That the majority of information organizations must manage is classified as an inactive record is a fact of doing business thanks to long-term retention guidelines and the vast quantity of information generated daily by technology. Out of context, a stack of files that aren't likely to be requested may seem relatively harmless. But, look again. They're an enormous thorn in the side of any RIM program implemented with even the slightest inconsistencies.

In a way, investing resources into storing and managing the life cycle of data that is never to be used again is akin to saying, "Hurry up and wait." That is, until the alternative is considered. The time and resources it takes to properly mind all records is a breeze compared to the severe fines, legal issues and brand troubles that result when even one inactive record is neglected.

Developing a compliant records and information management (RIM) program that covers the storage and classification of data at rest is a guaranteed insurance policy in today's regulatory climate. On paper this makes sense, but the real challenge comes with consistent implementation.

Take a Cue from Gardeners

Information management is a continuous endeavor with multiple moving parts. Policies evolve as the organization they're designed to protect and support grows. By nature, offline records won't literally change, but the method used to handle them should be able to evolve with the overall RIM program.

Gardeners set a perfect example for defining boundaries and performing routine maintenance with an almost mechanical understanding that their domain will gradually change over time. In addition to weeding out unwanted growth and guarding plants from harmful pests, the greenest gardeners have a system for storing different kinds of seeds depending on vulnerability, and they know how to properly dispose of expired material to maintain the health of the whole ecosystem.

A gardener's priorities are similar to a records manager's main objectives. Here are three essential capabilities of both:

1. Identification: According to the 2012 Compliance Benchmark Report, 61 percent of organizations surveyed are able to identify, store and dispose of every inactive record according to their retention policies. While this number has since declined, it shows that companies are on the right path toward unifying RIM practices.

Organizations must have the capacity to distinguish data that is vital to daily operations from files that will not be requested until it's time for the shredder. Otherwise there is unlimited potential for a bad situation to escalate to a worst-case scenario. For instance, the purpose of a hybrid data recovery plan is to store the most important information in a way that allows a company to expedite retrieval in case of catastrophe. Under the same plan, inactive data is backed up using a more affordable, offline method like offsite tape vaulting. Without proper identification, all information is lumped together in one backup system, which makes for painfully slow and costly recovery.

2. Storage: Vital records are classified as such in order to be stored with maximum accessibility, often either onsite or scanned for online use. Identification allows companies to consolidate resources by storing inactive information in a secure offsite facility long term. This can also serve as the organization's archives of historical data and fodder for big data analysis in the future.

Records discoverability is an issue for companies that experience rapid growth, relocate or open additional offices in multiple cities. A trusted storage partner can ease the burden by mirroring a company's onsite indexing and classification system. This, combined with thorough records inventory, allows a company to grow without letting increasing amounts of information create a problem.

3. Disposal: Most data becomes inactive after about 30 days, but regulations dictate that it must be kept for seven to 10 years. During this time, it must be protected and retrievable within a reasonable amount of time should it ever be requested. Once retention is met, it should be disposed of in a secure, timely way. This last stage in the life cycle calls for routine visits to the shredder for paper files. But all that digital data stored on IT equipment shouldn't be forgotten.

Backup tapes, CDs and hard drives are practical devices for storing huge quantities of data for a long period of time, but the secure destruction process for plastic media can make your head spin. If data is not fully eradicated, it's recoverable. Recovered information, whether it comes from inactive or sensitive records, is a legal liability that can lead to a roller coaster of fines and public relations nightmares.

The problem is that few companies have the resources to successfully destroy and safely dispose of IT storage equipment. The right partner will not only incinerate media using an auditable, earth-friendly waste-to-energy process. They'll also provide a formal certificate to guarantee the job is done right.

Remove the Thorn

If data at rest is causing unrest behind the scenes — whether it's proving hard to find, easy to lose or impossible to destroy in-house — a third-party storage partner can help with every stage of the life cycle.

Do you have questions about information management? Read additional Knowledge Center Records  Management resources, or contact Iron Mountain’s Records Management team. You’ll be connected with a knowledgeable product and services Records Management specialist who can address your specific challenges.

Related Content:

Filing Systems Are Due for a Tune-Up 

The Retail Data Lifecycle: Know When to Fold 'Em 

Disaster Recovery Make Sure the Odds Are in Your Favor

Electronic records management (ERM) is a game changer in every industry it touches. Players have two choices: You can either continue to engage using moves that no longer get you to the next level, or you can change your approach and adapt to the new landscape.

Part of the challenge is that digital technology skirts many traditional records and information management (RIM) practices. At the same time, those traditional practices are essential to protecting and tracking paper records. This not a "never the twain shall meet" scenario because the principles established by ARMA apply to both mediums.

A comprehensive electronic records management program will support existing storage and security processes. These five moves will help solve issues with eDiscovery and compliance while improving the overall efficiency and scalability of an organization's information governance.

1. Scan intelligently. Digital records are easier to access in a distributed workplace. Scanning active records and information to process or for easy frequent access to streamline workflow makes sense. However, for documents that are rarely accessed for business ,compliance or regulatory reasons, it's often more cost-effective to store them at a secure offsite facility that will scan less-active records upon request. Consider the benefits:

• You can always change your mind. Psychologically, companies that have encountered compliance issues in the past may prefer to convert all existing paper files to digital. An information management partner can convert the bulk of back files at any time.
• Access is controlled. A thorough records inventory coupled with the ability to authorize access and track who requests which records lends full transparency to an organization's ERM practices. Once scanned, authorized users can access the data from anywhere while records managers retain control of security levels and how files are indexed.

2. Social media counts. According to data from the 2012 Compliance Benchmark Report, 50% of records managers aren't aware that regulations apply to social media. The management of tweets, blogs and Facebook posts must comply with current RIM policies. Companies that have yet to do this must ask themselves some fundamental questions:

• How will your ERM program evolve if it's not aligned with current modes of communication? In the past few years, social media has become a tried and true method of engaging customers, building loyalty and promoting brand awareness. It's not going anywhere.
• Can you afford to ignore social media? According to a 2012 IDC study, the amount of digital data produced is predicted to double every two years from 2012 to 2020. If your ERM program has a hole where social media should be, that hole will likewise double, along with fines, legal issues and brand damage.

3. Policy is in the driver's seat. Most people look out the window and see clouds or sunshine. Records managers don't have to look to know we're living in a regulatory climate. Issues with retention requirements, audits and eDiscovery cannot be ignored. As organizations grow, move and adapt new technologies, these issues won't solve themselves. Here's how you can:

• Apply what you already have. Though 80% of organizations surveyed in the 2012 Compliance Benchmark Report said they had a formal RIM policy, only 37% said those policies were actually applied. Executing policy is not as easy as flipping a switch. It begins with the principle of accountability, someone has to own the policies and delegate responsibilities.
• Leverage the expertise of a trusted partner. It may sound counterintuitive to bring in an outside company to assist with managing an organization's most vital, sensitive information. But the value of this information is the reason why this is not an area for experimentation. If putting policies into practice is blocking you from moving forward, RIM consulting services offer the insight and practical guidance needed to make it happen.

4. Put software to work. In theory, if time was limitless and you had more arms than a spider, you could handle the volume of electronic data on your own, but would you really want to? Records management software is designed to get you out of the weeds and into the control booth. Here's what it can do:

• Apply policies to electronic and paper records across the company. Because laws change and the quantity of information they apply to is multiplying exponentially, it's essential to have a system that unifies electronic and paper files so you can enforce changes in policy across the company from any location.
• Unify classifications. Poor, inconsistent labeling has been the root of irretrievability, the bane of RIM's existence. But not anymore. Software allows you to index and classify electronic records in line with policy and retention schedules.
• Streamline discovery. Electronic records are more challenging to manage than paper in part because file shares, content management systems and other devices present numerous options for storage. Software that can exist across such platforms eliminates discovery delays, which adds up to real money in the bank. Consider a 2010 Delphi Group survey in which 66% of workers at medium and large companies reported spending 15% of the workday searching for information necessary to do their job.

5. Think long term and budget accordingly. Electronic records will continue to change the business landscape with waves of information and responsibilities crashing to shore, guaranteed. Strategic thinking will be the power to perception, allowing you to see opportunities because you've laid a solid, scalable foundation.

The best way to get out of reactive mode is to choose ERM solutions that not only address your biggest compliance problems, but identify the root of other issues. Automating processes and consulting trusted experts will help you maximize resources so you can plan for the future and master this next level.

Do you have questions about data backup and recovery? Read additional Knowledge Center stories on this subject, or contact Iron Mountain’s Data Backup and Recovery team. You’ll be connected with a knowledgeable product and services specialist who can address your specific challenges.