Goldilocks and data management: finding a ‘just right’ solution


We all know the story about finicky Goldilocks and her attempts to find the right temperature porridge, the right size chair and the right softness bed.

Well, who could guess that a fairytale character would be the one to provide sage advice when it comes to data management? Businesses large and small should borrow a page from the Goldilocks’ playbook when it comes to managing their bits and bytes and seek a solution that is “just right.”

Big data is causing big headaches for companies — and the problems are only going to get worse. The average employee now has 31 gigabytes of data, which translates into nearly 65,000 Word documents, more than 100,000 e-mails and upward of 165,000 Excel documents.

Businesses, though, measure their data in terabytes, which is the equivalent of 1,024 gigabytes of data. A mid-sized business maintains between 10 and 50 terabytes of data, and it can cost tens of thousands of dollars — if not hundreds of thousands of dollars at the upper end of the scale — annually to store, maintain and manage all that information.

Yet, most of this information is outdated or redundant or should never have been written in the first place. On average, 50 to 70 percent of what companies retain may actually be deleted.

Factor in the statistic that data is doubling every 18 months and your calculator quickly runs out of zeroes. The amount of information available and the acceleration of its growth are enough to make you dizzy.

Increasingly, companies are trying to find ways to better manage their data so they can save the right data in the right form and access it at the right times. Too many businesses are tempted to save everything, while other companies are in a rush to throw everything away. Both approaches have inherent risks and costs of which businesses are unaware.

The Goldilocks approach, though, would be to find the happy medium by developing a data management solution that ensures your business can:

  • Comply with state and federal requirements that mandate certain records be held for certain lengths of time.
  • Retain information that has value and context.
  • Defend itself in the event of litigation or a government investigation.
  • Reduce storage costs — and litigation risks — by purging redundant, obsolete or trivial information.

So what’s the right answer? Defensible deletion.

Defensible deletion is the process of thoughtfully and purposefully deleting outdated and unnecessary data and documents that are not subject to a legal hold or other retention requirements.

Unfortunately, there is no one-size-fits-all when it comes to determining whether information should be kept or discarded.

Consider that there are more than 10,000 federal laws alone that address records. Companies determine retention periods — or how long you must legally keep a record — based on these laws, operational requirements and best practices such as ISO quality standards that specifically address records management.

To develop a defensible deletion protocol, a company should work with IT, its legal department and the record owners to:

  • Perform a records inventory for the various functions in the business, from engineering and information technology to human resources and quality.
  • Determine where the records are retained — Sharepoint? iManage? SAP? — and how to find them and whether deletion is feasible.
  • Know what legal requirements mandate the retention of the record, what legal considerations affect retention and what operational retention periods and best practices apply.

Not only will you see immediate costs savings, but you will be doing your business an immense favor by reducing down-the-road litigation risks and e-discovery costs.

Although the task may seem overwhelming at first, approach it systematically. Consult with your legal counsel, establish a plan and start small — but start.

Otherwise, how will you finally arrive at “just right?”

Dawn Garcia Ward is senior counsel at Warner Norcross & Judd LLP, where she co-chairs the firm’s new Data Solutions Practice Group. She concentrates her practice in record information management. She can be reached at

Facebook Comments