David Hollander, president of Liberty Group LLC in Oakland, and our regular Compliance Watch columnist, sent over some interesting information recently. The issue of “data compliance” is one subject where many advisors could (and should) become more knowledgeable.
Hollander emailed over a list of requirements and policies that advisors might want to adopt or follow. Below are the highlights:
* Have written and enforceable retention policies.
* Make sure that there is a written procedure that is followed regarding email and IM.
* Make sure there is a written procedure regarding review and approval of Web sites prior to publication.
* Store data on non-erasable, non-rewriteable media.
* Maintain a searchable index of all stored data for at least three years.
* Have readily retrievable and viewable data for up to six years, two years easily accessible.
* Consider storing data offsite and backup that data regularly.