The report – Records Management Best Practices – looked at how businesses store, as well as destroy, their electronic business records. Sponsored by Iron Mountain and drawing on around 3,500 people in a variety of business and market sectors, researchers found that there is a disparity between how well firms manage their physical and electronic records.
Whilst a good 80% of businesses had command of the basics of managing physical records and data, just 23% also had policies dealing with their electronic records – which include email, images and other forms of digital data.
This disparity, says the company, is further complicated by several trends, such as the growth of electronic information, growing consumer concern about data protection, and rising levels of litigation.
Commenting on the findings, Bob Brennan, Iron Mountain's CEO, said that managing records is about managing risk.
"The organisations who understand this have developed enterprise-wide programmes that provide them quick access to information, manageable storage costs, and peace of mind that they've made good-faith efforts to comply with increasing regulatory requirements", he noted.
Delving into the report reveals that almost two-thirds of firms do not conduct regular, across-the-board employee training programmes, and only 37% conduct any form of records management training.
Over at Origin Storage, Andy Cordial, the storage systems integration firm's managing director, said that the report highlights the need for best practices when it comes to digital data records.
The conclusions, he said, are an indictment of the state of corporate data protection and any business that fails to protect its data and records effectively is still unacceptable – both from a regulatory and legal approach.
And that, he explained, is before we get in to the morality of allowing your company's customer information to leak, and potentially be misused by the criminal community.
"The message of – `thanks for buying from us, now we've leaked your data and it could cost you dearly' – is a pretty awful one, and one that will turn off customers from companies on a major scale", he said.
The reputational damage, although not often reported on, is one that can really hit home on companies with a poor approach to encryption and data security generally, he explained.
"The good news is that researchers found that those firms with the strongest records management practices employed the most formal programmes governed by multi-disciplinary teams across the organisation", he said.
This is what we are observing amongst our customers, namely that those firms that take a serious attitude towards encryption are the most responsible when it comes to security policies", he added.
"And those that don't take a serious approach to the issue also tend to get hit by legal action and regulatory fines. But that's another story entirely."