The ARMA Information Governance Principles are very relevant to today’s world of mobile communications. There are 8 of them all together, and in this blog series we will discuss 7 of them in great detail. In our last blog we discussed the principles of integrity and transparency.
This entry will be our final of the series and will focus on Retention and Disposition.
The Principle of Retention states: An organization shall maintain its records and information for an appropriate time, taking into account its legal, regulatory, fiscal, operational, and historical requirements.
The Principle of Disposition states: An organization shall provide secure and appropriate disposition for records and information that are no longer required to be maintained by applicable laws and the organization’s policies.
When we talk about retention and disposition in regards to mobile devices, we must talk about two different kinds of time frames. You must think about how long a message should reside on the device and how long it must reside in your repository of record for compliance purposes. It is important to note, that the best practice is to place your mobile text messages in your repository of record, such as your email archive, records management system or an application such as the patient care solution if you are in healthcare. In those systems of record, the messages can be stored in accordance with the corporate retention schedule, they can be secured in a repository that acts as the single source of truth and they can be accessed and discovered in the same way as all other information in those repositories.
The mobile device itself is a different story. How long does one really need a mobile communication, such as text or chat, to live on the device? These types of communications are typically just-in-time, and therefore should be stored only for a short period of time, while it is active plus some number of hours or days. This is where you must create a policy that makes sense for your organization and the needs of the business workflow. It may even vary by groups, departments or geographies. This is a new concept in retention and disposition and must be thought through to protect the content shared between mobile devices as well as the device itself. Further, having a single source of truth reduces discovery burden, as you will not need to recall devices in a discovery event if communications are systematically removed from device storage.
So, what is to be done to accommodate the accepted method of communication while still ensuring the proper retention and disposition of enterprise text messages
- Make sure that you have a retention/disposition policy for the text messages and the device.
- Ensure that a copy of all text messages are placed into your repository of record when required by availability
- Ensure that a copy of all text messages are placed into your repository of record when required by compliance.
- Dispose of the copy of record on the same schedule as other similar content items
In short, as we said before, go ahead, allow secure texting for your business needs, do it wisely and you will not regret it. In fact, your business will flow faster and you will remain in compliance. Further, you will gain more control over retention and disposition of your mobile communications, as well as better discovery outcomes.
To find out more about how secure messaging can help you enforce information governance principles at your organization and further benefit your mobile workforce, contact us.
Contributor – Galina Datskovsky