the person in possession of said emails and records. Oh, one more point of interest in this story, the focus was on the Attorney General’s office which of course should be a primary source of reference for the legal aspect of records keeping regardless of format.

In my view, just like oil and water don't mix, this is just another example of how organizations miss the mark in relation to managing electronic information and records. While there are guidelines, there is not enough clarity on what constitutes a record and how it should be managed and maintained properly. If information held within an email is essential to the business or in this case state agency, it should be brought into and maintained the same as any other record. There are no exceptions and certainly should not be based on employment status of an individual. This article also shows that even when information is slated to be deleted, it may also fully exist on back-up media for months or even years depending on the agency practices and by merely declaring that back-up is not considered active and therefore not eligible for disclosure, may not be strong enough to withstand trial proceedings as we have seen in cases involving eDiscovery inquests and proceedings.

Regardless of the organization and information format, there must be governance over all information and processes. There must be a consistent methodology used in the capture, management and disposal of this information and not left to the interpretation of individuals. There must be a process in place to assist the organization in making the proper assessments as to what should be maintained and what can be destroyed when employment ends, not just a blanket policy with a warehouse mentality that everything must go and when it does go, make it go for good.

What say you? Do you have an experience like this to share? What are your thoughts on this topic?

Email: Bob Larrivee – AIIM

Follow me on twitter – BobLarrivee

#AOL #borndigital #InformationGovernance #hardcopy #E-mail #retention #SaaS #discovery #electronicrecords #Google #records #ElectronicRecordsManagement #paper #regulations #compliance #disposition #SEC