What are the Storage rqmts by law for employee emails, IM's, phone calls and faxes?  How long back?

Posted on 2008-06-14
Last Modified: 2013-11-14
The laws that passed a few years back for Sarbanes Oxley and E-discovery require by law a company to store employee emails, IM's, phone calls and faxes for any legal issues that may arise.  The info I find does not clearly state how long this data must be stored and accessible when need to be searched upon.  I need this information to plan accordingly for a SAN.
Question by:jcs1977
  • 3
  • 2

Author Comment

ID: 21816496
why can no one answer this question and why does everywhere you go the law says you have to retain but no specifics????
LVL 54

Expert Comment

ID: 21827175
From what I have read on the law the period can be different in some cases and there are even some "grey" areas.  The general rule I have read and what I have heard the SEC, if it matters, uses is 7 years.  Let me know if you need more details.  There are actually companies and software made to help compliance with this and they would probably be a great resource for options and info if this act is one that will affect your company.


Author Comment

ID: 21871972
More details would be good or point me towards a reputable company.  
LVL 54

Accepted Solution

b0lsc0tt earned 500 total points
ID: 21877032
I don't have a specific company to recommend.  You should probably find one that is in your region or locale anyways.  I would be cautious about some that will sell you services and products but aren't really getting you fully compliant.  This is something where the rule "buyer beware" is adviseable and ignorance is no excuse for failure to comply.  Just a word of caution though.  There are many companies that should be able to help with this.

If you want a general idea then try a search like .  Looking at the sponsored links could be a good way to narrow down your choices.  Also adding your region or state would help.  Big (i.e. public) accounting/auditing firms should know these rules too and could help to point to reputable and good sources for IT related compliance.  Corporate law firms or companies would be another source.

I thought the info at was good and helpful.  If you want some other interesting articles on this then see:

There are lots of others.  I do hope these help.  Let me know if you have a question.

LVL 54

Expert Comment

ID: 21999060
I'm glad I could help.  Thanks for the grade, the points and the fun question.


Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Email signatures have numerous marketing benefits. Here are 8 top reasons to turn your email signature into a marketing channel.
The Delta outage: 650 cancelled flights, more than 1200 delayed flights, thousands of frustrated customers, tens of millions of dollars in damages – plus untold reputational damage to one of the world’s most trusted airlines. All due to a catastroph…
The purpose of this video is to demonstrate how to set up a Mailchimp campaign. This will include styling and adding elements to a newsletter/email. This will be demonstrated using a Windows 8 PC. Mailchimp will be used. Log into your Mailchim…
Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now