How healthy are UK law firm’s Data Retention Policies?

By: In: Information Management at Work On: Dec 02, 2016
How healthy are UK law firm’s Data Retention Policies?

Legal firms store a significant volume of critical and confidential records, But in today’s data-driven world, how many of them are doing what it takes to ensure compliance and protect sensitive information?

Quick answer—not enough.

According to a new Iron Mountain research on professionals within the UK legal sector, document retention regulations and information management processes and policies—two of the most important components in ensuring compliance and managing informationrisk—were found lacking at a concerning number of firms.

To be fair, it’s not all doom and gloom. Most of the surveyed firms did have a high level of awareness and sensitivity towards the document retention process. For instance, 96% of respondents knew how long their organisation was allowed to keep documents.  It’s just when it came to these executing on these policies, many had numerous “misunderstandings, inconsistencies and failings that needed to be addressed and amended. “

More specifically:

  • 26% of organisations believed that there is a lack of consistency, process and strategy when it comes to digitisation plans and strategies.
  • 20% of organisations agreed that employees struggle to understand digitisation plans and therefore make up their own rules.
  • 56% of organisations reported that responsibility and accountability for paper-based and electronic documents falls in different departments.
  • 30% of organisations agreed that too much remained on paper that no-one is accountable for.

Granted, these percentages aren’t staggeringly high. But employees making up their own rules, passing the buck on document retention to other departments or flat out having no accountability for paper-based records is nevertheless alarming. Security breaches and compliance violations don’t take much, so the barrier between secure information management and thousands of dollars in fines and untold reputation damage is razor thin.

How do you measure up?

To start, UK legal firms should consider the above metrics and ask themselves the following questions:

  • Do I have a digitisation strategy in place?
  • Is that strategy codified across organisations?
  • What department owns data retention?
  • Who is responsible for paper-based records? Digital?

If you cannot answer all of these questions confidently, your data retention policies might not be ideal. After all, it’s clear from the survey that there is not yet a high enough standard of streamlined processes among organisations, with different departments having their own practices and, therefore, potential failing.

For more on how UK Legal firms are handling data retention, we invite you to read the complete report, Documentation in UK Legal Firms

← How to Digitise Legal Records: A Six-step Guide Take it to the top: How you can promote information responsibility in your business →

Leave A Comment

About the author

John Apthorpe

John Apthorpe, Commercial Director, Iron Mountain John Apthorpe heads up Iron Mountain’s business services sector in the UK. His primary objective is to lead and drive commercial strategy and business development activities across a range of large corporate organisations and ensure Iron Mountain is the market leader in records and information management. Prior to joining Iron Mountain in 2005, John was with IT content delivery firm Akamai, where he was responsible for the sale and implementation of cloud based SaaS solutions for customers. With over 20 years experience, John has also held a number of senior roles with IT companies. His experience of working with large corporate clients extends to organisations from all industry sectors, although he has specialised in working with commercial organisations including Iron Mountain’s largest energy clients over the past three years. John holds an MBA from Henley Management College and a BA (Hons) in business studies.