Our retention & security program services include:
Retention schedules for information including
US and Global legal security and retention requirements.
Program policies for retention, review, and
disposal of information for all information including structured and
unstructured data and e-mail.
Legal hold programs.
Privacy and security program policies and procedures.
Curriculum development and training.
Project management and guidance during
Legal requirements review and updates.
Review of policies and procedures for legally
defensible retention / destruction, security, and
Compliance audits and recommendations.
Review, analysis, and recommendations for
implementation of GRC, ECM, and Cloud software and systems.
Retention Program Policies and Schedules
corporate retention program ensures
information required by regulatory agencies, auditors, and to support
business decisions is retained and obsolete information is pulled from
record keeping systems and destroyed when no longer needed or required.
An important part of compliance and risk management programs,
our retention programs include:
Schedules that identify information and retention of all
types of records and information (paper and electronic) created and maintained
throughout the company.
Data maps to identify record keeping systems
across storage medias.
Documented legal requirements for retention, security, and privacy for each country and state where business is
Responsibilities, procedures, and policies for the
storage, retention, and
destruction of records that meet US federal, state, and international compliance requirements
for the security, maintenance, retention, and destruction of information.
Privacy and Security Programs:
US Federal, State, EU, other international requirements, as well as PCI
standards create compliance requirements for corporate
information privacy and security programs, breach notification, and security
controls for the storage and disposal of
information that contains personally identifiable information about clients,
patients, employees, or customers. Our services include IT Risk &
Security Assessment, Security Program Development, and Compliance Dashboards
and actionable work plans.
Reviews and Compliance Audits
Numerous US federal, state, and
international laws create compliance obligations for documentation, retention,
secure storage and destruction of information, and
the management of corporate
information assets. Audits need to be performed annually as part of
your GRC and security programs to monitor system practices, assess controls and meet
for monitoring security, privacy, and retention/disposal programs. Legal requirements need to be
reviewed and updated every 1-3 years to ensure compliance with current legal
requirements for the retention, destruction, privacy, and security of