The story of WhatsApp began in 2009, when two ex-Yahoo employees failed to get a job at Facebook and decided to develop a simple messaging app instead. Ten years later, WhatsApp is the number one instant messaging and free call app in the world with 1.5 billion users.
Like Facebook Messenger, WhatsApp was not originally intended for business use and started as a free alternative to SMS for private users. Today, WhatsApp has grown to include a business app which lets small businesses interact with customers by automating, sorting and responding to messages. Medium-sized businesses and enterprises can make use of WhatsApp Business API to connect with customers quickly and securely. Today, the app handles 65 billion messages and 60 million calls daily and is used by 3 million organizations.Today, WhatsApp handles 65 billion messages and 60 million calls daily and is used by 3 million organizations. Click To Tweet
The downside of using WhatsApp for business is that it lacks internal backup capabilities and the proper archiving options necessary from a compliance standpoint. If you’re wondering what brings WhatsApp and compliance together, the answer lies in the term “business records”. The laws that mandate the retention of business records rarely address instant messaging platforms specifically, but the definition of a business record includes many communication channels that aren’t email. In fact, all messages that are work-related and are exchanged and stored on company-issued and personal devices are considered business records.
Mobile Devices, WhatsApp and Compliance
Mobile has become a valuable business tool that we use to access work-related content, communicate with customers and exchange important business updates. We often use mobile devices to send a quick text to colleagues and business partners on IM platforms such as WhatsApp. This makes such messages business records and brings IM into the compliance arena. As business regulations expanded and regulators became more comprehensive in their requests for documentation, chat apps have become important aspects of compliance.
New business trends like BYOD and CYOD have additionally complicated the mobile-for-business picture, but regulators don’t seem to care. In recent years, courts have been addressing the discoverability of chat apps and have maintained that such messages are subject to the same discovery standards as email.
For this reason, it’s in your best interest to retain the content from WhatsApp if your organization uses it to engage with prospects and customers or if you use it internally. FINRA explicitly states that “every firm that intends to communicate, or permit its associated persons to communicate… through a text messaging app or chat service must first ensure that it can retain records of those communications”.
In Europe, MiFID requires the recording of any electronic communications including “email, SMS, business to business devices, chat, instant messaging and mobile device applications.” FDA, FTC, HIPAA, SEC and others all have rules around the use of social media and mobile communications. In a recent survey, 30% of physicians admit that they have exchanged protected healthcare information via texting apps, WhatsApp included. Without an archiving solution that can capture those messages, this constitutes a HIPAA violation.
Such regulations mandate that organizations, especially those in regulated industries, need to retain and be able to produce business records exchanged via chat apps. This sparked the need for technology that could allow companies to archive instant messages in the same compliant way they already archive email.
Two thirds of organizations in the US currently use instant messaging platforms and mobile to communicate at work and about work. Content exchanged on WhatsApp can easily turn into a liability and cost your company millions of dollars if not managed and archived properly. It can spark investigation by regulatory bodies, attract auditors and be used as evidence in ediscovery.Two thirds of US organizations currently use instant messaging platforms and mobile to communicate at work and about work. Click To Tweet
Archiving instant messages allows organizations to have worry-free workplace messaging in a way that boosts employee productivity and collaboration but also addresses compliance and eDiscovery requirements and reduces risk. When captured, the content exchanged on WhatsApp undergoes the same process as email – it is indexed, made searchable and then it gets stored safely until the retention period mandated by relevant regulations expire.Archiving instant messages allows organizations to have workplace messaging and simultaneously address compliance and ediscovery. Click To Tweet
In order for WhatsApp evidence to be admissible in court, it is critical for it to contain metadata such as the date/time of the message and contact information of the sender and recipient such as the phone number or the email address. Without a dedicated archiving solution, both the metadata and content of the message can be altered, which is why printing or taking screenshots isn’t enough for a proper instant message archiving strategy.
The Benefits of Archiving WhatsApp
There are third-party solutions designed to solve WhatsApp compliance issues for organizations operating in regulated industries, but also for smaller businesses that value security and proper record-keeping. If your employees use WhatsApp for work-related communication and if your organization allows corporate and BYOD mobile devices, this is a perfect way to ensure compliance and have oversight of what’s communicated on this channel.
How does this work? Employees continue to use WhatsApp from the web interface or the mobile app normally, while the solution captures all chats (group and individual), text messages, multimedia, files and deletions. It then indexes them and houses them in the company archive together with email, social media content and everything else you are already archiving. When searching through your archive, you will be able to search and filter messages based on various criteria such as employee name, email, mobile number, message type etc. Retention works on both iOS and Android devices, captures messages with metadata and operates automatically.
What are the benefits of automating the WhatsApp archiving process? First and foremost, end users don’t have to be involved in the process, which will greatly reduce the risk of error and boost business productivity. Having a unified archive with all your content (email, social media, WhatsApp) will allow your administrators and compliance officers to search through multiple formats from a single platform and save time and effort.
Jatheon is an email, social media and mobile archiving specialist with 15 years of experience with regulated industries. Jatheon CTRL is the company’s comprehensive and customizable platform for the archival of social media, mobile calls and texts and WhatsApp. To discuss your archiving plan or get more information, contact us or schedule a personal demo.