• Over half of survey participants - 56 percent - consider marketing messages from known senders to be spam if the message is “just not interesting to me.”
• 50 percent of respondents consider “too frequent emails from companies I know” to be spam.
• 31 percent cite “emails that were once useful but aren’t relevant anymore.”

 Email marketers must come together and create a tighter definition of Spam and redefine the Can-Spam laws so that consumers can clearly see what is and what isn't Spam. This might be harder than it should be, just like the explanation of behavioral targeting practices with display advertising. Overall, online advertising needs to push for best practice standards that consumers can understand and marketers can be held to.

-Company A presents an email archiving score card for businesses to make it easier to help clients identify the right email archiving product for their specific environment.

-Company B offers a low cost email archiving solution to help meet eDiscovery requirements.

-Company C provides a free email retention policy starter kit.

-Company D releases an enhanced product with better email security.

-Company E publicly announces the acquisition of a major player in the email archiving community.

-Company F drafts a press release citing market analysts that they provide the best eDiscovery capabilities for an email archiving solution.

-Company G introduces its email archiving solution to the European market.

-Company H releases a new version of its email archiving solution that supports all the major servers on the market (exchange, GroupWise, domino).

-Company I distributes its email archiving solution in Malaysia.

Let's break this down.

Company A releases a free email archiving score card to help other businesses choose an email compliance solution. What is company A trying to accomplish? They are trying to simplify the process of email compliance through education. Some of this ties into the concept of "professional respect," which I will discuss in more detail later on in this entry.

Company B offers a low cost email archiving solution to help meet eDiscovery requirements. What is company B trying to accomplish? They are using cost as a measure to gain market share.

Company C provides a free email retention policy starter kit. What is company C trying to accomplish? They are reaching out to businesses that are undecided on integrating an email archiving solution. Company C (much like company A) is trying to simplify the process of email compliance through education.

Company D releases an enhanced version of their product which strengthens email security and enhances policy management capabilities. What is company D trying to accomplish? They are using upgrades in technology as a measure to gain market share.

Company E publicly announces the acquisition of a major player in the email archiving community. What is company E trying to accomplish? They will likely enhance the operational capabilities of their acquisition.

Company F drafts a press release citing market analysts that they provide the best eDiscovery capabilities for an email archiving solution. What is company F trying to accomplish? They are trying to use market research as a PR tool.

Company G introduces its email archiving solution to the European market. What is company G trying to accomplish? They are using geographic location as a measure to gain market share.

Company H releases a new version of its email archiving solution that supports all the major servers on the market (exchange, GroupWise, domino). What is company H trying to accomplish? Much like company D, they are using technological advances as a measure to gain market share.

Company I distributes its email archiving solution in Malaysia. What is company I trying to accomplish? Much like company G, they are also using geographic location as a measure to gain market share.

Now, what is the big picture here? Education. Cost. Simplicity. Technology. Expansion. Market research. Geography. These 7 factors are what email archiving providers have been pushing in the last month.Some of these press releases focus on similar things, but you will have to stay tuned for part II to see how it all fits together in an analysis of current market trends. Stay tuned.

What goes on behind the scenes really is amazing sometimes, even though this situation has been in the making for many years. How did it not go public that the file directories used to store the retained email were accessible by everyone on the EOP network in 2005? Roles based permission access is a serious facet of any quality email archiving solution, especially in our nations highest political facility. How could the white house just refuse so many warnings and requests to update their system? How could the president just disregard laws that COMPEL him to archive email? Perhaps the best quote is right here: Stephen McDevitt, an official in the presidential CIO office, "told the committee that a new e-mail archiving system that would have addressed the problems was ready to go live on Aug. 21, 2006. But CIO Theresa Payton canceled the new system in 2006, because it would have required modifications and additional spending." What? It was canceled for modifications and additional spending? Email archiving is a critical item for the president that is necessitated by law. It is nothing short of wild that Payton gave modifications and additional spending as a reason against its implementation.

At least in terms of electronic communication, it might be time for some hospitals to turn to outsourced email archiving.  Encryption, security, and access are all issues for health care providers right now, and these are three issues that email archiving services are well equipped to handle. It is time for hospitals to address the quality and success of their electronic patient data backup and protection.  With HIPAA security audits right around the corner, the time to wait before integrating an email compliance solution is really over.

"Email archiving solutions should address critical customer requirements around email information archiving, eDiscovery, regulatory compliance, business continuity, and storage optimization. Enterprise-class solutions provide legal search work flow, immediate mailbox and message recovery, disaster recovery, email archiving, and self-service search and access in one solution. By leveraging cost-effective storage, these solutions also optimize email storage and reduce overall infrastructure costs. Next generation email archiving solutions deliver rapid, comprehensive search across millions of emails for litigation ready production and provide the following capabilities:

Rapid eDiscovery: Auditors and legal staff must be able to quickly perform sophisticated search and discovery across centrally managed mailboxes to meet compliance requirements.

Automated, Exchange Disaster Recovery: Reliably protect Exchange information through non-invasive, continuous application shadowing. This process preserves the consistency and integrity of Exchange data and enables "one-click" full email data and service recovery when needed.

Mailbox Storage Management: Reduce storage requirements on the Exchange Server by migrating or "extending" attachments based on policies of age, document size, or mailbox size.

Self-service search of archived data: Seamless self-service access to end-user archived data, enabling them to find potentially lost or deleted messages without IT assistance.

Enhanced support for Exchange 2007: Live Communication Server (IM) and 64 bit Servers - extends content management to include instant messaging and takes advantage of new Exchange 2007 features for disaster recovery, folder level retention, and mailbox level journaling.

Automated PST File Archiving: New "crawler" automatically searches and retrieves PST files from servers, desktops, and laptops based on administrator-defined policies.

Active Directory Integration: Leverages roles defined in Active Directory and provides a version history of Active Directory, including distribution lists. Contents of distribution lists are viewed as they appeared when an email was originally sent or received.

Public Folder Archiving: Performs archiving and continuous data protection for Public Folders and allows auditors to search all Public Folder content and re-create chain-of-custody for compliance and legal discovery.

Scalable Storage & Reduced Archive Storage Requirements: Designed to deliver improved scalability and performance for the archive server with support for multiple databases and extensible storage volumes.

Each of the above criteria is highly relevant in ensuring a smooth email litigation process should such a situation arise. However, does relevancy equal necessity? Which of these factors are truly "business critical"? How essential is having support for Exchange 2007? Does a company need public folder archiving? When does storage really become a problem? Are the above capabilities best used in an in-house or an outsourced email archiving solution? I believe it is important for a business to understand what they need to comply with corporate regulations and legal requirements without spending money and time on things that are simply not necessary. What are the intricate parts of an email archiver that you truly NEED to satisfy compliance? I would like to address this topic in full soon. Stay tuned.

Even though I probably shouldn't, I still find it fairly remarkable that the White House simply cannot respond about the whereabouts of many missing emails. With the advent of internet technology there seems to be this general attitude that electronic communication does not have to be held up to the same standard as traditional paper documents. Many corporate executives and government officials seem to think they can pretend conversations never happened by simply deleting email backup tapes. In theory paper copies could just be burned up, but it seems that the ease of conveniently "losing" emails is what makes it so much more noticeable. It does not require a lot to act as if nothing ever happened. However, with industry regulations and legal expectations tightening the grip on corporate behavior, abusing the age of email messaging is only going to get harder to do. It is high time for all organizations to integrate an email archiving solution, especially when the center of the American universe is being thrown into the grand spotlight for this exact reason.

The Sarbanes-Oxley (SOX) act, as described by Chen, requires all public companies to retain their business records, including email, for at least five years. Since Sarbanes-Oxley does NOT specify which documents are relevant and which are not, it makes the practice of email retention significant for all public companies. Businesses cannot afford to preserve only select electronic communications. But with that being said, I have several questions in regards to the survey conducted by Harris Interactive. If the survey results are truly accurate, what does this say about company email policies? Are organizations effectively communicating the use of business email for personal reasons? How about what language is considered proper? Or how about the tolerance of humor? And if a company DOES have this policy circulating around, then why are so many employees ignoring it? Apathy? No fear of consequences? The survey results say that nearly all the employees polled do not believe that they have ever sent a risky email. Therefore it seems that most employees are not even aware that they are doing anything wrong. I believe that companies need to lay out specific rules within the employee email policy and hold review sessions to make sure that the rules are being followed. Additionally, I think that consequences are necessary and should be mandatory to enforce the rules. With SOX email compliance such a crucial item on the business agenda, more companies should be taking the time to make sure that their employee email policy is stringently regulated.

With the CMS bearing down on the enforcement of HIPAA security compliance, this years health information privacy and security week will likely get taken a little more seriously. The protection of electronic patient health care data is an extremely important measure for our society to take, and I believe that the CMS's current agenda is definitely helping the cause. Email compliance and email archiving solutions are necessities for health care professionals at this point, especially for those that do not want to deal with the repercussions handed down by Tony Trenkle and the Office of E-Health Standards and Services.

There are a couple of points I would like to make here. Firstly, there has been a recent surge in the amount of educational resources regarding eDiscovery and email archiving. Within the past month alone I have written about professional research papers, legal guidelines, reports, conferences, and even a judicially acclaimed reference on the topic. What is the significance here? I believe that both industry leaders and experts are finally recognizing the sheer volume of companies that are simply unprepared to deal with the pressures of satisfying an ever strengthening corporate & legal governance. Education and integration of email archiving solutions will continue to be a process, but there is little doubt that progress is being made. Secondly, the geography of email archiving and the locations that might be subject to email compliance regulations in the near future will be interesting to keep an eye on. That this seminar is taking place on the Cayman Islands, a British overseas territory, is a sign of society and corporate governance moving in a specific direction.

Well, as the Centers for Medicare and Medicaid Services (CMS) start to integrate the compliance review process there are a bunch of pertinent questions that come to my mind. Firstly, how will the CMS reviews impact the current state of electronic patient health care data and email management? Would a serious HIPAA violation change the way that electronic information is managed by health care providers? What is the difference between a HIPAA security compliance review and an OIG audit? Would the agency doing the testing (OIG or Office of E-Health Standards and Services) impact the stringency required for the security and privacy of an email archiving system? Will the OIG and CMS Office for E-Health Standards and Services be working together in the future? If the answer is yes, would this create a uniform policy and method for testing electronic patient health care data? Would the OIG merely be setting the stage for Tony Trenkle by doing preliminary investigation work? How many entities will be reviewed? What other health care providers and facilities will be subject to HIPAA email compliance regulations besides hospitals? Stay tuned for updates.

In one word, the answer is trust. Companies simply do not feel comfortable trusting an outsourced email archiving service to sift through their email and have access to private information. But is that really what happens? Do email archiving services take such advantage of their clients? No, they don't. Why not, you might ask? Roles based permission access, industry regulation authorities, and business reputation are three critical factors that ensure outsourced email archiving safety. Are there any distinct advantages to an in-house email archiving solution that would justify the high cost to maintain and integrate? There are some loose arguments to be made in favor of an in-house solution, but stay tuned for part II for more information.

Duffet mentioned the presence of several significant eDiscovery figures including: attorney Marie Lona, partner and chair of the e-discovery and electronic information practice group at Winston and Strawn, Tom Hall, managing attorney for discovery and litigation technology at Cleary Gottlieb Steen & Hamilton, Mikki Tomlinson, litigation support manager for Chesapeake Energy Corp, and moderator Kelli Brooks, principal of forensic technology services at KPMG. Tom Hall discussed the serious sanction handed down in the Qualcomm Inc v. Broadcom Corp by saying "My risk aversion advice: Don't do that."

EDD (electronic data discovery), as evident by the 46,000 missing electronic documents in Qualcomm, is an extremely important business continuity measure in the year 2008. Panel discussions such as the one above are instrumental in the education process for U.S. Businesses to learn about the dangers of avoiding email compliance and email archiving solutions. Perhaps the question is: is it better to retain electronic correspondences using in-house or outsourced solutions? This depends largely on the finances of a company, but there is a strong argument to be made for an outsourced service. They are generally more cost efficient, provide IT relief, and automatically provide you with regulatory and legal compliance.

The study includes the following factors as significant reasons to implement an email archiving solution:

Regulatory compliance. Industries that are heavily regulated, such as financial services or health care companies, must meet a variety of statutory requirements with regard to records retention.

Legal compliance. Dec 2006 revisions to the Federal Rules of Civil Procedure (FRCP) require organizations to manage their data in such away that it can be produced in a timely and complete manner when necessary, such as during legal discovery proceedings.

Reducing the impact of storage. Roughly 60% of decision-makers cite growth in messaging storage as a serious or very serious problem. Messaging storage, driven by increasing use of e-mail, larger attachments and the like, is growing at an average of 35% annually. By migrating data from storage on messaging servers to archival storage, companies overall storage costs can be reduced, while improving their messaging server performance and expediting recovery from downtime incidents.

My thoughts: at this point there is certainly no shortage of reasons to archive email. This white paper only highlights the list of issues facing both enterprises and businesses in relation to integrating an email compliance solution. With HIPAA, SOX, GLB, NYSE, NASD, AND SEC laws firmly in place, the monitoring and enforcement of corporate email retention is a top priority for U.S. industry regulators. FRCP eDiscovery proceedings have only placed the necessity to archive email on a grander scale, as harsh sanctions and criminal prosecution are legitimate possibilities facing those companies who cannot produce email evidence in a timely fashion. Additionally, the strain placed on an in-house server to retain the thousands upon thousands of in-coming and out-going emails that are accumulated daily has also enhanced the attraction of outsourcing an email archiving service.

HOWEVER, is this really what will get the corporate world to archive their email? I think that Osterman Research has done a great job, but I think that the benefits to email archiving are out there and have been out there. With so many laws, requirements, and IT concerns already established will a new white paper citing what is already known really make a difference? For some it might, but for many it wont. In a recent series of posts about Email Insurance I said that cost, complexity, satisfaction with email backups, apprehension about an unfamiliar corporate practice, and professional disinterest were big reasons why email archiving has not risen to the top of the business agenda. What the U.S. business world needs is the following three factors to help push email archiving into the corporate spotlight: Education. Momentum. Trust. I want to elaborate much more on these three factors in subsequent blog entries but for now I am going to focus on education.

"A Guide to Messaging Archiving" sounds like a nice tool for a CEO or CIO willing to invest the time to learn about email archiving, but will they? Who reads white papers? White papers are academic endeavors designed to provide a degree of expertise in a given topic. Most business professionals are simply too busy to be bothered with reading a white paper no matter how beneficial it might be for their business operation. This seems a strange scenario. People are taking the time to draft comprehensive analyses of important topics and nobody is reading them? I wouldn't say nobody here, but unless someone is seriously considering a purchase it is not a common phenomenon. How can education about corporate email archiving become more appealing? How do you make people WANT to get what they SHOULD get in the first place? I believe this is where attorneys come in. I believe this is where the news comes in. I believe this is where word of mouth comes in. Sometimes it depends on WHO is doing the educating. Might a white paper be more informative then listening to an attorney speak? Sure. Might it not? Sure. That is up to the individual person doing the listening. But what I do know is that hearing what you need to do from someone that you perceive to be in the right position to make a judgment call will win over reading a white paper almost every time. Our society is governed by law. People trust the law. U.S. Businesses trust the legal practitioners that represent the law. If email archiving is to be taken seriously it must come at least partially come from attorneys.

Is there something wrong with a new white paper on email archiving by Osterman Research? There is nothing WRONG in the traditional sense, but I feel that corporate America is just waiting a different form of education, one that they feel more comfortable with. When is this change coming? Is this change coming? I would like to do some more writing on these issues soon. Stay tuned.

John L. Pogue, chairman of HHM's business services practices group, issued the following statement for the press release: "Improper management of electronically stored information creates a huge risk. Some companies that have found themselves uninformed or unprepared in this area have sustained themselves massive judgments. In today's business climate it is important for companies to build well- defined policies that address how email and electronic documents are used and managed, and to communicate and enforce those policies."

I wholeheartedly agree. There is no question about the importance of integrating an email compliance and document retention solution. However, what I find truly significant here is that the warning to properly manage electronic information has come from a legal entity and NOT from an industry analyst. In a recent post entitled: "New eDiscovery reference promotes necessity of email archiving," I said that "while it is unlikely for business executives to run to the ABA and order a copy of their own, there is a great chance that corporate lawyers will purchase the book and relay the information back to their clients." The bottom line is that attorneys NEED to assist in the corporate education process with regards to email compliance and electronic data retention. Learning about the dangers of email retention from anonymous editors and obscure marketing professionals just doesn't appear to have the same effect as hearing it from a respected legal practitioner.

I am posting the excerpted guidelines from the HHM website just below because I think it is essential for every organization to review:

"Note: This information was excerpted from Drafting and Implementing Document Retention and Litigation Hold Policies, a comprehensive and proprietary document HHM developed for clients in response to growing concerns about the issue.

1. Every company is different. Not all companies rely equally on technology in their communications. Also, some companies allow employees to take digital information home, while in others that is not practical. Because tools and practices vary so widely, there is no one-size-fits all rule.

2. Consider laws already on the books. Certain businesses are subject to federal and state regulation of records retention, so it is important to investigate whether any of these apply. This applies to both electronic and paper records.

3. Consider the breadth of electronic communications your company uses. A sound electronic communications policy establishes permissible and prohibited uses, notifies employees that the company is monitoring electronic communications and sets up security procedures, etiquette, and records retention guidelines. As part of this process, a business needs to consider the types of electronic information that it uses: email, word-processing documents, spreadsheets, databases, digital images, scanned documents, and digital sound and video recordings. Federal courts refer to this as "electronically stored information" or ESI. Email raises its own technical questions that are important in drafting an effective policy.

4. Determine the possible locations where this information may be located. This may require a thorough inventory, because information could be stored on computers and devices not even owned by the company. For example, a flash drive can hold thousands of files, and an employee may use such a device to take information home to finish a project. If that employee opens a document on his or her home computer, that computer is now a repository of information that may be relevant in future litigation. Policies need top address these situations.

5. Establish a "litigation hold" policy that outlines a response to potential litigation. This policy, which should be created with input from the company's legal and information technology advisors, suspends the application of the document retention/destruction policies for relevant documents. Then the business needs to implement and enforce this policy. It is at this stage that companies like Morgan Stanley have run afoul of the judicial system and paid the price."

Rss Feeds
Directory - Rss feeds directory and resources.

Mata wrote: "I must take issue with the comment that the sheriff overnight erases thousands of e-mails all on his departments computers without warning. In actuality, I moved 5 1/2 months worth of e-mail from nearly 4,000 mailboxes onto archive tape. At no time were e-mails erased from computers as Casey asserts, and all of these e-mail messages, attachments included, are recoverable. It must also be noted that no investigative information has been lost, as suggested by some deputies, and the deputies who have made such suggestions are not assigned to investigative functions.

Casey was correct in his statement that the users were given no warning. Let me explain why. As our public information officer, Capt. John Martin, has stated to the media on numerous occasions, we have a critical storage problem on our servers. If I had taken the time towarn our users, they would have off-loaded their email from the mail servers to our file servers. As both mail and file operations are served by the same storage system, there was insufficient storage to allow this. The storage system, placed into operation in March 2006, was sized to serve us for approximately two years before needing an expansion."

My thoughts: Why couldn't the sheriff respond himself? This is the first problem I have with Mata's letter to Rick Casey of the Houston Chronicle. This might have been taken more seriously if it appeared legitimate. Secondly, if there really is an email archiving system in place, why has there been no mention of it before? Lastly, was it really necessary for the sheriff to keep all of his users in the dark about what was going on? Was it worth all of the bad press? There might indeed be a critical storage problem in the sheriff's department, but this was handled terribly. I think Charles Kuffner summed this situation up best on his website, and I am going to post what he wrote here:

"If Sgt. Newby is typical, then the users didn't understand what was happening. And I suspect he was typical, because as Mark Bennet shows, the memo and accompanying information (both PDF's) that Sgt. Newby and his coworkers would have received makes no mention of moving emails to archive tape, where presumably it can be retrieved as needed. It baldly says: 'Please consider this memorandum as authorization for the immediate deletion of all departmental email that is, as of the date of this menorandum, older than 14 days.' There may have been some confusion here about what the sheriff's office was doing, but I don't think it was Rick Casey who was the cause of it."

Mason cites many of the legal consequences related to poor email archiving and compliance policies as being tightly bound to this prominent role. Mason writes: "the evidence that comes before a court during legal proceedings reflects the way a business operates. Given that virtually every business now uses digital documents and email correspondences in such vast quantities, it is crucial that the documents relied upon by the business are retained properly." This statement addresses the common corporate practice of changing the "subject field of an email to reflect the client or project to which it is related," something which could cause significant problems if it was later required for court submission.

I believe Stephen Mason has made some excellent points here, as he provides some fresh commentary on how an organization should be preparing for eDiscovery proceedings. Mason makes a notable distinction between the policies handed down in an organization regarding electronic information management and the actual maintenance or "custodians" who are assigned to do the monitoring. If an organization recieves a sanction during pre-litigation FRCP eDiscovery, who is to blame? Do you blame the IT department? Or do you blame the corporate secretary in charge of drafting the policies? How many organizations even have a corporate secretary? If there is no such role in an organization, should the responsibility then fall onto the IT department solely? I believe one of the most important things to take out of this report is that the infrastructure of a business is more vital to the task of ensuring email compliance then it is typically given credit for. There must be a convergence between the IT department and a QUALIFIED individual who understands what the court expects out of an email archiving system to comply with eDiscovery regulations.

With 37 United States District Courts now requiring compliance with special eDiscovery rules, as well as consistent modifications to corporate data retention technology, the eDiscovery movement is beginning to surge. Since email management remains one of the dominant staples of current eDiscovery issues, if you are a CEO or a CIO this conference provides a great opportunity to integrate the solutions you need to maintain email compliance.

Apprehension about an unfamiliar corporate practice. "Email Archiving? Never heard of it before, I'm fine with paper copies." Believe it or not, this is a common line from many business professionals that have not made the adjustment to an entirely new generation of email storage techniques and methods. The problem here is that with email becoming the official "voice" of the 21st century, paper copies are not as relevant or important as they once were. If Email archiving sounds like a foreign phrase to you, this following explanation should make it easier to understand. An email archiver captures and catalog's your email when it enters and leaves your mailbox. It sorts all of your emails into a comprehensive index which you can use to search for specific key words. For instance, if you are looking for the word "email," you use the advanced search functions to sort through all of your emails to find every mentioning of the phrase "email." Why is this important? Well, there are several reasons, but one of the most critical is that during FRCP eDiscovery the opposing litigant in a federal law suit can ask you to present specific electronic evidence before the court. Email archiving allows you to find what you are looking for within minutes versus spending endless hours sifting through email backup tapes.

Professional disinterest. "When it happens to me, I'll deal with it." Famous last words, as some might say. There is nothing inherently wrong with this attitude, but those who have it are walking a fine line. All U.S. Companies and organizations run the risk of entering into litigation at some point in the course of their daily business operations. Email insurance is much the same as auto insurance, health insurance, and life insurance. It is making sure you are covered just in case something happens to go wrong. It might seem like an avoidable and escapable expense, but with email compliance regulations just in place for a few short years now, the tolerance had by courts will just continue to drop down to zero.

Why are U.S. Businesses not developing email retention policies? Well, as outlined above, the answer is spread out over a number of pertinent issues that many CEO's and CIO's have still not resolved. Cost, complexity, satisfaction with email backups, corporate apprehension, and professional disinterest are all playing a hand in explaining the results delivered by Osterman Research. Perhaps the real question boils down to the issue of: when? When will organizations treat HIPAA, SOX, NYSE, NASD, SEC, FINRA, GLB, and FRCP eDiscovery regulations as an item that remains at the top of the business agenda? Perhaps this would be a good topic for another blog entry. Stay tuned.

According to Trenkle, "CMS has contracted with PriceWaterhouseCoopers, an accounting and consulting firm, to help with the reviews." Hospitals will have access to a check list posted on the CMS web site "of security practices and issues covered in the rules." Although not all of the criteria was revealed completely, Trenkle did indicate that "remote access to data and use of portable storage devices are among the issues covered in the rules." The CMS mentioned that it would start out with larger hospitals that have received complaints before moving onto smaller operations. He said that "his office wants to work with the industry and strike a balance between achieving information security and making sound business decisions.

Ferris distinguishes between HIPAA security rules, which are enforced by the CMS, and HIPAA privacy rules, which are enforced by the Office for Civil Rights. Trenkle said that while most HIPAA complaints arise from matters of privacy versus security, if BOTH privacy AND security present a problem, then the Office for Civil Rights and the CMS will work together cooperatively to handle the issue.

I firmly believe that the protection of electronic patient health care data and email management in hospitals has now reached a level of critical importance. The Office for Civil Rights and the Centers for Medicare and Medicaid Services have until now tried to lend a helping hand in letting hospitals and health care providers become HIPAA compliant. However, this age of friendship and guidance appears to be tightening up a bit, if not coming to a close completely. The HHS seems to think that HIPAA laws and regulations have been established enough to begin enforcement. Are they right? There is no right or wrong answer here, but they certainly have a strong case working for them. HIPAA violations have been known to occur, but we might start seeing them on a much grander scale in the coming months. My personal thoughts? I would not at all be surprised if sometime in the next 9 months a few hospitals make the news in a very big way for violating HIPAA security and HIPAA privacy compliance.

Am I missing something here? I find this deeply concerning. What has happened to a persons right to privacy? Why does the Irish government need to keep track of when and where your emails are sent? Email archiving and e mail retention have several important reasons to be integrated in society, but needless government control is not one of them. For instance, HIPAA (the U.S. health insurance portability and accountability act) binds health care professionals to specific email compliance regulations in dealing with patient privacy. Laws set forth by HIPAA security and HIPAA privacy ensure that the privileged relationship between doctor and patient is retained by protecting the exchange of electronic health care data and email communications. Another example can be found in the amendments of the FRCP (U.S. Federal rules of civil procedure) in December of 2006. The inclusion of electronic discovery proceedings in civil litigation has enabled organizations to justify corporate disputes and prevent illegal scandals from taking place. But how does email management play a role in European Union governance?

TJ McIntyre, Chairman of Digital Rights Ireland, has been vocal on this issue and also appeared in an article in the Irish Examiner. He warns of some potentially serious risks to be associated with E.U. email compliance. I think what he had to say is important and I am going to close with an excerpt from his blog.

"Laws requiring monitoring of the entire population are astonishing in a democracy. Yet so far there has been very little public debate. One reason might be that his surveillance happens invisibly in the background. But compared to traditional surveillance it is potentially far more intrusive, and carries much greater risks of abuse. In the United Kingdom we have seen the loss of data on many millions of individuals. Here officials in the Department of Social Welfare have been found to be engaged in the systematic leaking and selling of personal information from government databases. There is no reason to think that this information will be treated any differently."

This is a question that has been assigned to the office of John Barnhill, assistant attorney of Harris County, to answer. Barnhill has been asked to review the sheriff's new policy to see if it meets Texas email compliance regulations. Murphy and Glenn cite that under Texas state law, "local governments and their departments must retain correspondence related to the departments administration for two years and correspondence about policies and program development for five years."

How can this new policy possibly meet the email retention guidelines set forth by the state? The sheriff's office is an integral county operation that surely encompasses a great deal of correspondence with local administration. Two weeks? I understand that email storage space is a primary concern for most businesses regardless of size, but intentionally deleting electronic communication is bound to have some serious consequences down the road. The Texas Public Information Act and the Freedom of Information Foundation of Texas are two organizations referenced in the article that will certainly have opinions on the matter if the sheriff's office is indeed deemed email compliant. Is the sheriff's office even aware of email compliance regulations in Texas? That is my final thought on the matter, becasue I find the quick fix solution they are using to be puzzling.

   In an article entitled: "E-Discovery rules still causing IT headaches," Brian Fonseca of computerworld.com provides commentary from Village of Niles MIS Director Bill Shaw. He elaborates that the FRCP revisions prompted city officials to make a decree that all emails which enter and leave city offices are official documents that are subject to legal review. This decision was likely made in an effort to reduce the sheer amount of non-business related emails that would need to be reviewed in an E-discovery situation. The decree has paid strong dividends as the volume of non-business related emails has dropped off, resulting in enhanced business continuity and office productivity levels. Email retention can seem a daunting task at first, but the FRCP revisions are already showing that regulatory compliance can be a serious business asset.