Glossary

Record Retention Policy

Depending on the specific industry, companies are subject to different record retention requirements. Whether it is finance, banking, insurance, law, or any other type of business, certain types of information must be retained for designated periods of time as part of company records. To comply with these requirements, companies create policies around how they store records, where they store them, how long they must be retained, and how they should be disposed of at the appropriate time.

What is a Record Retention Policy?

A record retention policy deals specifically with how long records must be archived for, under what conditions, and how to discard the records at the end of the designated period. 

Most record retention policies include the following components:

  • A description of the policy’s overall purpose
  • A list of the specific types of documents that must be retained
  • The length of time that each type of document must be kept
  • Detailed process for storing documents securely
  • Explanation of who has permission to view particular records
  • Clear instructions for discarding records when the time comes

How to Create a Record Retention Policy

Following are the steps involved in a creating a record retention policy:

  • Audit existing data – conduct a full audit of all internal and external files, including hard copies in filing cabinets and electronic copies stored on servers or messaging systems. Categorize and label each record based on their department or function, such as HR, legal records, financial statements, etc.
  • Identify legal requirements – determine which federal, state and/or local laws apply to the business and which types of documents must be saved and for how long.
  • Draft the policy – write a document that clearly defines all aspects of the record retention policy, including an overview outlining the purpose and value of such a policy as well as who the policy applies to and what types of documents are covered. The record retention policy itself should include: 
  1. Each category and the records included in it
  2. The retention length requirements for each type of record
  3. Clear instructions for disposing of each type of record
  4. Security protocols including who has access to each type of record and any password-protection requirements
  5. Contact information so that employees know where to turn if they have questions about the record retention policy
  • Map records – once the policy is finalized and it is clear which types of documents need to be retained and for how long, the long process of mapping each existing document to the appropriate policy begins. 

Once the policy is created and finalized, it should be reviewed and updated every couple of years or if there are any relevant changes to rules and regulations. It is also important to ensure that all employees are aware of the record retention policy and how it applies to them. Regular checks should be made to be sure that employees are following the policy’s rules and that nothing is falling through the cracks.

How LeapXpert Can Help

Among the records that companies need to retain are electronic communications, including messages sent via email or instant messaging applications. LeapXpert’s communication platform makes it easy to capture and archive any work-related communication as part of a record retention policy.