Objective The Email Creation & Retention Policy requires all users of company email to manage and protect email communications as company records. The intent of this policy implies that most email should be retained for 3 years or less. This requirement includes email on company servers, laptop or desktop hard drives and any other electronic media or peripheral device such as a CD, memory stick or thumb drive. It also includes paper versions. In an effort to measure compliance with this direction, Corporate Compliance has been conducting a monthly analysis of the volume and age of Outlook calendar and email items on company email servers. These items are categorized into:
* Items that are 1 -3 years old * Items that are > 3 years old As a result of this analysis, Corporate Compliance has initiated an effort to reduce the number of calendar and email items to ensure compliance with email retention requirements. To give you a better understanding of these requirements, here are some highlights from the Email Creation & Retention Policy. 1. Email should only be retained on company equipment. 2. Email should be deleted as soon as it is no longer required. 3. Email should be retained based on its content, consistent with the company retention policies. Email should be disposed of when the retention period is complete. 4. If an email does not appear to be covered by a company record retention policy, then the following retention applies. See the Email Creation & Retention policy for more examples. * Email in the "Sent" and "Deleted" items folders is automatically deleted after 30 days from the date the items were created in the folder. * Email of an informational nature, such as announcements, requiring no follow-up or acknowledgement should be retained no more than 30 days. * Email regarding day-to-day activities should be retained for no more than a year. Many of these emails can be disposed of in less than a year when the activity is completed. This type of email does not establish policy, guidelines, or procedures or certify transaction. * Email having potentially more value should be retained for no more than three (3) years. Examples include general correspondence, monthly and weekly reports, documents advising supervisors of various events, issues or status of ongoing projects. * 5. Destruction or disposal of email must cease when a non-destruction notice is issued by the Law Department. Benefits You may be asking yourself "Why should this matter to me?" Here are some reasons why this initiative is important: 1. Reduce resources and costs for email storage and backup 2. Enable SOX Compliance 3. Reduce discovery time and risks associated with legal matters 4. Comply with the Federal Rules of Civil Procedure by enforcing consistent disposal practices Some records are required to be kept for a certain time period based on legal and governmental requirements. Once the time period is satisfied, the records must be deleted. The basic guideline is that if a record is not needed, delete it! However, a non-destruct order from Legal supersedes the above rules. Jay Reische Enterprise Exchange Administrator Messaging, AD and DNS Phone: 309-748-9422 reische...@johndeere.com From: Mike Tellson [mailto:micha...@colonialsavings.com] Sent: Wednesday, April 28, 2010 4:32 PM To: MS-Exchange Admin Issues Subject: Retention Policy Management is considering changing what the current email retention policy parameters are. Our current policy is to purge all messages older than X days, but we do not restrict the use of PST files. This policy has encouraged most employees create PST files. This effectively has made the retention policy irrelevant. We are considering importing all PST data into an email archive product (yet to be purchased) and disabling the ability to use PST files. Because so many users do not comply with the existing policy we will probably change the policy to something that the user base is more apt to adhere to. What are your retention policies set to? What is the reason why you chose the settings you have in place?