Scarinci Hollenbeck, LLC
The Firm
201-896-4100 info@sh-law.comWhat Is Defensible Deletion and Should Your Business Be Doing It?
Author: Scarinci Hollenbeck, LLC|February 19, 2021
Defensible deletion can save you both time and money...
What Is Defensible Deletion and Should Your Business Be Doing It?
Defensible deletion can save you both time and money...
Defensible deletion can save you both time and money...
Although Punxsutawney Phil recently predicted six more weeks of winter, warmer weather is hopefully around the corner. While your business data may not make your list when it comes to spring cleaning, it probably should. Defensible deletion can save you both time and money.
Defensible Deletion Basics
The term “defensible deletion” refers to the practice of systematically disposing of data that is no longer needed for legal, regulatory, or business purposes. Data that should be discarded typically falls into one of three categories: redundant, obsolete and trivial (“ROT”).
The premise of defensible deletion is that, in the absence of a statutory, regulatory, or other preservation obligation, information should be disposed of as soon as the likely business value of retaining it is outweighed by the costs and risks of retaining it. In most cases, it is perfectly legal to delete business data. As the Supreme Court noted in Arthur Andersen LLP v. United States, 544 U.S. 696 (2005):
“Document retention policies,” which are created in part to keep certain information from getting into the hands of others, including the Government, are common in business. It is, of course, not wrongful for a manager to instruct his employees to comply with a valid document retention policy under ordinary circumstances.
Benefits of Defensible Deletion
Numerous studies have shown that employees waste valuable time searching for key business data. According to one survey, employees spend an average of two and a half hours a day searching for information.
The amount of data that businesses collect also continues to grow exponentially. Overall, ninety percent of the world’s data was generated in the past two years. For businesses, managing the increasing amount of data, particularly electronically-stored information (“ESI”), is becoming both burdensome and expensive.
Deleting electronically stored information in a systematic and defensible way has significant benefits, including reduced data storage costs, lower risk of losing key documents, and greater efficiency and faster retrieval of data. Defensible deletion can also lower your compliance and litigation risks.
Implementing a Record Retention Program
Before deleting any information, businesses must be sure that they understand what data they are storing, the value of the data to various groups in the organization, and what regulations govern the data and how long it must be retained. Below are several steps to consider:
- Assemble Your Team: Developing a records retention policy requires consultation with a number of subject matter experts, including law, compliance, privacy, information technology, and tax professionals. In order for the program to be successful, you must also have buy-in from the company’s top executives.
- Establish a Records Retention Policy: At minimum, the policy should define what types of records it governs and establish a retention schedule for each category of records. Once you have established a records retention program, it is imperative to publish the record retention schedule and train employees on compliance.
- Enact Procedures for Legal Holds: Businesses must also have procedures in place to preserve information potentially relevant to litigation that is active, pending, or reasonably anticipated.
- Identify ROT Targeted for Deletion: While your records retention policy will help you moving forward, businesses may also want to clean out redundant, obsolete and trivial data currently being stored. To avoid unintentionally deleting needed data, businesses should establish criteria for identifying and verifying ROT. In most situations, it is advisable to start small with low-risk data and gradually expand to higher-risk data.
- Document the Process: It is imperative to keep written records of the entire process, including the identification and disposal of ROT. These documents can later serve as evidence that you acted in good faith in deleting the data.
- Regularly Review Your Policies and Procedures: Records retention policies must also be regularly evaluated, particularly given rapidly changing data privacy regulations.
Key Takeaway
A comprehensive records retention program allows you to quickly find information, saving both time and money. In addition, it may even assist in shielding you from liability in the event of a lawsuit or government audit. For guidance, we encourage you to work with experienced legal counsel who can help ensure that you both manage your data and protect your legal interests.
If you have questions, please contact us
If you have any questions or if you would like to discuss the matter further, please contact me, Corey LaBrutto, or the Scarinci Hollenbeck attorney with whom you work, at 201-896-4100.
Key Contacts
Let`s get in touch!
What Is Defensible Deletion and Should Your Business Be Doing It?
Author: Scarinci Hollenbeck, LLC
Defensible deletion can save you both time and money...
Although Punxsutawney Phil recently predicted six more weeks of winter, warmer weather is hopefully around the corner. While your business data may not make your list when it comes to spring cleaning, it probably should. Defensible deletion can save you both time and money.
Defensible Deletion Basics
The term “defensible deletion” refers to the practice of systematically disposing of data that is no longer needed for legal, regulatory, or business purposes. Data that should be discarded typically falls into one of three categories: redundant, obsolete and trivial (“ROT”).
The premise of defensible deletion is that, in the absence of a statutory, regulatory, or other preservation obligation, information should be disposed of as soon as the likely business value of retaining it is outweighed by the costs and risks of retaining it. In most cases, it is perfectly legal to delete business data. As the Supreme Court noted in Arthur Andersen LLP v. United States, 544 U.S. 696 (2005):
“Document retention policies,” which are created in part to keep certain information from getting into the hands of others, including the Government, are common in business. It is, of course, not wrongful for a manager to instruct his employees to comply with a valid document retention policy under ordinary circumstances.
Benefits of Defensible Deletion
Numerous studies have shown that employees waste valuable time searching for key business data. According to one survey, employees spend an average of two and a half hours a day searching for information.
The amount of data that businesses collect also continues to grow exponentially. Overall, ninety percent of the world’s data was generated in the past two years. For businesses, managing the increasing amount of data, particularly electronically-stored information (“ESI”), is becoming both burdensome and expensive.
Deleting electronically stored information in a systematic and defensible way has significant benefits, including reduced data storage costs, lower risk of losing key documents, and greater efficiency and faster retrieval of data. Defensible deletion can also lower your compliance and litigation risks.
Implementing a Record Retention Program
Before deleting any information, businesses must be sure that they understand what data they are storing, the value of the data to various groups in the organization, and what regulations govern the data and how long it must be retained. Below are several steps to consider:
- Assemble Your Team: Developing a records retention policy requires consultation with a number of subject matter experts, including law, compliance, privacy, information technology, and tax professionals. In order for the program to be successful, you must also have buy-in from the company’s top executives.
- Establish a Records Retention Policy: At minimum, the policy should define what types of records it governs and establish a retention schedule for each category of records. Once you have established a records retention program, it is imperative to publish the record retention schedule and train employees on compliance.
- Enact Procedures for Legal Holds: Businesses must also have procedures in place to preserve information potentially relevant to litigation that is active, pending, or reasonably anticipated.
- Identify ROT Targeted for Deletion: While your records retention policy will help you moving forward, businesses may also want to clean out redundant, obsolete and trivial data currently being stored. To avoid unintentionally deleting needed data, businesses should establish criteria for identifying and verifying ROT. In most situations, it is advisable to start small with low-risk data and gradually expand to higher-risk data.
- Document the Process: It is imperative to keep written records of the entire process, including the identification and disposal of ROT. These documents can later serve as evidence that you acted in good faith in deleting the data.
- Regularly Review Your Policies and Procedures: Records retention policies must also be regularly evaluated, particularly given rapidly changing data privacy regulations.
Key Takeaway
A comprehensive records retention program allows you to quickly find information, saving both time and money. In addition, it may even assist in shielding you from liability in the event of a lawsuit or government audit. For guidance, we encourage you to work with experienced legal counsel who can help ensure that you both manage your data and protect your legal interests.
If you have questions, please contact us
If you have any questions or if you would like to discuss the matter further, please contact me, Corey LaBrutto, or the Scarinci Hollenbeck attorney with whom you work, at 201-896-4100.
