Please note: This information is not legal advice. Check with a qualified attorney before taking any of the steps recommended below.
Is your office buried in paper?
Even in the age of cloud storage, most businesses process hundreds or thousands of paper documents every year. These tend to pile up because we assume that holding onto everything is the best way to avoid legal headaches down the road. But you also have a legal obligation to protect any personal information in those stacks of paper. And storing documents longer than necessary increases the risk of mismanagement or theft.
To minimize security risks, you should create a record retention policy for your business that spells out how long documents should be kept and how to safely dispose of them after that time has passed.
This can be intimidating, so we created a step-by-step guide to help you get started.
Businesses should establish record retention guidelines that follow the law and keep personal information out of the wrong hands. An effective record retention policy:
Unless you run a very small business, setting record retention guidelines shouldn’t be a one-person job. Recruit representatives from each department in your organization. A committee approach will limit mistakes and ensure your policy makes sense for everyone.
Your team’s first task is to understand all the document types your business handles and create a labeling system. It doesn’t have to be complicated; the goal is to make it easy to categorize documents as they’re created so each can be retained and/or destroyed as appropriate.
Your document categories will depend on the specifics of your business, but we’ve put together some examples of what you can expect to see.
Example Document Types:
|Shipping and Receiving Documents:||
Next, your team will need to research the legal requirements for retention and destruction that apply to your document categories. These laws will differ based on your industry and your location. A law firm in Ohio may be subject to different rules than a doctor’s office in Texas.
Begin your research using these resources:
For General Information:
For Law Firms:
For the Health & Medical Fields:
It can be difficult to track down the legal requirements for all the documents your business deals with. So, it’s important to document your research process. *Ask your lawyer about the best way to go about this.
If you’re ever in legal or regulatory trouble over some aspect of your retention policy, you may be able to use this documentation to show that you made a good-faith effort to follow the law.
Note that laws often state that you must retain a certain document type without specifying how long. In states that have adopted the Uniform Preservation of Private Business Records Act (linked above), documents with no specified retention length can usually be destroyed after three years.
Many businesses choose to follow this guideline even if their state hasn’t adopted this standard. As with any decision with legal implications, talk with your lawyer before making this choice for your own business.
After researching your industry’s record retention requirements, it’s time to use that information to set your retention schedule.
A retention schedule should list all the document types your business handles and state how long each must be kept before destruction. You can organize your schedule as a table, a list or in any other format you feel would make it easy for your staff to follow.
Once you’ve created your retention schedule, train your employees on how to use it and make sure that the schedule is saved in a shared location so everyone can refer to it as needed.
Your record retention guidelines should also spell out how to store your documents safely and securely during their retention period.
How to Store Business Documents Properly
The final step in creating your record retention policy is to specify how documents should be disposed of at the end of their retention period.
Guidelines for Proper Disposal of Personal Information
With a smart record retention policy in place, your business will run more efficiently and you can rest easy knowing important information can’t easily fall into the wrong hands. Check out our Advice & Resources page for more guides that might be helpful for your business.