London Metropolitan University

Project Description

Development of Best Practice Data Retention and Destruction Policy for SMEs

Project Abstract

In recent years, data retention and destruction has been a major issue for enterprises of all sizes, primarily due to the �lack of� and �need for� effective data retention and destruction policies and guidelines as a result of the uproar of financial scandals of the late 1990s and early 2000�s. In the paper �Data retention and the Panoptic Society: The Social Benefits of Forgetfulness� (Blanchette and Johnson 2002), the assertion was made that modern information systems not only capture a seemingly endless amount of transactional data, but also tend to retain it for indefinite periods of time. It is argued that privacy policies must address not only the collection of and access to transactional information, but also its timely disposal.

Corporations have come under increasing pressure from legislation such as the Sarbanes-Oxley Act (SOX) and Data Protection ACT 1998, to retain and destroy data obtained from customers within certain time periods (Peirson, 2007). However, there has been no legislation specifically targeting small and medium enterprises (SMEs). As a result, SMEs tend to struggle to comply even in instances where they are not bound by the law. This is often due to a lack of awareness of the requirements, inadequate policies, lack of adequate human resources, and most of all, financial constraints. As a consequence, data held in both paper and digital formats are often held unintentionally rather than with an eye to privacy policy or institutional memory (Blanchette and Johnson, 2002).

Data retention policies must be formulated in the context of the need for �social forgetfulness�, a term which encompasses a fundamental base for most modern societies where individuals are to �forget� past indiscretions having made good their failings. This is particularly important in areas such as bankruptcy, juvenile crime records and credit reporting. The natural follow-up of having constraints on the retention of data is of course the destruction of what is no longer relevant or necessary to be kept.

The thesis will focus not on the actual destruction techniques but on the standard of the destruction i.e. the destruction of data to the point that it is unrecognizable, untraceable and unusable.

Surveys released for this project:
DataRetentionSMEs 21
QuestionPro is FREE for Academic Research

This Project Sponsored by: QuestionPro - Web Survey Software
See Research Sponsorship for more information.

Complex insights made simple. Get Started for FREE