Email archiving is something often overlooked but is something everyone should be doing. In a world where information is king, and data is at the source of everything we do. It is important that such information should be accessible at anytime regardless of size and age.
Why should I archive email?
Email is the part of our daily lives and as such can just as easily be forgotten, lost, or even deleted as part of our daily routine. Often mailboxes have a set limit as to how much storage you can have for a mailbox, whether this be due to infrastructure restrictions or licenses conditions. Therefore, the chances are that you are going to have to delete emails at some point in order to free up space, which could mean you delete an important email further down the line you will not be able to recover or access. There is a false perception that backing up mailboxes is the same as archiving. This is incorrect as archiving is a means of retaining email’s long after a mailbox backup retention will last, while a backup is used in a disaster recovery situation and will not archive individual emails for a long time.
When should an email be archived?
Emails should be archived regularly and often should be any email older than 6 months. Examples of such email that is likely not required immediately but are further down the line are court documents, construction drawings, contracts and more. Depending on the requirement to meet legal, contractual and tax regulations this can be tailored to business requirement, department or user and can ensure emails can still be accessed long after an employee has left the business if needed.
Archiving & GDPR Compliance
As email is the key tool for sharing data, including personality identifiable information (PII), you must ensure when you are compliant with the principles when processing. Almost everything you do with data counts as processing; this includes collecting, recording, storing, using, analysing, combining, disclosing or deleting it.
Data minimisation and storage limitation are 2 of the 7 key GDPR principles that are the most relevant when it comes to archiving data & email.
Data Minimisation key requirements;
- adequate – sufficient to properly fulfil your stated purpose;
- relevant – has a rational link to that purpose; and
- limited to what is necessary – you do not hold more than you need for that purpose.
Storage Limitation key requirements;
- You must not keep personal data for longer than you need it.
- You need to think about – and be able to justify – how long you keep personal data. This will depend on your purposes for holding the data.
- You need a policy setting standard retention periods wherever possible, to comply with documentation requirements.
- You should also periodically review the data you hold, and erase or anonymise it when you no longer need it.
- You must carefully consider any challenges to your retention of data. Individuals have a right to erasure if you no longer need the data.
- You can keep personal data for longer if you are only keeping it for public interest archiving, scientific or historical research, or statistical purposes.
There are various products and providers for email archiving, however, to discuss further get in touch and get a free quote and discuss your needs to ensure your data is archived