Woman putting a legal document through a shredding machine

Records destruction is an integral part of any records management process. Not every record will be destroyed – many will be archived indefinitely – but others have a natural lifecycle that ends with the destruction of that record after it becomes obsolete.

In fact, retaining some records past their “best by” date imposes certain costs on organizations. Even when stored electronically, every record adds storage and upkeep costs. They also make future records management tasks more difficult; for example, it can be harder to locate the “signal” in the noise – looking for a specific record is harder if you’re diving through an ocean rather than through a pond of collected records. Even more seriously, if you keep all records indefinitely, you’ll face unnecessarily worse exposure if you experience a data breach or other security issue.

Why wouldn’t you want to destroy records?

Still, destroying records can itself be high risk, and it’s important to take care when undertaking this necessary activity. For example, it can create legal risks. If records are destroyed unlawfully or if the destruction gives the appearance of spoliation – deliberately destroying (spoiling) potential evidence in litigation – the agency could be accused of an attempted cover up or obstruction. Basically, any time a regulatory agency, judicial court, or the public might view the destruction as questionable or improper, it’s best to avoid destroying the records.

It can also create operational risks when records needed for day-to-day business end up being destroyed. Inappropriate destruction of records can interfere with the organization’s ability to get its work done if critical information has been lost. That can negatively impact staff productivity; customer service; and, in extreme scenarios, public reputation.

So, how can you destroy records “defensibly”?

This is a non-trivial question, and its answer begins with ensuring there are underlying records management systems, processes, and policies in place. The decision to destroy shouldn’t be made haphazardly or left to individual employees. Instead, it should be guided by smart written policies and records retention schedules developed by subject matter experts with a clear understanding of the records lifecycle. This creates a defensible process under which records destruction can be justified and defended.

If records are to be destroyed outside of a standardized process, the organization must undertake (and, in some circumstances, document) some form of due diligence to ensure the records can be safely purged without operational or legal risk. In general, records disposal is best undertaken where there are no active, imminent, or probable lawsuits, investigations, or audits. Even then, destruction should always consistently follow established, written procedures.

How can you make sure records are destroyed appropriately?

As a final note, it’s important to realize that the decision to destroy is separate from the act of destruction itself. The latter has its own special considerations. For example, if the record contains sensitive information, it may need to be destroyed using special software or processes to ensure it can’t be retrieved later; a simple “delete” may be insufficient. This, in turn, requires access to the right records management technology and tools.

About PSL

PSL is a global outsource provider whose mission is to provide solutions that facilitate the movement of business-critical information between and among government agencies, business enterprises, and their partners. For more information, please visit https://www.penielsolutions.com or email info@penielsolutions.com.