On 6/15/05, Patrick Cunningham <[log in to unmask]> wrote:
>
> I've been publicly taken to the Listserve woodshed in the past for
> advocating the approaches I outline below, but they are other options,
> provided that you have good controls and procedures in place.
Getting out woodshed transportation device... $150
Traveling to Patrick's current location... $500
Picking up Patrick for a trip to the woodshed... Priceless!! =)
But seriously folks... =| Patrick does raise some sound examples of
situations that work well in certain organizations and one of the key
factors he presents here is the regular review and updates by departments of
the RRS to ensure it's still valid. And in many cases, it's the same people
who review and sign this that would be reviewing and signing the destruction
notices, so it's sort of 6 of one, half a dozen of the other. If they'll
take the time to review the schedule, it would seem they would take the time
to review the destruction notices (?)
> Annually, we run our destruction eligibility reports. We notify General
> Counsel, Internal Audit, and Tax that we are about to proceed with
> annual destruction and request that they submit any holds on records
> that are required. In general, we'll get inquiries from them to send
> them reports on specific records or specific departments to review.
> Once we have heard from those areas, we proceed with destruction,
> excepting any holds.
So this is essentially a "destruction review lite", they are informed about
the process and if there's areas that may be impacted, they have the right
to suspend destruction... the only difference is it happens at a higher
level than the "owning organization".
The exception to this process is records that we retain on behalf of
> our outsourcing clients. Because these records do not belong to our
> firm, we are following the client's RRS and the client must give us
> approval before we destroy their records.
And this is an identical process to that followed by most of the
respondents thus far, and for the same reason. The only difference is "don't
belong to our firm" rather than "don't belong to RIM, but belong to our
organization". And I think if the great majority of the records population
are typical administrative and process business records this is fine.
However, if you're in a Research and Development, Engineering, Science and
Technology or other similar environments where the potential value of
certain records may not be realized until 2-10 years after they're
generated... it's in your best interests to check with your "Clients" prior
to destruction.
This process has worked well for our firm. It may or may not work for
> your organization.
And this is the critical point, what works for one, doesn't necessarily
work for all.
What it avoids is chasing people who won't sign the
> destruction notice, no matter what.
We experience some of this, but we have a process to deal with it as
well... first notice to individual who transmitted the records for storage;
second notice to same individual, CC Records Liaison Officer for the
organization; third notice to Department Administrator asking where records
should be delivered to for them to review... usually we don't have to go
past second notice.
It also avoids the instances where
> people put holds on destruction "because". (I've been smacked around on
> this on the List because people feel these are inadequate reasons...(SNIP)
We require a solid reason, and the maximum extension allowed is generally
one year. They are clearly informed as to why there is an assigned retention
period and that there may be some risk associated with retaining records
beyond that period, and the decision (and ultimately the responsibility) is
theirs.
> The risk is that we somehow miss a known hold. That is a particular
> concern on my part, but firm policy requires all subpoenas to route
> through General Counsel (under pain of termination), including any
> litigation notices from clients.
Well, now it's not enough to have a process to address known holds and
subpoenas, you have to keep the old crystal ball spit-shined and make sure
your policy is responsive to "all possible or potential litigation" and so
there's not always something formal to route around. However, the earlier
mentioned notice to legal should avoid any improper handling of information
and keep things that might be impacted from being destroyed in accordance
with the approved RRS.
Otherwise, non-response was indication that
> destruction could occur. (Again, I've been smacked around for this
> process as well since there are a million reasons that someone would
> open an email -- or a delegate open the email -- but not respond when
> they intended to respond.
This is a system designed to fail though. You can't expect automated
responses to provide an indication that someone agrees or disagrees with
something, only that they received it. It's just like the periodic "Listserv
Subscription Probe" we all get.
But these went out "RESPONSE REQUESTED,
> URGENT", yadda yadda yadda.
Oh yeah.. I get these all the time, but usually they're followed by
something telling me I've won the Lottery in some foreign land, inherited
16M USD, I'm the long lost nephew twice removed of someone of royalty, yadda
yadda yadda =)
You have to
> understand how your organization works and where the particular issues
> are. A key factor is communication and reinforcement of messages.
Again, a critical piece of information. Design the system that works for
YOUR organization, don't look for a "Silver Bullet" or expect to find a "one
size fits all" solution.
People need to know that you will, in fact, destroy the records, and
> destruction is final. Furthermore, compliance is not optional and lame
> excuses are not acceptable.
One of the problems here, and I don't think it can be emphasized enough, in
most RIM Programs, you're offering a service to the rest of the
organization. At times, it's characterized as being an extension of their
filing space... providing a lower cost, more efficient alternative to
distributed use of space for filing throughout the organization for less
active and inactive information that still has a legal retention
requirement. And if you want people to value that service, then they need to
be confident that when information is sent to RIM to manage on their behalf,
it will be there when they need it. And this is why we ensure they provide
an authorization for destruction... because they may have sent it to us
years before and forgotten it was there, or an employee in their
organization who has since retired and they never KNEW it was there in the
first place.
>Since no one had responded suggesting these approaches, I felt that I
>should speak to them.
And I think they're all valid suggestions, and in certain cases, they may
fill the RIM needs of some organizations. I think that's why this Listserv
continues to be a "fluid resource" for people coming into the field of RIM.
Many haven't had the opportunity to experience the many ways there are of
addressing a common process such as records destruction and while there may
be many "best practices", they don't fit every situation.
Larry
(now that wasn't THAT bad, was it Patrick??) =)
List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
|