Canon Business Process Services have released a survey of executives concerning their organization’s records management program. The survey was of 222 C-level employees at large organizations. Industries represented include financial service, pharmaceuticals, insurance, and technology. All respondents were from organizations with annual revenue over $100 million.
The most interesting result was that only 15% of the organizations had done a risk assessment on the record retention policy at the company. It is unclear how the length of their retention periods was determined. Every company needs to develop a record retention policy that outlines how long records should be maintained for legal and business reasons. This is determined by federal laws, state laws, and industry requirements.
A record retention policy will also outline who has access to what type of documents. It will also set security standards for how the records are stored. Finally, a good retention policy will then spell out how the documents are destroyed. This may be done by on-site shredding or off-site shredding depending on the type of document and the potential risk if not secured.
After the standards are issued to all employees then the work is not done. There should be ongoing audits of the company to ensure that the retention of periods are still valid. Laws covering document retention continue to evolve on the state and federal level. According to this survey the followup is not happening.