Minimizing the use of trigger events to increase records retention compliance.
It can be difficult to comply with records retention requirements that are based on trigger events, so many organizations are seeking to replace them with straight retention time periods. This article outlines approaches for doing this for six trigger events that are commonly used in retention schedules.
When records management primarily addressed paper records, it was manageable to comply with retention periods that included event codes, or trigger events, which are requirements that must be fulfilled before the time for the disposition of that record begins. People kept files, and when they completed a project or a contract ended --which triggered the retention period to begin--they evaluated the records, removed what they did not need, kept what they needed, and cleared up space for future records.
Today, employees create most records electronically, storing and saving official records and non-record information in multiple locations, including on hard drives, flash drives, shared drives, laptops, personal devices, tablets, e-mail accounts, and the cloud. In this electronic environment, using trigger events in a retention schedule is much more difficult for organizations to manage.
For example, if the trigger event for a record is "termination of employment plus three years," the employee must have been terminated before the calculation of three years begins. Then, someone must notify the person responsible for managing that record about the termination to ensure that the retention clock starts ticking, wherever that official record lives.
This is actually an easy example because most organizations can put a date on when an employee leaves. But, when does a contract expire or is a policy superseded?
Some organizations' electronic records management systems (ERMS) efficiently address trigger events, while others struggle to create clear rules for handling trigger events. If the organization struggles with this, an ERMS will not provide the solution, proper disposition of the records will not occur, and the organization will have compliance issues.
To resolve this, many organizations are seeking ways to eliminate retention times based on trigger events and are using instead straight retention time periods, in which the time for calculating the disposition of a record begins at its creation.
Trigger Events to Be Minimized
The following sections outline approaches for eliminating or minimizing six trigger events that are commonly used in retention schedules. By following these approaches, a records manager can create a schedule that restricts trigger events to those that are necessary, allowing an ERMS to work more efficiently and the organization to be in better compliance with its retention requirements.
Expiration of Contract
The most common trigger event in a records retention schedule is "expiration of contract," and too often it is used unnecessarily for what are essentially transactional contracts, such as purchase agreements, shipping contracts, and short-term service projects.
If the performance of a contract is completed within a year, the records retention schedule should not use "expiration of contract" as a trigger event. The schedule should merely state the number of years to retain that contract and the information related to it.
Some contracts do require longer durations to perform, such as financing, long-term leases, or construction contracts. A trigger event may be necessary in those cases, but these would then be a separate category in a schedule.
There is also no reason an insurance contract should contain "expiration of contract" as a trigger event. Insurance companies limit the duration of their contracts, typically to one year, so they can review and adjust their risk frequently and regularly.
This means that if an organization chooses to keep an insurance contract for 10 years after expiration, it should just assign it an 11-year retention period. The organization will have the same result--and it will be able to manage the disposition of that record in its system.
While some conflicts result in lengthy litigation, most are resolved, or the parties agree to disagree, within a short period. "Final resolution" as a trigger event for these types of records is inefficient because it is difficult to determine when a conflict is actually resolved unless it is settled by a third party, such as a court, mediator, or arbitrator.
Second, this trigger is unnecessary because the record retention issue can be resolved by adding a reasonable amount of time for the resolution to the retention period. For example, if the desired retention period is three years after resolution, simply add two years and make it a five-year retention period. This approach works well for customer service call center records or records addressing employees' minor complaints.
This approach does not necessarily apply to litigated matters, which must be retained through final resolution. But that is manageable because "final resolution" has a clearly defined date.
Many schedules use "protection period" as a trigger event for intellectual property. For the most part, patents have a set protection period of 20 years under 35 U.S.C. [section] 154, and most countries also use 20 years as their standard.
Therefore, instead of using the trigger event, the organization--even if it is global--can simply add 20 years to the desired protection period. So, for example, an organization that wants to keep patent records for 30 years after the protection period expires can use the 20-year standard for the protection period and make the retention period a straight 50 years.
The same can be done with copyright protection by adding 95 years to the desired retention period after the protection period (see 17 U.S.C. [section] 302). For example, if the organization wants to retain its copyrighted material for five years after the copyright protection period, it can simply make the retention period 100 years. (This approach does have limitations with trademarks, which can be renewed. See 15 U.S.C. [section] 1058 and 15 U.S.C. [section] 1059.)
Life of Product
Manufacturing categories often refer to "life of product" for quality and engineering files. Life of product, or model life, is commonly considered to be the estimated duration of a product from the moment of its entry into the market until its withdrawal.
In most cases, a manufacturer can predict this duration. For the purpose of records management, the organization must define the life of product because employees will otherwise apply inconsistent durations or will never dispose of the records.
To determine a standard product life, an organization's records manager should work with its engineers to understand the product's reasonable life expectations and with legal counsel to ensure it complies with any product life standards established through regulations or liability considerations. Once an organization establishes a product life, it can use that product life, plus any additional time it requires, and have a straight retention time instead of one based on a "life of product" trigger event.
People sometimes cite examples of products that have outlived such predictions, but for the purposes of records retention, the goal is to have a standard that's based on reasonable expectations of the product life, not a guarantee that the product will never exceed that duration.
For many organizational policies and plans, the retention schedule uses "until superseded" or "after superseded" as a trigger event. If a policy or plan has an indeterminate or long life, that may be necessary. But many plans and policies are updated regularly. Each revision and update creates a new policy or plan.
For example, organizations may update compliance programs annually to ensure that they comply with the latest regulations and case law. Yet, they use "superseded" (instead of one year) plus the desired retention time for these company plans and policies in their retention schedules.
The same applies to non-pension benefit plans and policies. If these are updated annually, the schedule could delete the term "superseded" and add one year to the desired retention time since the revised and updated policies are essentially new records.
Many records are tied to projects, and many retention schedules reflect these records by using "project completion" as the trigger event. But are these projects so long in duration that they actually need this trigger event? If the project is normally completed within a year, or even two years, it would be easier to add that time to the desired retention period and eliminate the trigger.
Straight Time Benefits
Taking this approach offers records managers an opportunity to minimize the use of trigger events in their records retention schedules, but it will not eliminate trigger events entirely. In some cases, trigger events are necessary or are the easiest way to manage retention--for example, for annual reviews, contracts with long performance periods, final resolution of litigation, life of property or equipment, life of plan for pensions, superseded policies with indefinite durations, and termination of employment.
Where it is possible, minimizing the use of trigger events in records retention schedules by deferring to a straight retention time for most of its records will allow an organization's ERMS to more effectively handle the disposition of electronic records and greatly increase compliance with retention requirements. Compliance with retention requirements will ensure regulatory observance, reduce discovery costs, make records easier to find, and mitigate the risk of security breaches. Minimizing the use of event codes on the retention schedule is a tool to achieve those benefits and allow the retention schedule to function properly.
Tom Corey, J.D., CRM, can be contacted firstname.lastname@example.org. See his bio on page 47.
Tom Corey, J.D., CRM, is an attorney and Certified Records Manager focusing in the area of records and information management for Consilio LLC. This includes developing records retention schedules that comply with domestic and international requirements. Corey received his juris doctor degree from the Charlotte School of Law, is licensed to practice law in North Carolina, and is an active member in the local bar association and the American Bar Association's Administrative Law and International Law Section. He can be contacted at email@example.com.
|Printer friendly Cite/link Email Feedback|
|Publication:||Information Management Journal|
|Date:||Jul 1, 2016|
|Previous Article:||Five steps in-house counsel should take to mitigate information risk.|
|Next Article:||Software updates may be compromising your IG.|