The drivers behind compliance this year are quite similar to those of previous years, however there is a higher urgency in the field due to legal restrictions coming into force and penalties being handed out left, right and center. In general, the need for compliance is driven by various regulatory demands placed on companies by industry regulators and government agencies.
What acts are putting pressure on companies for compliance?
Some of the highest profile regulations in the US and the UK are the SEC, Sarbanes-Oxley Act, and HIPAA. In the US and the UK, the freedom of information acts have increased the buzz around email retention policies and the ramifications of not enforcing email retention polices. In terms of retention periods, they can vary from industry to industry but all will have a defined limit and destruction period depending on age. With an email archiving solution, these retention and destruction actions can be programmed in order to ensure compliance.
Compliance requirements mandate email is organized and archived. Records are kept to provide fully secure and audited logs of email activities.
General compliance best practices mandate organizations to:
- Keep copies of all emails.
- Keep records of all email transactions- both inbound and outbound and internal.
- Archive message in a secure, tamperproof format that is eDiscovery ready.
Non-compliance with these regulations can have severe impacts on businesses. Recent court cases such as the Zubulake case have highlighted the damage that can be done when companies do not live up to their responsibilities in terms of email management. We advise all of our readers to examine their email archiving and retention policies with a fine toothcomb and ensure they are in line with compliance regulations.
Download our White paper "Email Archiving - Simple steps to Compliance" for information on how to best protect your organizations from legal fines.