Now that we have gone over all of the benefits of email archiving, it’s a good time to go back now and take a look at the laws governing compliance itself. Compliance remains the number one reason to implement an email archive. The penalties can be severe if compliance is not closely followed. For instance, in 2006, Morgan Stanley was fined 15 million dollars by the Securities and Exchange Commission. That was brought about when the SEC alleged that Morgan Stanley delayed handing over emails, destroyed others and wasn’t forthcoming about the nature of the communications. In 2005, a 1.57 billion dollar judgment was upheld for noncompliance. This was later overturned.
Get your act together
The Sarbanes-Oxley Act (SOX) affects all industries and contains language to impose penalties on any organization which tampers with or alters emails or other forms of electronic communications with the intention of fraud. This act makes clear that all businesses must keep their emails for at least 5 years or potentially face penalties. Additionally, any European companies with U.S. listings are also required to keep the emails for 5 years.
After SOX, regulations breakdown by industry. For instance, the healthcare industry has its own set of rules that are covered under the Health Insurance Portability Accountability Act (HIPAA). Likewise, the financial sector must adhere to SEC Rules 17a-3/a-4 and NASD Rules 3010/3110 which oblige broker/dealer organizations to maintain and store all emails pertaining to their trading activity for a minimum period of six years.
If you are not aware of the rules which govern your particular industry, you should quickly find them out and set up email archiving in order to meet compliance. As we have seen, regulating bodies are sincere about the laws requiring email archives. Email archives are far superior to mere backups for the storage capacity, search functions and many other reasons we have discussed here.
For more information on how you can stay compliant with industry regulations,