Are There Any Smart E-mail Retention Policies?

An anonymous reader writes "In an age of litigation and costly discovery obligations, many organizations are embracing policies which call for the forced purging of e-mail in an attempt to limit the organization's exposure to legal risk. I work for a large organization which is about to begin destroying all e-mail older than 180 days. Normally, I would just duck the house-cleaning by archiving my own e-mail to hard-drive or a network folder, but we are a Microsoft shop and the Exchange e-mail server is configured to deny all attempts to copy data to an off-line personal folder (.PST file). The organization's policy unhelpfully recommends that 'really important' e-mails be saved as Word documents. Is anybody doing this right? What do Slashdot readers suggest for a large company that needs to balance legal risks against the daily information and communication needs of its staff?"

Project Completion and Architectural Decisions

[StandardCell]

A balance needs to be struck between the negatives of two strategies:

* Perpetual archiving of e-mail - wastes server disk space, increases tape backup volume, and (more notoriously) can leave "clues" that predatory litigators salivate over.
* Non-archival of e-mail - internal accusations and decisions can't be resolved, difficult to track decisions and their history, circumventable by printing the e-mail with headers.

The solution is as follows:

1. Digest only the final decisions of e-mails and the essential reasoning thereof, or make a digest of the decisions in a collaborative project wiki where buy-in from the stakeholders can be tracked.

2a. Upon project completion (ISO9000-type project gating), archive all project files, documentation and essential digest e-mails.
2b. Simultaneously destroy all other e-mails using secure forensically-unrecoverable techniques to prevent accidental recovery by thieves.

3. Any other e-mails regarding general architectural or administrative decisions which have implications for future development in the company should be digested, placed on a company wiki, and then the remainder securely destroyed.

Using this method, any questionable or potentially illegal decisions can be greatly avoided or reduced from a purely legal perspective while retaining sufficient information to continue operations and development. This policy won't end all legal issues, but the key is to have procedures that are centered around the guise of IT efficiency and operational simplicity to purposely dispel any other alleged intent by third parties that expressed or implies destruction of future evidence.

Re:imap?

[Skrapion]

It's not unreasonable in such a litigious society.

In a litigious society, wouldn't it be best to save all of your email, so you can use it to protect yourself in court?

If you're deleting all your email, then the only evidence that will come out in court will be from the people suing you.