Record Keeping Redux

• Posted by Geoffrey G. Gussis on May 31st, 2005


• Filed in Guides, Tips and Practice Pointers, IT/Software/Internet, Risk Management & Compliance

Computerworld has an article and series of sidebars on the importance of good record keeping in an increasingly digital age.  As the article points out, the regulatory environment is now mandating practices that can prove daunting for many companies:

"Companies must also comply with myriad local and
federal regulations that vary by industry. For example, SEC Rule 17
requires that brokerages store records in a nonrewritable, nonerasable
format. Sarbanes-Oxley Act Section 802 requires some records to be held
for seven years. Other requirements are triggered by events, such as
health care regulations that require records to be kept for a certain
period after a patient’s death."

The costs of non-compliance can be staggering:

"In 2004, for example, Banc of America Securities
LLC was fined $10 million and Philip Morris USA Inc. and Altria Group
Inc. $2.75 million for failing to produce e-mail records in a
reasonable time frame and failing to preserve documents after being
told to do so."

The article also links to a sidebar that contains additional horror stories - not a bad article to forward to your CIO and MIS departments to make sure they are on the compliance bandwagon.