On 6/15/05, Patrick Cunningham <[log in to unmask]> wrote: 
> 
> I've been publicly taken to the Listserve woodshed in the past for
> advocating the approaches I outline below, but they are other options,
> provided that you have good controls and procedures in place.

   Getting out woodshed transportation device... $150
Traveling to Patrick's current location... $500
Picking up Patrick for a trip to the woodshed... Priceless!! =)
 But seriously folks... =| Patrick does raise some sound examples of 
situations that work well in certain organizations and one of the key 
factors he presents here is the regular review and updates by departments of 
the RRS to ensure it's still valid. And in many cases, it's the same people 
who review and sign this that would be reviewing and signing the destruction 
notices, so it's sort of 6 of one, half a dozen of the other. If they'll 
take the time to review the schedule, it would seem they would take the time 
to review the destruction notices (?)
 

> Annually, we run our destruction eligibility reports. We notify General
> Counsel, Internal Audit, and Tax that we are about to proceed with
> annual destruction and request that they submit any holds on records
> that are required. In general, we'll get inquiries from them to send
> them reports on specific records or specific departments to review.
> Once we have heard from those areas, we proceed with destruction,
> excepting any holds.

 So this is essentially a "destruction review lite", they are informed about 
the process and if there's areas that may be impacted, they have the right 
to suspend destruction... the only difference is it happens at a higher 
level than the "owning organization". 

The exception to this process is records that we retain on behalf of
> our outsourcing clients. Because these records do not belong to our
> firm, we are following the client's RRS and the client must give us
> approval before we destroy their records.

  And this is an identical process to that followed by most of the 
respondents thus far, and for the same reason. The only difference is "don't 
belong to our firm" rather than "don't belong to RIM, but belong to our 
organization". And I think if the great majority of the records population 
are typical administrative and process business records this is fine. 
However, if you're in a Research and Development, Engineering, Science and 
Technology or other similar environments where the potential value of 
certain records may not be realized until 2-10 years after they're 
generated... it's in your best interests to check with your "Clients" prior 
to destruction. 

This process has worked well for our firm. It may or may not work for
> your organization.

 And this is the critical point, what works for one, doesn't necessarily 
work for all.

 What it avoids is chasing people who won't sign the
> destruction notice, no matter what.

 We experience some of this, but we have a process to deal with it as 
well... first notice to individual who transmitted the records for storage; 
second notice to same individual, CC Records Liaison Officer for the 
organization; third notice to Department Administrator asking where records 
should be delivered to for them to review... usually we don't have to go 
past second notice.

 It also avoids the instances where
> people put holds on destruction "because". (I've been smacked around on
> this on the List because people feel these are inadequate reasons...(SNIP)

 We require a solid reason, and the maximum extension allowed is generally 
one year. They are clearly informed as to why there is an assigned retention 
period and that there may be some risk associated with retaining records 
beyond that period, and the decision (and ultimately the responsibility) is 
theirs.


> The risk is that we somehow miss a known hold. That is a particular
> concern on my part, but firm policy requires all subpoenas to route
> through General Counsel (under pain of termination), including any
> litigation notices from clients.

 Well, now it's not enough to have a process to address known holds and 
subpoenas, you have to keep the old crystal ball spit-shined and make sure 
your policy is responsive to "all possible or potential litigation" and so 
there's not always something formal to route around. However, the earlier 
mentioned notice to legal should avoid any improper handling of information 
and keep things that might be impacted from being destroyed in accordance 
with the approved RRS. 

Otherwise, non-response was indication that
> destruction could occur. (Again, I've been smacked around for this
> process as well since there are a million reasons that someone would
> open an email -- or a delegate open the email -- but not respond when
> they intended to respond. 

 This is a system designed to fail though. You can't expect automated 
responses to provide an indication that someone agrees or disagrees with 
something, only that they received it. It's just like the periodic "Listserv 
Subscription Probe" we all get. 

But these went out "RESPONSE REQUESTED,
> URGENT", yadda yadda yadda.

 Oh yeah.. I get these all the time, but usually they're followed by 
something telling me I've won the Lottery in some foreign land, inherited 
16M USD, I'm the long lost nephew twice removed of someone of royalty, yadda 
yadda yadda =)

You have to
> understand how your organization works and where the particular issues
> are. A key factor is communication and reinforcement of messages.

 Again, a critical piece of information. Design the system that works for 
YOUR organization, don't look for a "Silver Bullet" or expect to find a "one 
size fits all" solution.

People need to know that you will, in fact, destroy the records, and
> destruction is final. Furthermore, compliance is not optional and lame
> excuses are not acceptable. 

 One of the problems here, and I don't think it can be emphasized enough, in 
most RIM Programs, you're offering a service to the rest of the 
organization. At times, it's characterized as being an extension of their 
filing space... providing a lower cost, more efficient alternative to 
distributed use of space for filing throughout the organization for less 
active and inactive information that still has a legal retention 
requirement. And if you want people to value that service, then they need to 
be confident that when information is sent to RIM to manage on their behalf, 
it will be there when they need it. And this is why we ensure they provide 
an authorization for destruction... because they may have sent it to us 
years before and forgotten it was there, or an employee in their 
organization who has since retired and they never KNEW it was there in the 
first place.
 >Since no one had responded suggesting these approaches, I felt that I
>should speak to them.

And I think they're all valid suggestions, and in certain cases, they may 
fill the RIM needs of some organizations. I think that's why this Listserv 
continues to be a "fluid resource" for people coming into the field of RIM. 
Many haven't had the opportunity to experience the many ways there are of 
addressing a common process such as records destruction and while there may 
be many "best practices", they don't fit every situation. 
 Larry
(now that wasn't THAT bad, was it Patrick??) =)

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance