Intel's Data Retention (or lack thereof) (Sync)

Intel's Data Retention (or lack thereof)

According to MarketWatch, Intel may have lost some email with respect to an ongoing litigation regarding an antitrust lawsuit with AMD. The story in itself isn't really all that interesting. What caught my eye were the plethora of failed communication and user training anecdotes. Here are few great snippets from the article:

Intel said a "fail-safe plan" to prepare back-up tapes missed some employees, while some workers didn't properly follow document retention policies. It further admitted some workers weren't given timely notice to retain materials.

In other cases, Intel said some employees may not have moved all the e-mails to their hard drives, while a few employees thought the company's information technology department was automatically saving their e-mails.

He said Intel is taking steps to correct the problems, including implementing a new email archiving system using software from EMC Inc., among other measures.

I'm no SOX expert, but I do know a thing or two about data retention policies. Isn't there a SOX requirement regarding data retention with respect to contracts and financial documents including email? It's my experience that companies affected by data retention policies in regards to regulatory compliance, generally install a technical means to automatically retain all data BEFORE going public. There seems to be a larger problem if your retention policy relies on employees copying data from their mailbox to their hard drive. Exactly how long has Intel been public?
Maybe someone who has first hand knowledge with respect to data retention of email and SOX could help shed some light?

Posted by Andrew Storms on March 5, 2007 8:11 PM | Permalink

TrackBack

TrackBack URL for this entry:
http://blog.ncircle.com/cgi-bin/mt-tb.cgi/170

Comments (2)

Arthur:

Well SOX does have some email/document retention requirements, but that is only for specific classes of documents related to the financials and related audit material. So I suspect that SOX is irrelevant here.

I suppose there could be a problem given the new federal rules of evidence that went into place December. However since the case started in June of '05, they may also not apply.

Not that Intel won't get in trouble, but at first blush, there doesn't seem to be a regulatory problem.

Posted by Arthur | March 6, 2007 4:43 AM

Posted on March 6, 2007 04:43

Storms:

Interesting. Thanks for the insight Arthur.

Posted by Storms | March 6, 2007 7:47 AM

Posted on March 6, 2007 07:47

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Verification (needed to reduce spam):

Name:

Email Address:

URL:

Remember personal info?

Comments:

Bio

Blog: Sync
Author: Andrew Storms

As nCircle's Director of Security Operations, Andrew Storms is responsible for setting and enforcing the company's security compliance programs as well as overseeing day-to-day operations for the Information Technology department. He is a Certified Information Systems Security Professional (CISSP).

About

This page contains a single entry from the blog posted on March 5, 2007 8:11 PM.

The previous post in this blog was Hooters To Tighten Their Credit Card Payment Process.

The next post in this blog is Tired of the DST Change? Ya, me too..

Many more can be found on the main index page or by looking through the archives.