A retention schedule policy is essential to your organization’s record management practices. The schedule provides guidelines on the duration in which records are kept, and the appropriate protocol on how the items are discarded. However, creating a retention schedule can be complex and requires careful consideration.
Before creating and applying your retention schedule, you must have a clear idea on the collection of the records you will be handling. Certain records may be expected to be kept for different lengths of time due to pertinent regulations or purposes.
Following these steps will help you implement a compliant retention schedule that will suit your organization’s needs. A well-defined schedule enables organizations to enhance data governance and mitigate risks.
Merging your Record Types into a Retention Schedule
After defining your business requirements, you will have a list of all the record types in the organization as well as their associated retention periods.
This is essentially your Retention Schedule skeleton, which you can then refine to your own likings by adding additional components which you believe would be beneficial to include as part of your record lifecycle. Such as, what should happen to your records once their retention period is over?
Some companies state that the records can just simply be destroyed and some state each record should be reviewed prior to their destruction in case the record still holds value for the organization.
Example: Our retention schedule for our "Recruitment Records" (Record Classification) could state, that it contains all documents collected during the hiring process (Description) and should be retained for 2 years (Retention Period) from the hiring decision date (Retention Start Date) and since it contains personal private information, it should have a sensitivity level of "Confidential" (Sensitivity) and be reviewed before destruction (Disposition Action).
Implement your New Record Management Policy:
Now that you have a retention schedule, is it time to implement it.
There are multiple ways to implement a record management policy, however we do recommend going digital with a system that can comply with the rules and requirements you have defined in your retention schedule.
Once your retention schedule has been implemented, make sure to test and report on its compliance with your policy. This will allow you to mitigate potential risks of records being destroyed without review or prior to the end of a retention period and so forth.
Make sure you can audit the performance of the implementation and make any changes were necessary.
Once everything is implemented according to the policy, consider offering an end user training to the staff that was not involved in the policy creation. Showing users how the policy will affect their day-to-day work and other related information, will in turn increase the end user compliance when dealing with your new records management policy.
Maintain your Policy
As your business evolves over time, whether that be in terms of business scaling or new compliancy laws, it is important to adapt accordingly. Records Management is an ever-changing process which needs careful periodic review, especially to remain relevant and accountable.
As mentioned above, there are several moving pieces in a Records Management Policy. Therefore, if there are any changes that occur over time, it is important to consider its effects on your policy. Changes could be internal, including as the adjustment of operational goals or the eventual obsolescence of a department, or external, such as modified digital privacy laws.
Keep in mind that the longer you wait to make the updates to your policy, the longer it will take to update as more and more changes are going to occur. Therefore, we recommend conducting an annual review of any operational, legislative, and/or business requirements that may have impacted your Records Management Policy. Proactivity and awareness will promote efficiency and data protection.
About Cadence Solutions
Jordan Uytterhagen founded Cadence Solutions starting on the client side of the table. His mandate has been to help organizations struggling with digital transformation implement projects without losing their trust and confidence. Our solutions include automation of human resources, finance, accounts payable, contract management, document capture, drawing and records management, as well as managed services. Cadence Solutions has proven, time and again, that our client's projects will be successful because we are authentic with unmatched experience.