Iron Mountain is probably the largest offsite data storage provider. In recent years, as expected, they have expanded their offerings into records management, compliance support, and even e-discovery issues.
Comptuerworld.com ran a short Q&A with Richard Reese, the CEO of Iron Mountain that produced some good quotes:
“A big part of what we’ve been trying to do is educate customers. Half the problem has been customers — it’s their legal departments [that] don’t understand the [technology] processes [for archival and storage]. And the business people don’t understand how [legal rules and responsibilities] have changed.”
Mr. Reese had a good, but fairly generic, response to the question “Should companies destroy or keep all their data to avoid problems under new e-discovery requirements?”
“The strategy of just aggressively getting rid of [data] absent of policy is going to be a loser and it’s going to cost you. But the strategy of keeping it all — and managing and discovering all your data — is going to kill you as well. The right strategy is to put in processes, procedures and technologies to destroy [information] as part of policy. For those companies saying “I’ll get rid of it; I’ll take my chances,” all they’re doing is making an informal risk assessment…”
You’re darned if you do, and darned if you don’t. Lesson: you must insist on a records retention policy.