Preventing the pile up
Best practices for document retention and destruction
While most businesses rely heavily on digital data, it’s nearly impossible to eliminate the use of hard copies. From firewalls and antivirus, to passwords and encryption, rigorous controls are often in place to protect the digital side of things, but the same standards may not be in place for physical documents.
If hard copies pile up, businesses leave themselves open to significant risks, including data theft and compliance issues.
Before purging all of your documents to help maintain security, it’s important to understand what retention requirements your company may need to adhere to. Unfortunately, there is no blanket retention rule that applies across all documents.
From federal regulations like the IRS’s tax audit procedures and HIPAA’s medical record requirements, to state and local provisions like South Dakota’s Bureau of Administration records management program, businesses are required to keep up with numerous laws and regulations to ensure proper document retention and destruction. You can check with your accountant, lawyer or state record-keeping agency for guidance if you’re unsure what regulations apply to you.
Scheduled document retention
Best practices for document retention typically require businesses to store records for one, three or seven years. However, in some cases, records should be kept indefinitely. Common retention guidelines include:
- Legal documents: Business formation records, contracts, property appraisals, deeds, trademark registrations, bill of sale documents and other ownership records should be kept indefinitely.
- Business federal tax returns: Federal tax returns should be kept for three to seven years, depending on the circumstances. However, if a return is not filed, the IRS recommends keeping records indefinitely.
- Accounting documents: Accounting records applicable to taxes, including depreciation schedules and year-end financial statements, should be kept for at least seven years. Many certified public accountants (CPA) recommend keeping accounting records indefinitely.
- Bank statements: All business banking, credit card and investment statements, as well as canceled checks, should be kept for a minimum of seven years.
- Insurance, permits and licenses: Permits, licenses and insurance policy documents should be kept until replacements for expired ones are received.
- Payroll, tax and benefits records: Employers should keep payroll records for at least three years. If covered by federal anti-discrimination laws, businesses must also retain records showing the reasoning for paying different wages to employees of opposite sexes. Employee tax records should be maintained for four years, and benefits records such as plan documents and termination records should be kept for six years after an employee has left the organization.
- Hiring records: Job advertisements, applications and resumes should be kept on file for at least one year.
If there are records you’re unsure about, the Uniform Preservation of Private Business Records Act (UPPBRA) states that whenever a law does not specify a retention period, businesses should keep their records for at least three years.
Safe document storage
Once you understand how long records need to be retained, you must decide how they will be stored. If documents are kept in their physical form, make sure they are kept in a secure and monitored location. Implementing a clean desk policy that requires employees to safely store documents before leaving the office each day can also help to keep documents secured. As an added benefit, such policies tend to reduce clutter and increase productivity.
When documents are ready to be archived, digital scanning is a good option for electronic retention, however, before destroying the original physical document, consider if the document is potentially relevant to a complaint or claim that might result in litigation. If so, you’ll want to keep the original copy safely stored as well.
Secure document disposal
Whether you are shredding documents after the digital conversion process, or disposing of hard copies that have reached their expiration date, it’s important to ensure all sensitive documents are securely destroyed.
Choose a reputable shredding company that will guarantee all papers and media are securely shredded and recycled if possible. Many companies offer convenient locking bins for secure, in-office collection with routine shredding services to prevent build-up or data breaches. Onsite shredding can also provide complete transparency, so you can watch as your documents are shredded before they even leave your location, providing you with peace of mind to know the job was done right.
As director of business development at SEAM (Secure Enterprise Asset Management, Inc.), Levi Hentges helps clients build and manage their data destruction programs to comply with legal, corporate and environmental requirements surrounding their physical documents, media and technology devices.