CIOs Know That If They Can’t Find That Email, They’re In Trouble

Be careful before you hit the email delete button
Be careful before you hit the email delete button
Image Credit: Mixy Lorenzo

Sure, as the person with the CIO job, there are a lot of different things that you could be doing. However, have you ever spent any time thinking about the things that you should be doing? It turns out that given the importance of information technology it just might be what you and your IT team is not doing that may end up causing both you and your company the most trouble. In the world that we live in today, at any time your company may be sued. When this happens there just may be a request for electronic records – are you going to be ready to locate them?

What Is The Risk That CIOs Are Exposed To From Email?

It seems like it was not all that long ago that if someone made a request of your company for some records, such as emails, you could put them off for a long time as you claimed that you were having problems locating what they had requested. Well guess what, in the U.S. Federal e-Discovery laws have been changed and you are no longer able to claim that having to search for requested records is an unreasonable burden on the business.

Under the new rules, as the person in the company’s CIO position you are required to be able to produce the requested documents and do it quickly. If you can’t, then your company is going to be potentially facing a very large fine. They might even lose the case that the request was a part of. The problem that most CIOs are facing is that without a plan, they may not be able to fulfill the request for records.

What we need to realize is that locating requested documents can be very hard to do. If you have to find a specific requested email message on a storage tape then this is going to be both an expensive and a time consuming task for the IT department. Costs can be as high as US$500 / tape that has to be searched.

What Should A CIO Be Doing To Get Ready To Produce Records?

What all of these changes mean for you is that you need to be taking steps right now in order to prepare to be able to find requested records. What this is going to entail is creating a project within your IT department to deploy a set of e-discovery tools. These will be the tools that you use to search tapes and email archives for the documents that have been requested.

However, your responsibilities as CIO don’t stop there. You are also going to have to step up and help your company to create policies that describe the lifecycle of emails within your company. This will include which emails need to be retained, how they can be indexed, and under what conditions they can be destroyed. In order to create these policies, you are going to have to assemble a cross functional team.

Finally, just having a policy is not enough. You are also going to have to audit the people who are supposed to be following the policy. Your goal of performing these audits has to be to determine if the processes are being followed by everyone correctly. What you need to do is to convince everyone to take the correct actions regarding how their emails are handled.

What Does All Of This Mean For You?

We live in a world in which almost at the slightest offense, someone may decide to sue your company. This does not mean that they are going to win; however, as the company’s CIO you are going to be responsible to produce any requested records and produce them fast.

Recent changes in the law have removed excuses that firms used to be able to use that finding records was an unreasonable burden. Now it’s the CIO’s responsibility to make sure that any requested records can quickly and easily be produced. What this means for you is that you need to implement technology in order to be able to find records quickly. Additionally, you need to work with your company to design and implement a legal document retention policy.

No, getting served with a request to produce records is not what any CIO wants to have happen. However, someday it is going to happen to you. What this means is that you need to be taking steps right now to prepare for this eventuality. Get ready and when it happens you’ll be a prepared CIO.

– Dr. Jim Anderson
Blue Elephant Consulting –
Your Source For Real World IT Management Skills™

Question For You: Do you think that you should have a team assigned to managing your company’s records management and searching function?

Click here to get automatic updates when The Accidental IT Leader Blog is updated.

P.S.: Free subscriptions to The Accidental IT Leader Newsletter are now available. Learn what you need to know to do the job. Subscribe now: Click Here!

What We’ll Be Talking About Next Time

By now we all know that our firms are under an almost constant set of attacks from a wide variety of outsiders because of the importance of information technology. Some of these attackers are simply children who are just fooling around with their computes and are trying to see how far they can get. However, other attackers could be organized criminals or even state sponsored hacking teams. As the person with the CIO job, it’s your responsibility to protect your company from these assaults no matter where they come from. Is it time to go outside the company in order to get some help?