Back to Blog

Top Tips to Automate Records Management

Nickie Ashton

Fundamentally, records management is about information governance, which in turn – given all the regulatory scrutiny that exists today – is key to minimising operational risk. Due to the continuous and exponential growth of data in a variety of formats, a manual approach to records management is likely to be a losing battle. On the other hand, a strategic, in-place and automated approach can make this function routine and ‘par for the cause’.

Here are some top tips for automating records management:

• Understand the document landscape

Complete visibility of the document landscape must be the first step to automation. Analyse the types of documents in the organisation’s document management system (DMS), breaking them down into clear categories based on everything from type of format through to ownership by department and practice areas. For instance, for a litigation matter, there would be a variety of documents stored in the DMS including emails, contracts containing personal data, commercial agreements and so on. The situation in an in-house legal department may be different as the information stored would be based on case files.

• Devise retention policies for different requirements

It’s always a good idea to have a combination of standard and document-specific retention policies. This will help ensure that all basis of retention is covered. For example, in an employment related matter, there might be a need for all the relevant documents to be put on a memory stick and handed back to the client – with ‘no’ records retained in the firm. But in a litigation case, the standard policy of disposing all information after seven years of the matter closing would apply.

• Assign individual responsibility for information retention and disposal

With law firms and legal departments holding highly sensitive, confidential and pertinent case-related information with long term implications, it’s advisable to assign individual responsibility for their retention and disposal. To illustrate, for a key law firm client, the M&A practice may have closed five matters, but there might be a possibility that due to the nature of those cases, the need to revisit them in the future may arise. Alternatively, the reason for their retention could be a ‘legal hold’ on the instruction of a court or authority. Listing the relevant fee-earners/Partners against the records pertaining to those matters will prove useful, should the need to re-open those files arises in say, five years’ time. The records management clerk will then be able to access that information easily. At the same time, there will be individual responsibility and accountability for holding that information beyond the standard retention policy of the firm.

• Enforce an approval process

Create workflow processes for approval for information disposal within the DMS to ensure that no data or information is inadvertently destroyed. Referring to the litigation example above, the records management policy could be set up so that a month before the end of the seven-year period, an alert is automatically sent to the designated fee earner, informing of the imminent disposal of the related records. This will offer the nominated individual the opportunity to reconsider the disposal of the information one last time before the data is destroyed.

• Embed records management processes end-to-end in the DMS

All the above-mentioned processes must be embedded in the DMS so that there is a firm/department-wide, uniform approach to information governance – regardless of whether the DMS is on-premises or in the cloud. Aside from fool-proof, scalable and intuitive records management, such an approach will provide complete trackability and auditability for legal hold and regulatory compliance purposes too.

Related Posts

Minimising Risk of Inadvertent Insider Threat

Image of Ascertus

The Ascertus Security Thought Leadership SeriesMinimising Risk of Inadvertent Insider Threat

Read more

The Ascertus Security Thought Leadership Series: Pt 2

Image of Ascertus

The Ascertus Security Thought Leadership SeriesSecurity Awareness and Training on ‘Accidental’...

Read more