On April 13, 2006, the U.S. Supreme Court approved amendments to the Federal Republic of rules and procedures for the treatment of Civil electronic documents in the same way that the documents have been treated in the process. The amendments came into force Friday 1 . December 2006, forcing the e-mail, instant messaging, chat, electronic correspondence and other forms of electronic documents and communication technologies available if the federal studies. State and local jurisdictions can adopt the new rules as a guideline set of principles.
Even if the amendments to the FRCP does not articulate a specific penalty for the violation, firms that are unable to provide electronic documents in litigation could suffer losses, be unable to prove a claim, or could, in disregard of court judgments or technical violations.
This has the practical application and the true meaning which it has data archiving and retention policies. For example, in my experience as a Technical Director in the past, I would advise companies to develop that policy will be permanently deleted e-mail records after 45-day period. The court would admit to our own data archiving and retention practices to ensure adequate time for retaining such records, meanwhile, so that the natural potential society to delete e-mail evidence obtained during discovery. This measure would not be criminal, it was practical: To ensure that the scope of liability for the company and the complexity of the data archive. If the data are based on our own policies, then they were not sufficient for the discovery.
Now, after 1 December changes, this may no longer be recommended. This scheme is a commitment to disclosure of electronically stored data and store this data as we would paper records with similar content. Even in legal discovery holds now apply to electronic records which can force companies to e-records in advance of audits, investigations, or litigation. In short, the legal landscape has changed and companies must be prepared to their storage and archiving of data for a major overhaul in 2007. Companies should:
1. Your data classification policies to identify electronic forms of communication covered by the new e-discovery guidelines. Time frame for the storage, the responsibilities for access, destruction, guidelines should be established. This has more significance if the company is subject to HIPAA, GLB, FERPA, and other forms of protected personal, private information (PPI) regulatory process.
2. Customize your data archiving and retention policies to the new expectations for the data lifecycle. These include the first round of data backup for business continuity, then the second round of data archiving for business continuity, then the third round for the monument. The connection between the classification and retention policies should be clear: the data classification process and provides guidelines for the handling, storage and archiving policies to carry out technical procedures, the classification mandates.
3. Review and adapt business continuity and disaster recovery measures to restore the specific forms of data in the data classification policy after a disaster event.
4. Review media destruction and a clear reception for media serialization, storage and destruction, as a part of the retention and archiving policies.
To summarize, the company should have a clear line that the intention of the management:
1. Contains information and data sources as appropriate targets for the discovery;
2. Clear strategies on how to, retain, store and destroy such information and data sources;
3. Set clear procedures lead to the classification, storage and archiving policies.
Russell Mickle works a technology consultant in Battle Ground, WA, USA. With more than thirteen years experience, holds a Mickle CISSP, MCSE, a Masters in Information Technology, and pursued his doctorate at Walden University. His website can be found at http://www.micklerandassociates.com, he can be reached at mickler@micklerandassociates.com
0 ความคิดเห็น:
แสดงความคิดเห็น