A fundamental element of any information governance program is for organizations to have a defensible records retention schedule (RRS).
There has been growing regulatory focus around privacy compliance records separate and apart from those containing personal information.
When setting the retention rules for their information governance programs, organizations may find that for certain categories of information, there is no applicable law or regulation that mandates retention.
The use of contemporary business communication and collaboration tools including chat and instant messaging applications has resulted in a potential recordkeeping compliance gap where there is a legal requirement to retain business records. While in the past many organizations carved out these newer and less conventional forms of electronic business communications from their formal records retention practices, this approach has become increasingly less viable. Regulators have been responding with additional requirements and guidance for instant…