Store your business’ essential documents securely offsite to save space and ensure compliance.
Protect your business’s digital media in a secure, climate-controlled vault.
Secure your essential records like wills, evidence, trusts, and legal documents in our vault.
Preserve the safety and integrity of biological samples, pathology slides, and critical medical materials with secure, climate-controlled storage.
Easily manage and track your inventory online with Corodata’s secure and user-friendly Client Portal.
Need storage boxes? Order Corodata’s durable, secure boxes online in just a few clicks. Keep your records organized and protected.
Access your physical documents digitally with Corodata’s Scan on Demand service. Deliver secure, on-request scans directly to your device.
Digitize large quantities of documents efficiently with Corodata’s High Volume Scanning. Ensure quick, secure, and accurate conversion to digital files.
Securely access your digital and scanned documents anytime from your desktop, tablet, or phone with CoroVault.
Keep your business compliant and secure with our NAID-certified paper shredding services.
Prevent data breaches with certified hard drive destruction, fully wiping data and ensuring compliance.
Host a shred event to provide secure shredding services to your community at a central location with our mobile shred truck.
We offer a range of secure, locked shred bins and consoles designed to safely store confidential documents and files. Explore our available options today!
Stay informed with the latest records management tips, industry news, and expert insights.
Unlock free exclusive ebooks, templates, and checklists to streamline your business operations.
Access free on-demand webinars to master Corodata’s client portal.
This guide reveals exactly which business records to keep and for how long.
Safeguard your business operations and speed up recovery during a crisis by completing this disaster recovery plan.
Easily maintain HIPAA compliance with our comprehensive checklist.
Since 1948, we have delivered secure records management solutions to help businesses confidently protect and manage their information.
Knowing these essential ins and outs of records management regulations can keep California businesses protected from legal recourse.
Proper records management procedures should be a prerequisite for all businesses—but they’re not. Blame it on a global pandemic or lack of buy-in for a records management program.
The reality is, attention to records management is no longer something businesses can deprioritize. Document storage and shredding is a practice businesses need to comply with due to a myriad of regulations.
According to an article in the National Law Review, “New data privacy laws in jurisdictions around the world, including a number of new state laws surrounding consumer data in the United States, have added urgency for organizations working to develop and improve their records management and information governance practices.”
In January 2023, The California Privacy Rights Act (CPRA) went into effect, requiring businesses to disclose the length of time they plan to keep personal information and respond to consumers who send their company a Data Subject Access Request.
As a result, records managers should be aware of their own records but also the consumer data that they collect, how it is collected, where it is collected, and how to retrieve it if requested. It’s a lot; we get it. But this is where CPRA employee training will help get everyone up to speed.
While we’ve talked about the kind of data the CPRA protects from a consumer standpoint, what’s also important to note is that data on employees, job applicants, independent contractors, and business-to-business operations must also be protected.
According to Bloomberg Law, California will be the first state in the U.S. require companies to give employees more control over what personal information is collected and how it’s used.
Additionally, as stated in the CPRA, former and current employees have the right to request a copy of their personnel records, including information about their performance. Examples of personnel records that may be requested include employment applications, payroll authorization forms, layoff, leave of absence, vacation, and related notices, performance reviews, or warnings, discipline, and/or termination notices.
Plus, on January 1, 2022, Governor Newsom signed Senate Bill 807, which requires employers to retain personnel records for applicants and employees for a minimum of four years (up from three years). The retention period of these files could be longer if the employer is notified that a complaint has been filed through the California Department of Fair Employment and Housing (DFEH).
You already know about the basics of records retention (we’ve talked about it a lot) and featured blogs by Helen Streck like this one on the importance of putting a records retention policy in place. A crucial part of this means creating a retention schedule (i.e., a master doc that shows what kind of information the company has and how long to keep it) that everyone sticks to.
There are some standard guidelines for building a retention schedule that explain how long the company needs to keep each type of record as part of its compliance requirements. For example, any financial records must be kept for seven years after they are created or received and should be stored securely. And all business tax records must be kept for five years after the filing due date.
Now it’s time to take it a step further and look at the actual statutes surrounding records management. Keep in mind, various records retention laws exist at federal, state, and local levels. For example:
Obviously, records are kept in two different forms—electronic and paper. And depending on the type, different retention laws and policies may apply.
Just recently, new records mandates were issued by the National Archives and Records Administration to clarify a decade-old rule known as the Capstone approach for retaining electronic communications.
In 2013 the Capstone approach allowed for agencies to shift from having to print out and file all emails sent and received by officials to an automated system.
In the new update, the requirement has been expanded to include any electronic message, including email-based chats, independent chat messengers, and text messages. And these messages must be kept for 15-to-30 years, or after declassification review, whichever is later.
There’s no denying, the policies around consumer privacy continue to evolve. And along with them, so does the definition of a data breach. At the federal level, various sectors’ data breach reporting requirements continue to evolve.
At the state level, the California Data Breach Notification Law requires businesses operating in the state to report any breaches that involve the personal information of their customers.
Recently nine other states have amended their statutes to impose notice requirements broadening existing definitions of personal information, increasing the context of reporting requirements, requiring stricter notification timeframes, and allowing the Attorney General to publish data breach information.
While a data breach, due to non-compliance or malicious acts, is the worst-case scenario, staying up to date with the changing landscape and implementing a management program are essential to business operations.
Whether you’re focused on electronic or paper records storage and destruction, Corodata can support you with a secure, compliant, and complete solution. Let’s get started. Yes, I’m ready
Well-crafted policies facilitate businesses in easily accessing and referencing documents. Furthermore, they educate employees on appropriate document disposal methods to safeguard confidential information.