Re: Email Policy Changes

[Tim Krabec <tkrabec () gmail com>]

Its not just state law that needs to be worried about.  Certain regulations
HIPPA,SOX, etc have data retension requirements for certain types of data.
Some data needs to be kept for months- years and other types can be tossed
out as soon as you're done with them.  Basically I'm saying a blanket 60 day
policy may not comply with some regulation you are under, but may work for a
vast amount of the email.

On Wed, Jan 19, 2011 at 10:04 AM, Craig Freyman <craigfreyman () gmail com>wrote:

> In our state, for a private company, this is legal.
>
>
> On Wed, Jan 19, 2011 at 7:55 AM, Tim Krabec <tkrabec () gmail com> wrote:
>
> > A blanket policy of 60 days may not even be legally valid/permissible.
> > There are many requirements to hold certain types of data for specific
> > periods of time and if that information is stored in email, then it must be
> > kept.
> >
> > On Wed, Jan 19, 2011 at 6:52 AM, Bigger Thomas <udiggity () gmail com>wrote:
> >
> > > > > Yep, like costs of a breach can lead to stupid security spend.  If
> > > > > only we scored the hourly rate of lawyers...
> > > > >
> > > > > Somewhat wandering off topic here, but-
> > > > >
> > > > > Has anyone dealt with forensic recovery being mandated in an
> > > > > e-discovery situation yet.  Court-ordered, or at least lawyer demanded
> > > > > under fear of court ordering it?
> > > > >
> > > > > If so, what does that mean for the way we store and delete email?
> > > >
> > > > > Jack
> > > > _______________________________________________
> > > > Pauldotcom mailing list
> > > > Pauldotcom () mail pauldotcom com
> > > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > > > Main Web Site: http://pauldotcom.com
> > >
> > >
> > > I deal with these type of requests almost weekly lately.  We have the
> > > same 60 day policy in place, however when a request of this type comes in,
> > > we are required to got to every local machine and search for any mail
> > > archive.  We are also required to search laptops, black berries, iphones and
> > > any other portable device the user has.  Once we have any legacy emails
> > > recovered, when then put a "hold" in place and save any other new data
> > > created based on the request.  As I understand it, the policy of only
> > > storing email for 60 days does not require us to produce email or documents
> > > from an earlier period, however our Legal department has requested that if
> > > we discover data out of policy that it is still collected.
> > >
> > >
> > > Not sure if that helps at all.
> > >
> > >
> > > _______________________________________________
> > > Pauldotcom mailing list
> > > Pauldotcom () mail pauldotcom com
> > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > > Main Web Site: http://pauldotcom.com
> >
> >
> >
> > --
> > Tim Krabec
> > Kracomp
> > 772-597-2349
> > www.kracomp.com
> > www.smbminute.com (podcast)
> > tkrabec.com
> >
> >
> > _______________________________________________
> > Pauldotcom mailing list
> > Pauldotcom () mail pauldotcom com
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: http://pauldotcom.com
>
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom () mail pauldotcom com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com



-- 
Tim Krabec
Kracomp
772-597-2349
www.kracomp.com
www.smbminute.com (podcast)
tkrabec.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com