[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now


What are the Storage rqmts by law for employee emails, IM's, phone calls and faxes?  How long back?

Posted on 2008-06-14
Medium Priority
Last Modified: 2013-11-14
The laws that passed a few years back for Sarbanes Oxley and E-discovery require by law a company to store employee emails, IM's, phone calls and faxes for any legal issues that may arise.  The info I find does not clearly state how long this data must be stored and accessible when need to be searched upon.  I need this information to plan accordingly for a SAN.
Question by:jcs1977
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2

Author Comment

ID: 21816496
why can no one answer this question and why does everywhere you go the law says you have to retain but no specifics????
LVL 54

Expert Comment

ID: 21827175
From what I have read on the law the period can be different in some cases and there are even some "grey" areas.  The general rule I have read and what I have heard the SEC, if it matters, uses is 7 years.  Let me know if you need more details.  There are actually companies and software made to help compliance with this and they would probably be a great resource for options and info if this act is one that will affect your company.


Author Comment

ID: 21871972
More details would be good or point me towards a reputable company.  
LVL 54

Accepted Solution

b0lsc0tt earned 2000 total points
ID: 21877032
I don't have a specific company to recommend.  You should probably find one that is in your region or locale anyways.  I would be cautious about some that will sell you services and products but aren't really getting you fully compliant.  This is something where the rule "buyer beware" is adviseable and ignorance is no excuse for failure to comply.  Just a word of caution though.  There are many companies that should be able to help with this.

If you want a general idea then try a search like http://www.google.com/search?num=100&hl=en&safe=off&q=sox+compliance&btnG=Search .  Looking at the sponsored links could be a good way to narrow down your choices.  Also adding your region or state would help.  Big (i.e. public) accounting/auditing firms should know these rules too and could help to point to reputable and good sources for IT related compliance.  Corporate law firms or companies would be another source.

I thought the info at http://articles.techrepublic.com.com/5100-22_11-5843010.html was good and helpful.  If you want some other interesting articles on this then see:


There are lots of others.  I do hope these help.  Let me know if you have a question.

LVL 54

Expert Comment

ID: 21999060
I'm glad I could help.  Thanks for the grade, the points and the fun question.


Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft will be releasing the Windows 10 Creators Update in just a matter of weeks. Are you prepared? Follow these steps to ensure everything goes smoothly and you don't lose valuable data on your PC.
Windows Server 2003 introduced persistent Volume Shadow Copies and made 2003 a must-do upgrade.  Since then, it's been a must-implement feature for all servers doing any kind of file sharing.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
This Micro Tutorial demonstrates  how Internet marketers work with competitive analysis data, and a common task in data preparation is creating separate column for domains. You will then extract from a list of URLs.

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question