With all the hot new technology aimed at making your network bigger, better and faster, designing a document retention policy is probably not the most exciting task on your to-do list.

But it’s necessary to avoid the fines that’ll come when your company fails to meet your industry’s retention compliance requirements.

Here are some tips to writing a policy that covers all the bases:

• Different industries have different retention requirements, such as the healthcare industry’s HIPAA regulation, so tailor a policy to what’s required of your company.
• Talk with the experts about what material should be included. Outside legal counsel, regulatory tool kits and fellow IT managers can tell you what documents to include in your policy.
• Make sure your policy states the reason for retention of each type of document (HIPAA, Sarbanes-Oxley rules) and adjust the policy when changes in laws are made.
• Identify which staff members should have read and write permissions to documents.
• Don’t mix documents with different retention requirements. Keep documents with 10-year requirements in one section, and documents with 20-year requirements in another.
• Let each division or office set the retention policy for their own operational documents, as long as they don’t conflict with existing requirements.

Tags: documents, HIPAA, legal, policy, regulatory, retention, Sarbanes-Oxley