Sixty-five percent of US public and private organizations do not have an enterprise-wide records management policy and program, putting them at risk to face the heavy fines and loss of brand equity associated with non-compliance with state and federal regulations, according to a study of nearly 2000 general counsels, CIOs and records management professionals by Iron Mountain. However, 61 percent of organizations surveyed stated that they are committed to records management improvement and are in the process of identifying plans for continuous development.

"We developed the assessment survey to help our customers understand how well their records management programs stack up against industry norms and best practices," said Richard Reese, chairman and CEO of Iron Mountain. "The survey is a tool to help businesses uncover hidden risks of non-compliance and implement a plan to reduce those risks and costs. Iron Mountain is uniquely positioned to help companies do both."

Key findings of Iron Mountain's Compliance Benchmark Study include:

* Records management oversight is unclear: 73 percent of organizations state that oversight responsibilities are ‘not clearly defined’ and steering committees have limited participation from key stakeholders. As a best practice, businesses should establish a senior level steering committee to provide oversight and strategic direction and clearly define and designate roles and responsibilities to its employees.

* Records retention is solid: 81 percent of all organizations have a retention schedule that serves as the lynchpin for a compliance program and provides a blueprint for all records management activities. As a best practice, businesses should adopt and apply a universal records retention schedule across all business units, and all records, regardless of media format.

* Record retrieval is usually accurate and quick: although participants differ in their own assessments of the speed at which they can retrieve active records from on-site filing areas and off-site storage facilities, 90 percent rate their ability to do so as effective and accurate. This indicates that most people are generally satisfied with their ability to retrieve records, and that most seem to understand the basics of record storage, indexing and retrieval. The success of a records management program hinges on the ability to access information for business support, litigation response, and/or regulatory compliance. To avoid sanctions or loss of rights, organizations should institute policies and procedures that facilitate timely and effective record recovery.

* Secure destruction practices are inconsistent: only 38 percent of organizations described a consistently applied program for the appropriate disposal of confidential information. Federal and state privacy laws require the secure destruction of virtually all documents that contain personally identifiable information. Therefore, it is important for records disposition to be an inherent and consistent element of an organization's overall records management program, covering both active and inactive records. Standard destruction policies should be set at the corporate, rather than departmental, level and should be reviewed by the proper legal and compliance professionals.

For additional information on the Compliance Benchmark Study or to download a copy of the abstract, please visit http://www.ironmountain.com/benchmark (registration required).

•Date: 9th October 2007• Region: US •Type: Article •Topic: BC statistics
Rate this article or make a comment - click here