Legal requirements extend beyond routine business practices. In anticipation of potential litigation, organizations must be well-prepared. The discovery phase, where parties exchange information for court use, underscores the critical role of email retention. Preservation, often under a legal hold, ensures that emails and associated metadata remain unchanged and “frozen in time.”
Unlike emails retained for collaboration or continuity, subject to defined deletion dates, legal holds persist until the court matter is resolved. This means the content retains its unalterable state throughout the legal proceedings. Organizations, recognizing the legal significance of email retention, often leverage built-in retention functionality in platforms like Microsoft 365. This not only streamlines retention processes but also ensures preservation during litigation, all without incurring additional costs for each user in the organization. Understanding and adhering to these legal dimensions of email retention is crucial for organizations navigating regulatory landscapes and anticipating potential legal challenges.
Governments and their agencies make and update rules and regulations regularly that direct organizations and their employees to retain emails for a specified period.
Rulemaking body | Authorizing law or regulation | Applies to |
---|---|---|
Businesses with gross revenues of more than $25 million that do business in California, or that buy or sell customer data. | ||
Gramm-Leach-Bliley Act (GLBA), also known as the Financial Services Modernization Act of 1999 | Companies that offer financial products or services to individuals, like loans, financial or investment advice, or insurance. | |
European Union (includes European Economic Area) | General Data Protection Regulation (GDPR), a subset of the Charter of Fundamental Rights of the European Union | Any organization that collects information about people, or organization that processes that data on behalf of the collecting organization. |
Organizations operating within the UK, or offering goods and services to people within the UK. | ||
Health Insurance Portability and Accountability Act of 1996 (HIPAA) | Healthcare providers, healthcare businesses, and healthcare insurance providers | |
ISO 15489-certified organizations | ||
Sarbanes-Oxley Act (SOX) | Primarily public companies (with some federal evidence retention laws including all U.S. corporations). | |
All businesses doing business in the U.S. | ||
Banks and credit card issuers |
All organizations want to avoid going to court, but that is not always possible, so being well-prepared when the worst-case scenario arises. Once a company is aware of pending litigation, it prepares for discovery, which is the phase where both parties gather and exchange the information they intend to use in court.
From a records perspective, each party must not only make discovery materials available to the other but also preserve materials from the time of litigation notification. As discussed earlier, preservation means that no changes can be made to the information or its associated metadata. This is often also referred to as a legal hold. In the case of email, this means not only are emails saved and their content unchangeable but accessing them changes none of the associated metadata. In short, this content is frozen in time.
Unlike emails retained during the normal course of business for collaboration or continuity—which have a defined deletion date—legal holds must stay in place until the matter is resolved in the courts. Only then can those documents revert to their original retention schedule.
For many organizations, Microsoft 365’s built-in retention functionality can bring retention and preservation of emails for litigation to every seat in your company at no additional cost.
© Copyright 2024 harmon.ie. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies