Departing Employees and the Importance of Saving Their ESI

This is one of my posts up on TMA that I thought would be interesting to revisit due to the high unemployment rates we've been seeing. It seems like there are probably a lot of job losses out there (10% is a lot of unemployed) and companies should be prepared in processing employee data correctly. The consequences of not doing so can be stiff indeed. Read below for more:

Virginia Henschel of Lexis Nexis wrote an interesting piece on the perverse logic of the New Hampshire Attorney General’s Office ESI (non)retention policy.  She is right that government agencies can’t just delete their departed employees’ ESI.  Private corporations can’t hide their heads in the sand either.

Although there are too many examples of sanctions for failing to preserve departed employees’ ESI for just one blog post, I must point out that in May, FINRA fined Piper Jaffray $700,000 for email retention failures and disclosure violations. And this wasn’t Piper Jaffray’s first time through the wringer. Back in December of 2002, leading investment houses including Goldman Sachs, Morgan Stanley, Deutsche Bank, and Piper Jaffray failed to preserve e-mail and were fined a total of $8.25M . As FINRA reports on Piper Jaffray (emphasis mine):

FINRA discovered Piper Jaffray’s continuing email retention deficiencies when its investigators requested all emails sent or received by a former firm employee suspected of misconduct…When reviewing the CD-ROM’s contents, however, FINRA discovered that one particular email was not producedthat investigators had already obtained in hard copy form…Only after further inquiries about that missing email did the firm finally inform FINRA of the intermittent email retention and retrieval issues it had been experiencing firmwide…

It is clear that retaining departed employees’ ESI is an essential component of any good enterprise-wide records management, compliance and eDiscovery system. Employees leaving the company present a formidable compliance challenge for companies and government agencies.  Many companies mistakenly rely on their IT departments to save the hard-drives of the departing employees as well as the departing employee’s mailbox and network drive ESI.  Not only does this waste corporate resources (do you really need all that data?  for how long?), it is also creates increased legal and compliance risk.

I believe that a robust file and e-mail archiving system is needed to ensure 100% capture and storage of this type of ESI.  This system must be customizable so that an organization can consider legal and economic factors to ensure that information is retained as long as necessary, but no longer. Just because ESI can be deleted at the click of a button does not mean you aren’t responsible for it. Many will learn this lesson the hard way, while the ones who are prepared will save significant time and money.