5 ways in-house counsel hurt corporate record compliance
In-house counsel must constantly ask themselves if what they’re doing really helps the business.
July 25, 2011 at 10:10 AM
6 minute read
The original version of this story was published on Law.com
In-house counsel are often tasked with ensuring company compliance with record retention regulations. Sometimes the actions of the corporate legal department not only do not help their companies achieve this compliance, but actually hurt it. Seemingly doing good can sometimes make things worse.
Given this paradox, here are five ways in-house counsel can hinder record compliance:
1. Focus on the language of the policy. One large, Northeastern technology company spent many months updating and tweaking its record retention schedule. Again and again it updated the schedule to include the latest citations, case law, etc., striving for the “perfect” schedule and believing the more perfect the schedule, the greater the degree of compliance. However, given the schedule was constantly “under review,” it was never published or executed. While updating a record retention schedule is often a good thing, excessively focusing on the schedule detail to the detriment of execution puts the organization at risk.
2. Create policies in the vacuum of the legal department. A Midwest retailer created and published its record retention policy and schedule without consulting with IT or any of the business units. While the legal department did have the corporate mandate to create the schedule, it never got “buy in” from the rest of the business. The new schedule then sat and collected dust on a shelf, ignored by nearly all the rest of the business. Mandate does not make right. Good policies require building a consensus.
3. Throw policies over the transom. The IT team of a large transportation company sat in a conference room, staring at the detailed, 90-page record retention schedule sitting on the middle of the conference room table. The legal department had created the schedule and delivered it to the IT organization, instructing them that it was now the IT department's job to execute this schedule for all the electronic records in the organization. (Note: electronic records typically comprise more than 90 percent of an organization's records.) The schedule had not been created with an eye toward execution, especially for electronic records. Therefore, the IT team strategized the most politically astute path to not execute the schedule. Compliance is achieved through policy adoption.
4. Dictate processes employees are not likely to follow. The legal department for a Northwest manufacturing company decided it did not like e-mail, and purposely created a manual process for employees to save e-mails: All e-mails needed to be printed as a PDF and manually saved and categorized in the company's enterprise content management system. The process took about two minutes for each e-mail. Around the same time this archiving policy was announced, many employees started carrying USB drives. These drives could be used to save electronic information, including copies of e-mails. If the company's policy says one thing, and employees are doing something else, compliance trouble is not far away.
5. Omit employee training programs. After a series of regulatory problems, an auditor reviewed a pharmaceutical company's record retention practices, including interviewing employees for the program compliance. The most common feedback from employee: “What record retention program?”
In-house counsel need to ask themselves whether, in trying to increase companywide compliance, are we helping or are we hurting? First do no harm.
In-house counsel are often tasked with ensuring company compliance with record retention regulations. Sometimes the actions of the corporate legal department not only do not help their companies achieve this compliance, but actually hurt it. Seemingly doing good can sometimes make things worse.
Given this paradox, here are five ways in-house counsel can hinder record compliance:
1. Focus on the language of the policy. One large, Northeastern technology company spent many months updating and tweaking its record retention schedule. Again and again it updated the schedule to include the latest citations, case law, etc., striving for the “perfect” schedule and believing the more perfect the schedule, the greater the degree of compliance. However, given the schedule was constantly “under review,” it was never published or executed. While updating a record retention schedule is often a good thing, excessively focusing on the schedule detail to the detriment of execution puts the organization at risk.
2. Create policies in the vacuum of the legal department. A Midwest retailer created and published its record retention policy and schedule without consulting with IT or any of the business units. While the legal department did have the corporate mandate to create the schedule, it never got “buy in” from the rest of the business. The new schedule then sat and collected dust on a shelf, ignored by nearly all the rest of the business. Mandate does not make right. Good policies require building a consensus.
3. Throw policies over the transom. The IT team of a large transportation company sat in a conference room, staring at the detailed, 90-page record retention schedule sitting on the middle of the conference room table. The legal department had created the schedule and delivered it to the IT organization, instructing them that it was now the IT department's job to execute this schedule for all the electronic records in the organization. (Note: electronic records typically comprise more than 90 percent of an organization's records.) The schedule had not been created with an eye toward execution, especially for electronic records. Therefore, the IT team strategized the most politically astute path to not execute the schedule. Compliance is achieved through policy adoption.
4. Dictate processes employees are not likely to follow. The legal department for a Northwest manufacturing company decided it did not like e-mail, and purposely created a manual process for employees to save e-mails: All e-mails needed to be printed as a PDF and manually saved and categorized in the company's enterprise content management system. The process took about two minutes for each e-mail. Around the same time this archiving policy was announced, many employees started carrying USB drives. These drives could be used to save electronic information, including copies of e-mails. If the company's policy says one thing, and employees are doing something else, compliance trouble is not far away.
5. Omit employee training programs. After a series of regulatory problems, an auditor reviewed a pharmaceutical company's record retention practices, including interviewing employees for the program compliance. The most common feedback from employee: “What record retention program?”
In-house counsel need to ask themselves whether, in trying to increase companywide compliance, are we helping or are we hurting? First do no harm.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View All
Legal Tech's Predictions for Legal Ops & In-House in 2025
Lawyers Drowning in Cases Are Embracing AI Fastest—and Say It's Yielding Better Outcomes for Clients
GC Conference Takeaways: Picking AI Vendors 'a Bit of a Crap Shoot,' Beware of Internal Investigation 'Scope Creep'
8 minute readTrending Stories
- 1California Lawmakers Reach $50M Deal to Fund Legal Fights Against Trump
- 2Supreme Court Wrestles With Disabled Ex-Firefighter's Discrimination Case
- 3NJ Firm Narrowly Avoids Case Dismissal Over Lengthy Complaint Filed in Fed Court
- 4Arbitrators Under Fire for Allegedly Forcing Workers to 'Stay or Pay' Employers
- 5Plaintiff Narrowly Avoids Dismissal Over Lengthy Complaint Filed in Federal Court
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250
