In the growing age of Big Media, it is imperative now more than ever that companies and organizations develop and maintain a Records Retention Policy, otherwise known as RRP. An RRP is a policy that defines a company or organization’s legal and compliance bookkeeping requirements. An RRP ensures that corporate documents are managed and destroyed in a way that is lawful, effective, and efficient.
When establishing an RRP, there are several key questions to keep in mind. Who is responsible for overseeing the RRP? How long should records be retained? What type of records should be retained? What should we do with those records after the required retention period has passed?
Within any type of business, there are a multitude of records you’ll need to keep track of, from accounting and bank records to corporate and employee information, just to name a few. Just as the type of record may vary, so does the retention period. Let’s break down some of the more important record types and retention periods.
It is a good rule of thumb to keep the majority of accounting records permanently. These types of records can range from income taxes, asset records, training manuals, general ledgers, and more. Patents and related papers, insurance claim documents, legal correspondence, capital stock and bond documents require permanent retention, along with real property records, such as deeds, bills of sale, and appraisals.
While the majority of accounting records should be kept permanently, there are some types that you can safely destroy after a period of seven years. These types of records can be in the form of electronic payment records, employee expense records, inventory listings, and timecards. These records are still crucial to your accounting team but are not necessary to harbor forever.
When it comes to employee benefit and personnel records, the retention period can vary. Any financial statements, documents from the Internal Revenue Service (IRS) and Department of Labor Correspondence, and plan and trust agreements should all be kept permanently.
Normal employee personnel files, employment applications, individual employee contracts, and employment applications should be kept on file for two to three years from the date of termination. Other personnel records, such as worker’s compensation and employment eligibility forms can be kept for three to five years.
Insurance records, such as accident reports and settled claims, fire inspection and safety reports, and expired insurance policies should all be kept for seven years. It’s important to note that any accident reports and settled claims should be kept for seven years from the date of the settlement, not when the accident occurred. When it comes to legal documents, the retention period can vary. Records of expired contracts and leases and employment agreements can be kept for seven years, but other documents, such as effective contracts and leases, meeting minutes, partnership agreements, and legal correspondences should be kept permanently.
It is also important to keep in mind that records are not just paper documents but can consist of electronic documents and data as well. This includes, but is not limited to, word processing, emails, databases, spreadsheets, and so forth. Any device on which files are stored, optical media, flash drives, and HDDs or SSDs are considered to be electronic documents and must follow the same RRP guidelines the corporation sets forth for paper documents retention and disposal.
The disposal of these records is just as important as retaining them. Having an appropriate shredder is crucial to ensuring that your data is not falling into the wrong hands.
Although the non-permanent records are no longer required to be kept in your possession, this does not mean that the information on those records has necessarily expired or become any less important. If records are disposed of in an unsecured manner and important corporate or employee information falls into dishonest hands, the results can be catastrophic for both the corporation and the employee. (You can read about the monetary consequences of data breaches here.)
In conclusion, establishing an RRP is a crucial step in ensuring that corporate documents are managed and destroyed in a way that is lawful, effective, and efficient. Management of these records include, but is not limited to, securing the information they contain, even upon disposal of those records. Records that no longer require retention should be destroyed by means of shredding, disintegration, or degaussing, whichever is appropriate depending on the storage method and applicable industry regulatory requirement. Although it is not necessary for a corporation to maintain the same destruction requirements as a government facility, the proper destruction should not be considered any less vital. With any company or organization policy, an RRP relies on its employees to maintain and enforce it.