Microsoft’s browser takes back the Edge with streamlined settings
October 30, 2024
As a business owner or corporate manager, you likely have a digital storage facility for your documents. Companies must retain digital copies of documents like bank statements and tax returns to comply with regulations.
However, there's no one-size-fits-all rule for retention times across all records. As a result, you'll need to create adocument retention policy (DRP) and categorize your files.
This post outlines the retention guidelines and best practices for records in your organization.
Digital document retention guidelines require companies to store their records for one, three, or seven years, depending onthe document type. In some cases, you'll have to keep the documents permanently.
If you don't know what to keep and what to delete, your lawyer, accountant, or state agency can provide you with guidance. Many agencies have requirements on document retention.
You must keep deeds, real estate appraisals, formation records, trademarks, patent registrations, and bills of sale indefinitely.
Companies must retain job applications, resumes,and employment advertisements for at least a year. Employers must keep Documents relating to exposure to agents harmful to an employee's health for a minimum of 30 years. You'll need to keep OSHA accident forms for at least five years.
The company must retain all licenses, permits, and insurance policy documentation until they receive updates to these documents.
Companies must retain business banking, investment, credit card statements, and cancelled checks for seven years.
Companies must retain tax accounting records, year-end financial statements, and depreciation schedules for up to seven years. Your CPA may recommend keeping these records indefinitely.
Firstly map out the types of data you have.
As an example, is it legal, accounting, tax, operational or personal data?
The data classification process can help you understand the types of data you have on your company network.
It's worth asking the question in each department about the types of data they have as there is a case.
An example, when the sale department might be making new sales – you may assume that sales data is just held in the CRM and relates to business or customer contacts.
Still, if the sale itself is being processed and credit card details are on file, then this touches upon financial data, and there are strict rules on how credit card data must be handled.
When classification is complete, the next step is to research your local laws and what the data retention period needs to be for each data type.
This can be a more significant piece of work, and it's recommended that you seek outside help with this step so that you stay compliant.
Tools such as Microsoft's information protection system, which is a feature built into Microsoft 365, can help you scan the company network and enforce strict policies on the retention and sharing of data.
If you would like help creating a data retention policy and enforcing it with Microsoft tools, get in touch with us.
