A Security Reminder for the Traveling Employee – Encryption May Result in Data Compromise

Often people carry a laptop or tablet when traveling for business with no thought to potential restrictions. However, where travel takes you out of country there are additional considerations when it comes to data management. Specifically, not all data are created equal. There are different classes of data, from sensitive, confidential, restricted, public, and a…

Dawning Digital Dark Age

The accelerating pace of technology continues to change the way we communicate and do business. Systems, software, and file formats are in a constant state of flux, rapidly altering how we create, use, and store our data and documents. But the emphasis today is on innovation and productivity, often without consideration for how information will…

Keeping tax records: Is 3 years enough?

As tax day quickly approaches, the question might come up as to how long tax-related records should be kept. Your company might already have a records retention plan in place for its various records and data, based on legal requirements, common industry practice, or internal policy. Or perhaps, in the case of tax-related records, you…

What does a Permanent Retention Period Really Mean?

ARMA (Association of Records Managers & Administrators) defines a permanent record as a “record that has been determined to have sufficient historical, administrative, legal, fiscal, or other value to warrant continuing preservation.[i]” Continuing preservation implies that it extends for a long time, but just how long? Does retention end if the company goes bankrupt, or…

Tips to prepare for the EU Financial Instruments Directive’s communications preservation requirements

Implementation of the “Markets in Financial Instruments Directive” or MIFID II is most likely delayed until at least early 2017, but companies should not delay in taking steps to prepare for its elevated communications record-keeping requirements.  The EU Commission’s second MIFID broadly applies to any business that is involved in the distribution and/or trading of…

Anonymization and Compelled Destruction Requirements for Companies

INTRODUCTION Data privacy laws complicate the ability of companies to manage information by: (1) compelling their destruction before fulfilling business or operational needs; and (2) limiting how information can be shared or transferred. This article discusses anonymization techniques and options to deal with compelled destruction requirements for companies collecting and storing personal information for valid…