First established in 2002, National Records and Information Management (RIM) Month emphasizes the need for good record keeping and business information management in both business and in life. It is celebrated every April and is a great time to conduct a spring cleaning of your records. This month, we’re sharing records and information management best practices to ensure your information is secure, compliant, and easy to find all year long.

What is a RIM Program?

Records Information Management (RIM) is a corporate function involving the business information management of all records throughout their lifecycle from creation to archiving or destruction in compliance with the governing guidelines.

From the increasing regulatory environment to the rapid explosion of information, businesses are creating more content while trying to comply with more rules. Not only is there more information, but the formats in which that information is created, managed, and stored continue to change. Today, a RIM program cannot simply cover traditional physical and electronic documents. RIM compliance also mandates that it must encompass email, instant messages, and social media, as well as where that information is kept, from filing cabinets to file shares, the cloud, and mobile devices.

Organizations that do not comply with regulations could face hefty fines or litigation and may even be putting their information at risk of being breached, which can lead to reputation damage and loss of shareholder value. A recent survey by OnePoll revealed that 86.55% of respondents were “not at all likely” or “not very likely” to continue to do business with a company after a data breach. Additionally, stock prices tend to fall an average of 5% once a data breach is disclosed.

A comprehensive records and information management strategy is the only way to proactively manage and protect your business information while ensuring compliance. Here are five tips for evaluating and improving your records information management policy this spring:

What is Information Governance (IG)?

Information governance consists of all the rules, processes, and structures that an organization needs to comply with throughout the creation, management, sharing and destruction of its information. While an RIM program only addresses the lifecycle of a document, IG takes a broader approach to ensure that all information created aligns with your organization’s goals. Effective IG will reach across the entire organization to ensure that all employees and departments know and follow the appropriate procedures for creating and managing business information.

Who is Responsible for Records and Information Management?

A records and information management policy is only successful when employees across the entire organization buy in. This includes members of the executive board or leadership team, as well as employees at every level of the company. Identify someone or a committee of people who can take responsibility for evaluating and improving your RIM program. This may include representatives from each department within the company or a records manager or records information management partner who can help you audit your information and build a comprehensive strategy for creating, managing, and destroying your information.

A RIM committee can also help organizations maintain RIM compliance by staying on top of the latest rules and regulations, addressing new issues or concerns as they arise, and assisting in the continual education and training of employees in records and information management best practices.

Develop a Records Retention Schedule

A records retention schedule informs employees how long a document should be kept to ensure RIM compliance. Retention schedules are based on both legal and regulatory requirements, as well as the operational needs of an organization.

Many businesses hold onto documents indefinitely for fear that they may one day need a file they discarded, but keeping information past its retention period is expensive and risky. Not only do businesses waste time and money on prolonged records storage, but expired information can become a liability if exposed during a data breach or litigation. Retention schedules help organizations better organize, manage, locate, and retrieve their information while saving time and money and ensuring compliance.

At the end of their retention schedule, barring no audits or litigation holds, all information should be securely destroyed. A haphazard destruction schedule will not suffice. Set up a systematic approach so that all information that has met retention requirements is destroyed as soon as possible.

Write Your RIM Policy Down

As mentioned, every member of an organization should be on the same page when it comes to your records and information management policy. Consistency and clarity are key. Establish a company-wide policy that clearly outlines the procedures all employees must take throughout the lifecycle of a document, from creation to sharing and destruction. This policy should address the following:

  • Roles and responsibilities of employees
  • Records lifecycle
  • Records ownership
  • Audits
  • Legal holds
  • Sharing and access controls
  • Records maintenance
  • RIM best practices and training

The RIM policy should be accessible to all employees and clearly communicated across the organization. HR may be a strategic resource for the development of ongoing training and education on records and information management security.

Share Digital Documents with Care

Whether for an audit, legal reasons or business support, employees should be able to locate and access the information they need, when and where they need it. They also need to be able to share that information with external auditors as requested. Despite the risks associated with emailing sensitive information—the information can be breached, printed or copied, to name a few—49% of business leaders surveyed admitted to having shared corporate data from their personal email accounts. Employees need a way to securely share information while still monitoring who and how that information is accessed.

Get Your RIM Program Solution from a Document Management Specialist

With a digital document management solution, audits and other business tasks become painless. Documents are shared via a secure timed link and viewed in digital file rooms where you control what can be done with them, including whether they can be printed, downloaded, or copied. An audit log records every action taken on the shared information and file rooms can even be set to expire to ensure security. Those components make for a solid RIM program that gives you peace of mind.