Its not just state law that needs to be worried about. Certain regulations HIPPA,SOX, etc have data retension requirements for certain types of data. Some data needs to be kept for months- years and other types can be tossed out as soon as you're done with them. Basically I'm saying a blanket 60 day policy may not comply with some regulation you are under, but may work for a vast amount of the email.
On Wed, Jan 19, 2011 at 10:04 AM, Craig Freyman <[email protected]>wrote: > In our state, for a private company, this is legal. > > > On Wed, Jan 19, 2011 at 7:55 AM, Tim Krabec <[email protected]> wrote: > >> A blanket policy of 60 days may not even be legally valid/permissible. >> There are many requirements to hold certain types of data for specific >> periods of time and if that information is stored in email, then it must be >> kept. >> >> On Wed, Jan 19, 2011 at 6:52 AM, Bigger Thomas <[email protected]>wrote: >> >>> >>>> >>>> >Yep, like costs of a breach can lead to stupid security spend. If >>>> >only we scored the hourly rate of lawyers... >>>> > >>>> >Somewhat wandering off topic here, but- >>>> > >>>> >Has anyone dealt with forensic recovery being mandated in an >>>> >e-discovery situation yet. Court-ordered, or at least lawyer demanded >>>> >under fear of court ordering it? >>>> > >>>> >If so, what does that mean for the way we store and delete email? >>>> > >>>> >>>> >Jack >>>> _______________________________________________ >>>> Pauldotcom mailing list >>>> [email protected] >>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>>> Main Web Site: http://pauldotcom.com >>>> >>> >>> >>> I deal with these type of requests almost weekly lately. We have the >>> same 60 day policy in place, however when a request of this type comes in, >>> we are required to got to every local machine and search for any mail >>> archive. We are also required to search laptops, black berries, iphones and >>> any other portable device the user has. Once we have any legacy emails >>> recovered, when then put a "hold" in place and save any other new data >>> created based on the request. As I understand it, the policy of only >>> storing email for 60 days does not require us to produce email or documents >>> from an earlier period, however our Legal department has requested that if >>> we discover data out of policy that it is still collected. >>> >>> >>> Not sure if that helps at all. >>> >>> >>> _______________________________________________ >>> Pauldotcom mailing list >>> [email protected] >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >>> >> >> >> >> -- >> Tim Krabec >> Kracomp >> 772-597-2349 >> www.kracomp.com >> www.smbminute.com (podcast) >> tkrabec.com >> >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > -- Tim Krabec Kracomp 772-597-2349 www.kracomp.com www.smbminute.com (podcast) tkrabec.com
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
