Document Destruction Policy

A document destruction policy (or record retention policy) establishes rules governing how long a company retains various categories of business records before destroying them. Policies balance operational efficiency (storage costs, clutter) against legal requirements (regulatory minimums, litigation holds) and prudent risk management (the cost of a mistaken destruction can vastly exceed retention costs).

Companies are not required to keep records indefinitely. Tax records, payroll documents, contracts, emails, and other materials can be permanently deleted once their legal hold period expires. However, destruction must be systematic, documented, and suspended during litigation or government investigations. An ad-hoc, casual approach to deletion—particularly if it destroys evidence relevant to a lawsuit—can trigger sanctions, adverse inference (the court assumes destroyed documents would have harmed your case), or criminal obstruction charges.

Category	Typical Retention	Reason
Tax records	7 years	IRS audit period; state may have longer periods
Payroll/employment	3–7 years	Wage-hour law compliance; unemployment insurance
Contracts/agreements	Life of agreement + 3–7 years	Performance verification, dispute resolution
Board/shareholder minutes	Permanent	Corporate governance proof, securities law
Invoices/receipts	3–7 years	Tax substantiation, audit trails
Email (general)	1–3 years	Operational clutter; balanced against litigation risk
Email (executive/key projects)	7+ years	Increased litigation/investigation exposure
Health/safety records	5 years (OSHA)	Regulatory compliance, worker claims
Securities/investor relations	Permanent	SEC regulations, shareholder disputes
Litigation-related	Until case closes + appeals period	Avoid destruction of evidence

The retention dilemma: cost vs. risk

Retention policies exist because of two competing forces:

Arguments for deletion:

Storage costs (physical and digital) accumulate.
Data security risk increases with volume (more data = more exposure if breached).
Operational clutter: employees waste time searching through old files.
Privacy: some jurisdictions now impose data minimization—firms must delete personal data once no longer needed (GDPR “right to be forgotten”).

Arguments for retention:

Legal liability: a lawsuit can arise years after a transaction. Destroyed records become invisible evidence, damaging the company’s defense.
Regulatory audits: tax authorities, labor departments, securities regulators may request records years after the fact.
Settlement/insurance: defending a claim requires documentary evidence.
Institutional memory: some records are valuable for understanding company history, decisions, disputes.

The optimal policy accepts that deletion is risky, especially for companies in regulated industries (finance, healthcare, legal services) or with significant litigation exposure. The cost of keeping a document usually pales against the cost of litigation when a destroyed document is crucial evidence.

Anatomy of a document retention policy

1. Categories and retention periods

A good policy defines categories (contracts, emails, tax documents, etc.) and assigns each a retention period. The period typically expires when the record is no longer legally required and no longer useful operationally.

Example:

Business correspondence: 3 years after the matter concludes.
Employee files: 3 years after employment ends (covers wrongful termination claims, which often have 3-year statutes of limitations).
Tax documents: 7 years (IRS standard period).
Board minutes: Permanent.
Email (non-executive, non-project): 1 year (balances privacy/clutter against risk).
Email (CEO/CFO/legal matters): 7 years (higher litigation exposure).

2. Suspension for litigation hold

The policy must state that destruction is suspended immediately if:

A lawsuit is filed or threatened.
A government investigation or subpoena is received.
An internal investigation is underway.

This suspension (called a litigation hold) preserves evidence and prevents spoliation (destruction of evidence). Failure to implement a hold when required can result in sanctions or default judgment (court assumes destroyed documents supported the other side).

A well-run company designates a litigation hold coordinator who:

Receives notice of potential disputes immediately.
Issues a hold notice to all employees and systems administrators.
Preserves email folders, files, databases, and backup tapes relevant to the matter.
Maintains a log of what was preserved and when the hold was lifted.

3. Defined destruction method

The policy specifies how documents are destroyed:

Paper: Shredding (physical shredder or third-party shredding service that provides a certificate of destruction).
Digital: Secure deletion (overwriting with random data or degaussing hard drives) or destruction of media.
Cloud storage: Deletion and confirmation from the cloud provider.

The proof matters. If a company later claims it destroyed documents in compliance with policy, evidence (certificates, email confirmations) must exist.

4. Responsible parties and oversight

The policy assigns ownership:

Departments (HR, finance, legal) manage their own records and are accountable for compliance.
The General Counsel or Compliance Officer oversees the policy and investigates violations.
IT manages digital destruction of emails, backups, databases.
Facilities/procurement manage physical document destruction.

Without clear assignment, destruction becomes ad-hoc and untrackable.

Common pitfalls and legal exposure

Destruction during active litigation: If a company destroys relevant documents after a lawsuit is filed, it faces sanctions. Penalties can include:

Contempt of court charges.
Adverse inference (court instructs jury to assume destroyed documents would have harmed the company).
Monetary sanctions.
Attorney fee awards to the other side.

Selective destruction: If a company destroys some emails but keeps others, implying bias, courts view this as consciousness of guilt. A policy must be applied uniformly, not selectively.

Email in particular: Email has become litigation death rows. A casual company email calling a customer “worthless” or a board member suggesting accounting manipulation can haunt a company for decades. Many companies now retain all executive and legal department email indefinitely, accepting storage costs rather than gambling on when an old email might be needed.

Government investigations: A DOJ investigation, SEC inquiry, or OSHA audit can arrive with no warning. A document retention policy must be robust enough that random old documents are still available. Many companies now default to longer retention periods and only shred after explicit sign-off.

Data protection and privacy: the retention-minimization tension

GDPR and similar privacy laws impose a data minimization principle: companies should not retain personal data longer than necessary. An employee’s email after they leave might be destroyed under GDPR unless there is a legal reason to keep it.

But US employment law sometimes demands longer retention (7+ years for payroll/tax compliance). Companies operating globally must thread this needle:

Retain what US and other jurisdictions require.
Delete what is no longer necessary and is purely personal (non-business emails, personal health data).
Ensure litigation holds override privacy deletion rights (when a lawsuit is pending, GDPR must yield to litigation obligations).

Practical policy recommendations

Err on the side of retention, especially for companies with litigation exposure (life sciences, finance, construction, healthcare).
Set realistic periods: A 20-year retention period looks cautious but becomes costly and creates storage/security burden. 7–10 years is often a reasonable balance.
Centralize email: Move email off local computers to a managed platform (Office 365, Google Workspace) where retention policies can be enforced systematically.
Document destruction activities: Keep a log (or automated reports) showing when documents were destroyed, by whom, and for what category. This proof is essential if litigation later disputes compliance.
Annual certification: Have department heads certify annually that they have implemented the policy and no documents have been destroyed during a litigation hold period.
Audit third parties: If using outside vendors for storage or destruction, verify they implement the policy correctly.
Train employees: Many document destructions are unintentional (an employee clearing their desk, deleting old emails without thinking). Regular training on the policy reduces accidents.

Regulatory and industry-specific requirements

Securities firms (SEC Rule 17a-3, -4): Must keep customer records 6 years (accessible), then 4 more years in storage. Broker trading blotters, general ledgers, etc., for 6 years.

Healthcare (HIPAA): Medical records typically 6 years from last patient contact, though state laws vary.

Financial institutions (Gramm-Leach-Bliley): Must retain records for 5 years and produce them for regulators.

Tax records: 3 years IRS audit period (7 years if fraud is suspected; indefinite for criminal investigations).

A company’s policy must be at least as stringent as the strictest applicable regulation.

Board of Directors — Body overseeing corporate governance, including document policies
Internal Control Assessment — Evaluation of document and record controls
Sarbanes-Oxley Act — Legislation mandating corporate governance and document retention standards
SEC — Regulator with document retention requirements for public companies

Wider context

Corporate Governance — System of rules and processes directing company operations
Compliance Testing Regime — Audit and testing of compliance with policies
Whistleblower Protection — Legal protections for employees reporting violations
Fiduciary Duty — Legal obligation of directors and officers to act in company/shareholder interest