How Long Do I Keep Information?
Updated: Feb 20, 2022
In case you are wondering how the garage cleaning went last weekend, I filled several trash bags and boxes worth of items that were donated and several others for the trash. In order to ensure I was only disposing of unnecessary stuff and not valued items, I secured the approval of my family stakeholders before disposing of anything. The results were fantastic! I cleared several shelves worth of storage space that allowed me to reorganize for better findability.
I now have plenty of room to store more items and everything is properly organized so I can find things in the future, including the lost flashlight, which is no longer lost. Best of all, it didn’t cost me anything except a little time.
Information has a useful lifespan.
It’s exactly the same with information. Like the unnecessary stuff I was keeping in my garage, information has a useful lifespan that ultimately requires disposition. In simple terms, information is created, used, stored and should ultimately be disposed of. It should be obvious from my previous post why information disposal is probably the most important step in this “information lifecycle”.
Many people get confused by this notion though. The confusion comes in when deciding how long (and why) they need to keep things for. There are two primary schools of thought on this:
Keep information based on how often it is used or accessed – the frequency of access model … or …
Keep information based on actual value or obligation – the business value (and obligation) model.
Information Lifecycle Management (ILM)
The frequency of access paradigm gave us the term “information lifecycle management” or “ILM” a couple of years ago. This was a vendor-driven idea that moved information between storage tiers based on the frequency of access. It never really caught on as it didn’t address the core issues especially the disposal of information. It’s an interesting concept if your motive is to sell storage. Moving information around to optimize storage infrastructure is a good idea but only part of the answer. Business need, relevance and usage combined with regulatory and legal obligations truly determine how long information must be managed, retained and governed.
Best Practices for Storing Information
In simple terms, we should keep information because it is an asset (business value) and/or because we have an obligation to do so (legal and regulatory). Debra Logan (Vice President at Gartner) has been publishing excellent research on this topic. Best practices exist as well. The new Information Management Reference Model (IMRM), from the same organization that gave us The Electronic Discovery Reference Model (EDRM), aligns the key stakeholders (IT, Business and RIM/Legal) with the key issues (asset, value and duty) and the key benefits (efficiency, profit and reduced risk). There are a number of other approaches as well, notably The Generally Accepted Recordkeeping Principles (GARP) from ARMA.
Best of all, optimizing systems and storage infrastructure based on the business context of usage, not just frequency of access, is much easier to do when things are properly organized (classified) based on actual need/value.
In summary, the business value of information changes over time requiring Information Lifecycle Governance eventually requiring defensible disposition (more on that next time). I hope you manage and govern your information based on business value and your obligations. I also hope your information spring cleaning is coming along as well as my garage is. I am so motivated by my results that the attic is next for me.