Records management is a hot topic with the EU General Data Protection Regulation (GDPR) coming into force this year. This new directive poses a risk to businesses compared with previous versions as sanctions can be up to four percent of a company’s worldwide turnover.
The good news is that a retention policy that enables organisations to capture, manage and destroy information automatically is relatively simple to achieve.
Many organisations are able to track usage of records, files and documents. But the question is, do they have an enforceable retention policy?
A retention policy sets the time that information, data and records must be managed and retained. It provides a framework for employees on how they should manage information - from creation to destruction – to comply with data management regulations.
A retention policy includes both paper and digital formats, which adds an element of complexity if a paper version has been printed and tucked away in a drawer.
When individuals are left to monitor and enforce a retention policy, it involves significant manual intervention, time, effort and cost.
Alternatively, organisations that ruthlessly delete files that have reached their end of life (EOL), without any forewarning for staff, could potentially lose important records.
Neither approach is satisfactory.
GDPR. How document managment helps with GDPR compliance. Document Logistix
Will there be an ICO whistleblower? Who has rights to data deletion?