The number of cases where email is required to be produced and presented to a court as evidence is increasing. Current Federal Rules of Civil Procedure (FRCP) went into effect December 2006, and require businesses involved in federal court cases to identify, preserve and collect electronically stored information. These compliance rules are the latest among regulatory requirements that govern the storage and recovery of electronic information from traditional emails, instant messages (IM), text messages or any additional data stored on a computer. Most U.S. employers are subject to compliance with one of the following:
- Americans with Disabilities Act (ADA)
- Title VII of the Civil Rights Act of 1964
- Occupational Safety and Health Act
- Health Insurance Portability and Accountability Act (HIPAA)
In addition, all public companies must comply with the Sarbanes-Oxley Act of 2002, and financial services firms must meet SEC Rules 17a-3 and 17a-4 and National Association of Securities Dealers (NASD) 3010.
These rules govern the length of time business email is retained, the manner in which it must be preserved and specific message review requirements, validating the growing need for a centralized, multitasking mail repository. In addition, the increasing likelihood that email can be required for legal discovery encourages businesses of all sizes to enhance their email retention strategies to mitigate risk.
Quite often, trials which request email evidence are associated with an employees’ violation of corporate email policies and misuse of business email. Your employees may be distributing offensive email, passing confidential information to a third party, or simply using a company email address to send personal email. Are you ready to sacrifice your company’s productivity, revenue, reputation or even its survival by ignoring the risks associated with email misuse?
How can you prevent employees from violating your existing policies, and be sure that your company is able to provide electronic communications as evidence in a timely manner if needed?
IT administrators in many companies have the ability to monitor employee email, but trying to prevent violations of email use by checking every email after it is sent is inefficient.
Most companies perform regular backups of their employee’s email, however, these backups are not sufficient for companies to abide by the latest compliance rules. Data backup will help recover accidentally deleted or destroyed records, but backed up data cannot be considered as “archived” for a few reasons:
- Backups comprise unindexed data, and the process of information retrieval is usually very time-consuming and expensive.
- The integrity of backups is not guaranteed, and older backup tapes sometimes may not be readable due to data corruption.
- Traditional backups take periodic “snapshots” of active data, so information generated and deleted between backups will not be captured.
Benefits of Archiving
- Ease of data capture:
Data can be captured, indexed and placed into an archive without any involvement of IT staff or end-users.
- Ease of data retrieval:
An archiving system makes data retrieval, in response to an e-discovery order, much easier than searching backup tapes for the same information.
- Regulatory compliance:
Archiving enables businesses to preserve information in its original format, which is a necessary requirement for compliance with a wide variety of regulations that impose data retention and management.
- Storage management and optimization:
An archiving system can automatically offload data from email servers, resulting in better server performance and shorter restoration periods.
- Disaster recovery:
Archiving can help businesses recover from a disaster more quickly by providing an off-site copy of the most current data.
- E-mail policy enhancement:
You can set your archiving solution to create alerts when suspicious email is sent, and if an email policy violation occurred, take action immediately, mitigating risks and reducing negative impact on your business.
Unfortunately, small and medium-sized businesses often do not have the necessary archiving tools, IT personnel and training that will allow them to comply with the necessary regulatory requirements.
Hosted Archiving from mindSHIFT Online
mindSHIFT Online offers regulatory compliant archiving for small and mid-size businesses that need to retain emails for auditing and compliance needs.
Regulatory Compliant Archiving
mindSHIFT Online offers compliant archiving to provide customers with a security-enhanced and virtually tamper-proof archiving solution to meet a variety of legal and regulatory demands placed on your electronically stored data. This service is deployed over the Internet, does not require an upfront capital investment or additional IT resources, and helps mitigate messaging risks before they reach the corporate network.
With our hosted archiving solution, copies of every email are stored in a security-enhanced online message repository. The archive system assigns a unique serial number and timestamp to each message as it is archived. Enhanced text indexing allows archived messages to be searched by subject line, header, message body and more than 200 attachment file types.
Archived messages can be accessed through a secure web-based interface, and flexible search queries can be used to quickly and easily locate necessary information. Users can conduct a variety of actions on retrieved messages, such as tag, file, export, forward via SMTP, and restore.
You will also be able to set alerts that can be sent to your corporate HR or compliance manager each time an email with a suspicious “keyword” is sent. You can flag keywords such as “sex”, “easy money”, “boss”, “medication”, “patient record”, “meds”, “SSN”, “ID number”, “client file”, “job”, “career”, and “resume”. These words can be located in the subject, body or attachments of emails and action can be taken immediately after a violation occurs.
For example, you may have an employee who is sending out resumes to your partners or customers from his corporate email address looking for a new job. Not only does this mean that you may want to look for another person to fill this position, but it also results in lost productivity from that employee and possibly the team in which they work. It may also have a negative impact on your business’ reputation. Do you want to continue paying for the time that your employee uses to look for another job?
In most cases, email misuse at work is associated with employees sending out offensive email to their colleagues. This can be also monitored with alerts for certain keywords. Some employers might suppress such behavior by warning the employees; others would terminate the relationship with the employee after finding out that email with offensive content had been distributed. In this case, it is also important to preserve the email messages so they can be used as evidence in a court proceeding, should the employee file a wrongful termination suit.
Features of mindSHIFT Online’s Regulatory Compliant Archiving:
- NASD 3010, SEC 17a-4, Sarbanes-Oxley and HIPAA compliant
- Captures all incoming, outgoing and internal messages to a separate server
- Integrates with existing or hosted email infrastructure
- Flexible retention thresholds
- Archived in two separate fully redundant data centers
- Stored offsite and away from your Exchange server
- No large upfront capital expenditure – you pay for usage
- Full-text search and retrieval on all parts of message including attachments
- Web-based interface for search, alerts and administration
- Real-time alerts to the compliance of HR manager when suspicious email is sent
- Seamless restoration of deleted email
- Disaster recovery for electronic communications
- Reduced litigation discovery costs
- Easy-to-use evidentiary reports and monitoring features
- Ease of data capture:
Still have a few questions that you want to talk over? You can chat with one of our cloud computing experts now.
Email: Email us at info@mindSHIFTOnline.com
Phone: Call us at 855-535-7262