This article was written by Sean Bacher and originally appeared on ITWeb.
These days, companies need to be extremely careful with their document retention schedules in order to remain as compliant as possible. Compliance rules do not just involve those set out by the government, like the Protection of Personal Information (POPI) Act and the King IV Report on Corporate Governance for South Africa, but also involve compliance that varies across industries, as well as internal compliance regulations.
Making sure each and every document in a workflow adheres to compliance regulations can be a nightmare – even for the smallest of companies. With Nashua’s Managed Document Solutions (MDS), however, compliance issues are easily automated, and businesses can be assured that, should they ever undergo an audit, every document that was destroyed or archived was done so in accordance with the law.
How does MDS help with compliance?
“The first step of any Nashua MDS implementation is the consultation or discovery phase,” says Jason Schoultz, Nashua’s former Business Solutions Manager. “During this phase, we not only discover and learn about a company’s current document process solutions, but also outline any disruptive forces that play a part in the MDS implementation. For example, big data, social media, and compliance will be a few of these forces. We then draw up a roadmap on how we will deal with these issues.
“On the compliance side of things, we first look at the main compliance laws like POPI and King III. We look at what they stipulate and then see how they affect the company. We then look at any vertical market compliance issues that the company may have. For example, a law firm will have very different compliance issues from a pharmaceutical company. Finally, we look at a company’s internal document retention policies,” he says.
“Once we have a thorough understanding of how the company fits in with these compliance requirements, we will set standards to ensure a document that enters a company, whether it be a fax or an email, complies with the requirements throughout its lifetime at the company.”
With the proper MDS processes in place, a document can move from point A to point B, but only if the rules that have been placed on that document are observed. Eventually that document can move to a server for storage, or it can be moved off-site with the relevant reference codes.
Schoultz observes that although many companies see compliance to be more of a burden on a business than anything, if properly managed and automated through an MDS, it will work in the company’s favour.
“First, the POPI Act requires that certain types of documents be stored for up to five years, while others can be deleted or stored offline. It is human nature to just save everything – for ‘just in case’. But the problem with this is that servers will become clogged, and networks will become slow over time,” he says.
IT administrators will just end up throwing money at a growing problem by buying bigger hard drives and faster technology. This won’t be the case with an MDS, as employees will be forced to properly manage documents by storing them, archiving them, or deleting them.
“Although implementing an MDS in the beginning may be a big step, companies and IT administrators will soon start seeing the return on investment, as their servers only store important documents, while advising users when and where a document can be moved to after it has reached the end of its lifespan.”
Schoultz concludes that a properly implemented and managed MDS is not only about keeping a company legal, it is also about keeping the network, internet solutions and IT resources running with optimal performance.