Maintaining electronic communications in business involves walking a fine line. Employees want relevant information to be kept available for future reference so that they can do their jobs, but keeping these items long-term can pose security and resource risks. Server hard drives can fill up, or stolen data (even if outdated) might pose a threat to the organization. There are legal requirements to consider as well, so it’s important to establish a firm set of guidelines for the retention and disposal of email, instant messaging, and voicemail.
The purpose of this policy is to establish requirements for the retention and destruction of company electronic communications. Specifically, this policy establishes and describes how the company will manage the retention and destruction of electronic mail (”email”), instant messages, and voice messages and classifies such corresponding retention periods, which are to be strictly enforced unless longer retention is required by contractual obligations, federal, state or local law, rule or regulation, or for litigation purposes.