Archive Compliance - Email Archiving Compliance that meets HIPAA, SEC, and FINRA Regulations

For a free consultation please fill out the form below:
Name:
Email Address:
1.866.606.3917
Press Releases
FINRA Compliance and Email Archiving

Just about every business knows the requirements of email archiving. The need to retain, securely store, index and secure email and electronically stored information. In 2009, FINRA introduced a Regulatory Notice 10-06, which sought to include the newer social media, chat, and Instant Messaging to the retention requirements.

Many companies block access to social networking sites and Instant Messaging to prevent employees wasting time and any potential data breach. However, the benefits of these new technologies now outweigh the downsides, so many companies are reviewing their policies.

For those that are reconsidering access to social networking, here is an overview of the main aspects of the Regulatory Notice.

Approval and Recordkeeping (Rule 2210(b)) says that a Tweet, status update or post to a forum or bulletin board that can be viewed by more than 25 people is sales literature and requires pre-approval, approval, or post-approval. Companies need a published approval process that works to allow monitoring or control over these.

Supervision (Rule 3010) requires that there are written procedures for the review of incoming and outgoing electronic correspondence. Social networking can be regarded as correspondence, so is subject to this rule. That means an organization needs to ensure these networks are supervised in an effective manner. That can be electronic or manual monitoring.

Books and Records (Rule 3110) says that all advertisement and sales literature must be maintained securely for a period of no less than three years from when it was last used. Having read Rule 2210(b), it's now clear that Tweets can be viewed as sales literature. Other aspects of social networking can also qualify as advertisements and sales literature, so should also be storedwherever possible.

Third-Party Posts (Rule 2210 / Notice 10-06) says that third party posts, endorsements and other agreements are implied if the company involves itself in these communications. That convoluted sentence means if an employee re-Tweets something or comments on a Facebook wall it could be considered endorsement by the company.

As Facebook has become something of a goliath in the social networking industry, it's important for any company considering allowing access from work to bear this in mind. It could also conceivably apply to blogging platforms too.

During the infancy of social networking, it was unclear what business obligations where regarding social networking. These guidelines have now made it clear.

Sites such as Twitter and Facebook can be regarded as advertisements if their content is clearly identified as coming from your company.Instant Messenger traffic that is sent to more than 25 recipients is considered sales literature.

Messages that are sent to a single destination,retail clients, or less than 25 prospects within 30 days is considered correspondence. Sites that have password protection like Facebook or LinkedIn are regarded as sales literature and chat rooms as public appearances. All of which fall under the purview of FINRA.

To meet this need, email archiving vendors introduced Instant Messaging tracking to their suite of products to ensure their customers remained fully compliant. It's as important for vendors to keep abreast of new requirements and add this functionality as quickly as possible.

 
Top Myths of Email Archiving

If you're in business, and don't already have an email archiving solution in place, you're way behind the times. Not only is almost every business in the country liable for email storage of some kind, there are also plenty myths surrounding email archiving.

We're going to dispel some of them here by highlighting the myth, then providing a case for ignoring it. Each is based on fact. We're not promoting a product, we're not selling a service, we're just providing information.

Reason 1. Email archiving is expensive. While an in-house infrastructure can be extremely expensive to implement, email archiving isn't so much. If your business uses email anyway, you're bound to have an email server, or use of one. An email archive will work off the back of an existing server and archive emails. Microsoft Exchange 2010 has archiving built-in, as does other proprietary email servers.

If you don't want to host your own, SaaS can interact with your email server and manage email archives from there. There is no initial investment needed, it turns into a monthly expense instead.

In the longer term, email archiving can save money. Firstly in protecting you from litigation, and fines for non-compliance, but also for network storage. Anyone who has had to implement a NAS, knows how expensive it can be. Moving email archives off the main mail server or network allows for much cheaper storage solutions.

Reason 2. It's difficult to implement. If your company isn't of a size to have its own IT department, setting up new infrastructure can appear daunting. Using cloud computing takes away just about all the possible complications that can arise from it.

There are also email archiving servers that just attach to your network and all you have to do it point it to your mail server. That's the limit of the configuration needed. For those for whom IT isn't a scary prospect, many email archiving platforms are relatively straightforward to set up and use.

Reason 3.E-discovery doesn't apply to me. E-discovery applies to every business in the country. At one level or another you're subject to legislation controlling the storage of email information. While you may not have seen an e-discovery request yet, that doesn't mean there isn't one in the pipeline.

Ignoring the law is something that we don't support. For the relatively small expense, and modest system overhead, an email archive is something every business should have.

Reason 4. Email Archives don't work with Outlook. While far from the only email client on the market, Microsoft's Outlook is the most popular. It's a common myth that third-party email archives can't handle PST files. Just about all of the third-party, and self-hosted email archive solutions support Exchange.

Outlook is just the client, not the server. Archiving takes place at server level, so Outlook doesn't even come into it. While the format is of a PST, it's controlled before the email ever reaches the client.
 
Choosing an Email Hosting & Email Backup Provider

Read more...
 
<< Start < Prev 1 2 3 4 Next > End >>

Results 1 - 3 of 12

Warning: fopen(/var/www/dev/archive/components/com_sef/cache/shCacheContent.php) [function.fopen]: failed to open stream: Permission denied in /var/www/dev/archive/components/com_sef/shCache.php on line 108