IT Solutions Advice and Guidance

2. Email Archiving and Compliance

 Printer Friendly Version

 View PDF

2.1 Protecting You and Your Business

Over the past years, email has become a primary channel of business communication. It provides organisations with a fast medium of conveying business correspondence such as purchase orders, quotations and sales transactions, in virtually any geographical area with the least physical effort possible. A study conducted by market researcher Gartner Group revealed that organisations conduct almost 97% of their communications via emails. Furthermore in a recent survey, Osterman Research found that email is now accepted as written confirmation of approvals or orders in 79% of organisations.

 

What is email archiving?

Email archiving enables companies to securely store all email communications into one or more indexed databases and to allow emails to be retrieved quickly and easily on demand.

You can provide users with easy, centralised access to historical emails and with the ability to quickly retrieve emails through a simple Restore process. 

This technology is increasingly integral to a PC network in order to meet the regulatory email storage requirements of UK and European Laws.

What legislation do I need to know about?

Every year brings more changes to an already complicated regulatory framework. It is possible to define three major categories: 

  • Industry Regulation driven through compliance against regulatory authorities in key vertical markets such as finance, health and public sector.
  • Legislation as a result of government imposed acts affecting all organisations.
  • Best Practice relating to the implementation of general email management policies and guidelines designed to protect the employer and employee.

It is important to note that there is little explicit legislation that relates to e-mail, however a common understanding within the context of law, and illustrated by many court cases, is that an e-mail is a document and as such is covered by many and varied regulations.

Of the 70+ acts/regulations that might affect your business, those that are key are: -

  • Data Protection Act 1998
  • UK Companies Act 1985
  • Freedom of Information Act 2000

 

 
 

What does this mean to me?

A core element to the Data Protection Act is the way in which it insists companies have to disclose information it might have on an individual. This key type of disclosure is called a “Subject Access Request”. 

Anyone can issue a SAR against any company by simply writing a letter in a format available from Data Protection Act website, sending a cheque for £10, delivered via registered mail to the company. The company receiving the SAR legally has to give up all data requested, within 40 days. Failure to comply breaks the law, seriously affecting the company’s ability to defend itself against any legal actions.

Currently, the most common use of Subject Access Requests is by employees, or ex-employees making claims of unfair dismissal, sexual / racial discrimination, harassment, or constructive dismissal. Just imagine the difficulty in trying to find relevant emails between different parties that are stored in numerous locations or more often just deleted.

The reality is that for legal compliance, data held in emails should be stored in a secure archive, with quick retrieval and with all events surrounding any email, audited.

What’s meant by “Legal Discovery”?

Legal discovery tends to be based on a request to produce all documents relating to a particular person, department or subject. 

When you stop to analyse this, the term “all documents” means that it may comprise of Word, Excel, PowerPoint & PDF documents, Emails, Instant Messages and even VOIP phone calls. 

Even the smallest of companies often has tens of thousands of emails that need to be searchable.

 

But these email messages are not in one place. In the simplest of scenarios; they will be stored across different backup tapes with no indexing system to identify their content.  They could be in Web-Based email systems, old Outlook or Outlook Express files or saved to a local archive file.

The next question is what do you index anyway? If you are indexing to satisfy legal discovery requests, what could those requests be about? Anything your business is involved in. So the indexing has to be complete. Every person, every object, every transaction, every location, every policy.... every single thing your business emails deal with has to be indexed so that all the emails dealing with, for example, maintenance work being undertaken in the company car park, can be located and retrieved in case a solicitor issues a legal discovery notice on you about that topic. 

What do I need to do?

To protect you and your business you need to ensure that you have a full email archiving solution and procedure in place.

How can you help?

AXIS First can offer a range of email archiving solutions to help meet your legislative or regulatory requirements.

Can my users get to archived email?

Yes, this is done securely via a web-browser interface.

 

 

 Printer Friendly Version

 View PDF

< Choosing an IT Supplier

Call Back
This site uses cookies. By continuing to access this site you are accepting the use of cookies by this site.
Read more about cookies...
OK

Cookies are small text files stored on your device when you access most websites on the internet.

This Website uses cookies in order to make the Website easier to use, to support the provision of information and functionality to you, as well as to provide us with information about how the Website is used so that we can make sure it is as up to date, relevant and error free as far as we can. Further information about the types of cookies that are used on this Website is set out in the box below.

By using this Website you agree to our use of cookies. You can choose to restrict or block cookies set on the Website through your browser settings at any time. For more information about how to do this, and about cookies in general, you can visit www.allaboutcookies.org. Please note that certain cookies may be set as soon as you visit the Website, but you can remove them using your browser settings.

However, please be aware that restricting or blocking cookies set on the Website may impact the functionality or performance of the Website, or prevent you from using certain services provided through the Website. It will also affect our ability to update the Website to cater for user preferences and improve performance.

We don’t sell the information collected by cookies, nor do we disclose the information to third parties, except where required by law (for example to law enforcement agencies).

We may sometimes embed content from 3rd party websites such as YouTube. As a result, when you visit a page containing such content, you may be presented with cookies from these websites. We do not control the dissemination of these cookies and you should check the relevant third party's website for more information.

Cookies We Use

Cookie Description
CookieConfirm The presence of this cookie is used to remember the fact that you have confirmed that you are happy to accept cookies
ASPSESSIONIDxxxxxxxx This is a Session Cookie (session cookies are temporary and are erased when you close your browser). It identifies you from one page to the next and is used, for example, to keep track of your logged-in status.
UserID, account, password These cookies are used to remember your login credentials for when you next visit our website. They are only created if you choose the “Remember Me” option on the login page.
_utma, _utmb, _utmc, _utmz These are cookies created by Google Analytics and are used to provide us information on which web pages are the most popular, and the most popular search terms used by visitors arriving at our site.