Your move to a fully electronic storage system is imminent, and all your document retention worries are over. Or are they?
The moment has finally arrived. Your company's new document management policy is complete, and covers everything from signed hardcopy contracts and lunch receipts to voicemails and emails. No longer will your employees drown in a sea of paper and lever-arch files.
No panacea
While your new electronic storage system will certainly be more efficient than physical document storage, it is not a panacea, and presents challenges of its own.
For a start, Commonwealth tax legislation, the Corporations Act 2001 and the various Commonwealth, State and Territory Electronic Transactions Acts all impose specific requirements relating to the proper imaging, storage and retention of electronic documents.
These requirements include that electronic documents must be 'readily accessible' so that they can be referred to at some future time, and that appropriate steps must be taken to ensure the 'reliability, security, accuracy and integrity' of the documents stored within the electronic document storage system.
You may also need to retain certain documents in hardcopy in order to meet legislative requirements. For example, in Victoria, statutory declarations must be retained in hardcopy form. Consequently, your document management policy will still need to address hardcopy storage.
Further, you'll need to consider what might happen if you ever need to tender electronic documents before a court.
While the law now recognises most electronic documents as having the same evidentiary status as paper documents, the admissibility (or otherwise) of an electronic document may depend on the integrity of your document retention systems. For example, an electronic document that does not contain proper indexing information (usually called 'metadata') may be treated by a court as not being sufficiently trustworthy.
Accordingly, your document management policy must provide for the proper protection, storage and indexing of all electronic documents, to ensure they can be tendered as evidence before a court.
The dilemma of destruction
No office is equipped to store every document it ever produces or receives. However, the process of selecting which documents you retain and which you don't needs to be very carefully considered, particularly in light of the Crimes (Document Destruction) Act 2006 (Vic) (the 'Document Destruction Act') and the Evidence (Document Unavailability) Act 2006 (Vic) (the 'Document Unavailability Act').
According to the Document Destruction Act, it is a criminal offence to destroy a document, or authorise the destruction of a document, where:
-
you know that the document is, or is reasonably likely to be, required in evidence in current or future legal proceedings; and
-
you destroy the document with the intention of preventing it from being used in evidence in current or future legal proceedings.
Your company could also be prosecuted for document destruction committed by employees, agents or officers in certain circumstances.
So how can a company minimise its risk of liability? There are a few simple steps:
- ensure that directors and officers do not expressly, tacitly or impliedly authorise or permit illegal document destruction;
- ensure you have a 'corporate culture' that does not direct, encourage, tolerate or lead to illegal document destruction; and
- exercise due diligence to prevent illegal document destruction, including in relation to the conduct of associates of the company.
A range of civil consequences can be imposed under the Document Unavailability Act if a document is not available in a civil proceeding, and if that unavailability is likely to cause unfairness to a party in the proceeding. A document can be considered 'unavailable' if it is lost or destroyed for any reason. The consequences imposed are at the discretion of the court and can include drawing adverse inferences or striking out all or part of a party's defence or statement of claim.
Your document management policy
The objective of your document management policy must be to ensure that all documents that need to be retained are retained, and that knowledge of what is important is shared effectively within the organisation.
To this end, you should review your policy to ensure that it sets out processes and procedures that:
- are consistent with your contractual obligations and with applicable legislative requirements - so that you do not find out too late, for example, that those invoices you threw out last month must be retained for seven years under your supplier contract.
- are reliable and verifiable - so that you can have confidence in the credibility of all records you store and retrieve. Aligned to this is the need for adequate back-up systems - so that an office fire or malfunctioning sprinkler system, for example, doesn't irretrievably damage some of your documents.
- are simple, intuitive and properly explained - so that staff know where and how to store documents as a matter of course. It only takes one person not adhering to a document management system for records to be lost.
- promote completeness - just as your documents do not exist in a vacuum, there should not be a vacuum in your document storage. Structural and accurate contextual information (metadata) should be stored with your documents.
- address security issues - so that you never find yourself explaining to a court that your security has been compromised and that 'someone' has tampered with your records.
- encourage and support compliance - so that if a member of your staff believes there is a reasonable chance that there will be a legal proceeding against the company in the future, they know who to notify.