I've recently started working at a small company and I've noticed their off-boarding process involves zipping up and storing a former employee's data on the server for future reference. This includes their working files like reports, screenshots, and presentations. It raises some concerns for me. I'm curious, how long should a company actually retain a terminated employee's data, particularly when it's not HR or financial information? Since I'm new in my role, I want to understand the best practices around this.
5 Answers
You should definitely check in with your legal department about this. The duration for which companies retain data can vary, especially if there are regulatory requirements involved. In my experience, one company I worked with kept personal files for 180 days before purging them.
Data should generally be kept only as long as it's useful for the company. After that, it can become a liability. It's best to set a timeline for deletion after giving relevant supervisors access to the data to see if they need it.
This isn't just an IT issue; it mostly revolves around risk versus reward for the business. If keeping that data becomes a legal risk, leadership needs to assess whether it's worth keeping around. If they ever face a lawsuit, having all that zipped-up data could complicate matters.
Data retention policies really depend on the company and applicable laws. Some businesses keep everything indefinitely, while others might erase data quickly. It's a good idea to talk to your management to determine what data needs to be kept and for how long.
Ultimately, the data belongs to the company since it's from work devices. If employees are saving personal files there, it's on them. Make sure your company has a clear policy about data retention in the employee handbook.
Exactly! Legal tends to want to keep data only as long as legally required, since holding onto unnecessary information can lead to liability.