By Steve Mackes

On the heels of successfully opening its Houston office, which is now fully operational and thriving, GRM will soon unveil a brand new full-service facility in Boston. That’s good news for existing GRM customers who have a presence in the Houston or Boston areas as the company’s continued growth and expansion means potentially big savings.

For a limited time, to existing customers only, GRM is offering a guaranteed 20% savings on their current monthly spend in Houston and Boston for services of any kind. That includes the offsite storage of physical documents, scanning and imaging, digital web hosting, data protection, document retention, certified destruction and more.

To take advantage of this special, limited time offer, current GRM customers should go to this online address now: http://www.grmdocumentmanagement.com/houston/

By Steve Mackes

Long-held patterns of behavior are hard to break, especially when continuing the same old, same old is so familiar, comfortable and easy. This holds true not just for people, but any type of organization that is in the habit of doing things a certain way, even if that way is ineffective, costly and no longer serving your best interests.

How organizations store records is a prime example. Some companies and firms still house and manage all their physical information, often for no other reason than that’s the way they’ve always done it. But GRM offers an alternative that is not only more secure, but less expensive.

From its beginnings, more than twenty years ago, as essentially a moving and storage company, GRM has dramatically evolved. Today, it provides comprehensive, end-to-end records and information management solutions that go far beyond offsite document storage to include digital/electronic document content management, data protection, certified destruction and consultative Retention, Compliance and Governance expertise.

But for many of GRM’s clients, their first exposure and interaction with the company comes with a decision to store their records offsite. There are a number of reasons why. Offsite storage is a much more reliable way to protect your records. It’s also easy and convenient. Enlisting a company like GRM, to work with you in partnership, can save considerable time and money.

Offsite storage provides better protection through the very fact that records are no longer held and archived at the place of business. That means the records are no longer susceptible to loss in the event of an on-site disaster, damage from unfavorable storage conditions or even potential employee sabotage. Instead, provided you’re working with a reputable RIM (Records and Information Management) company, the records are kept in a secure, continuously monitored environment.

Another benefit of offsite storage is improved information organization, which can dramatically impact productivity. GRM, for instance, organizes, indexes and tracks, through barcoding, the records it stores offsite for customers, ensuring that everything is easily identified and accessed and nothing is lost or misplaced. Around the clock, fast, verified pickups and deliveries of documents are available at your convenience. And GRM services like Scan-On-Request and Digital Dispatch ensure that documents arrive in the appropriate format whenever and wherever needed. GRM also provides customers with eAccess, a remote, online inventory control system, free of charge. With eAccess, users can check on any stored items, arrange for pickups or deliveries, generate reports and much more, all from any location with a computer web browser.

Then there’s the issue of cost. Here’s why offsite storage contributes significantly to saving money: Business office real estate, especially in prime locations, is significantly more expensive than the cost of space in offsite facilities. Thus, customers pay less while freeing up premium priced square footage for employees or activities that deliver a better investment return.

One more important consideration is business focus. For potential GRM customers, records management is not their core competency. Consequently, an organization that takes the do-it-yourself approach to storing and maintaining its records can be distracted from where its efforts and energies should be placed. Leaving records storage to specialists in the field like GRM, on the other hand, can prevent a lot of headaches and free up a company or firm to do what they do best: grow the business. Additionally, offsite records storage can help an organization transition its physical documents toward a digital solution, opening the door to even more efficient cost-effective applications such as workflow automation.

Think about it: Reduced risk, greater convenience, improved organization and operations, significant cost savings, less distraction and fewer headaches. For all of these reasons, offsite document storage makes dollars and sense.

By Steve Mackes

For GRM, now one of the leaders in innovative, state-of-the-art records management, it all began with the box. It all began with storing boxes filled with customers’ physical documents, data tapes and other information media in a secure, off-site New Jersey facility.

Today, over 2 decades since that humble beginning, document storage, while still important to GRM’s business, is just one part of a multi-faceted approach. What happened during the 20-some years between was an evolution that continues to this day, initiated by an ability to think outside the box in order to become so much more.

Thinking outside the box has allowed GRM to become:

• More in terms of locations. The company now has 9 facilities in major U.S. markets that include, in addition to New Jersey, Philadelphia, Washington, D.C., Chicago, Atlanta, Miami, Los Angeles, San Francisco and Houston. GRM has also spread internationally with a number of locations throughout China.

• More in the number of organizations and industries served. Today, GRM has a blue chip roster numbering over 5,000 steady customers, both large and small, spanning virtually every major industry.

• A whole lot more in solutions provided. From document storage, this company has expanded into a full service firm with a comprehensive suite of offerings that cover the entire lifecycle spectrum of records management.

Thinking outside the box meant mustering the curiosity, courage and creativity to look beyond the borders of where GRM’s business began. It meant developing an awareness of records management industry’s trends and what clients and industries—Financial, Healthcare, Legal, Manufacturing, Retail, Entertainment, you name it—wanted and needed their information to provide, even before anyone knew how those goals could be efficiently achieved.

From that awareness, from that drive to manage and utilize information to the increasing benefit of clients, GRM expanded into all aspects of records management. In addition to document storage, the range of offerings now include a paper/digital Blended Solution, data protection, digital/EDM, Certified Destruction, enterprise-wide records management consulting, customized Retention/Compliance/Governance programs and a hosted, SaaS Online Record Center that delivers tremendous capability with virtually no upfront capital expenditures.

Outside the box thinking has not only grown GRM significantly, but has allowed its people and customers to glimpse a future of limitless possibility, fueled by fresh ideas, adaptability and innovation. The latest example of this is GRMpedia, an online, knowledge base, subscription service exclusively from GRM that enables customers to access Federal, State and International regulatory citations that impact their business. This groundbreaking service is unique in that customers, for the first time, can affordably access, around-the-clock, continuously updated, credible regulations to build Retention Schedules as well as Compliance and Governance programs that improve productivity and minimize risk.

When GRM began more than 2 decades ago, records management was principally the box and few could have grasped the incredible potential of the future. Now, to the advantage of the company and its customers, all that has forever changed, thanks to an open-minded willingness to think and look beyond.

By Steve Mackes

In recent years, the healthcare industry has been under a lot of pressure to adopt the EMR (Electronic Medical Record). The assumption is that by converting physical documents to a digital system, medical information—patient charts, lab results, etc.—will be easier to access, update, track and share with other medical professionals. The perceived need to transition the industry’s information to an electronic format is so great that recent healthcare legislation (HIPAA HITECH) provides both incentives for physicians to adopt EMRs as well as penalties if, within a specified timeframe, they don’t.

Theoretically, EMRs have the potential to be an incredible improvement in how healthcare information is controlled and distributed. But in actual practice, the cost-effective, care-enhancing, time-saving benefits of these systems, for the most part, have fallen seriously short of expectations. Here are several reasons why:

• Many EMR systems are unable to share information with one another. Consequently, the electronic record of patients who are seeing multiple physicians may by incomplete or fragmented.

• Electronic records within ERM systems don’t seem to be that secure, creating added risk as well as fueling security concerns.

• EMRs can be inefficient. Currently, some systems require logging on to a different system to view images. Physicians, indeed, find that EMRs take a long time to learn and often make them less productive. Physicians also experience specific usability problems when working with EMRs that cause long training times and loss of productivity. Examples of lost efficiency/productivity include: lengthy logins; long system response times; difficulty locating important information; logging in/accessing a second workstation when switching between patiens and exam rooms; lack of information integration can complicate a task and require the accessing of multiple screens; procedures and diagnoses may be based on a different set of codes than what physicians use; screens may contain useless information while lacking important data; screens may be densely packed with information, making it difficult to find what is needed.

• While EMRs appear to significantly improve the accuracy of administrative tasks such as billing and coding, the effects on quality of care is sketchy at best. A National Ambulatory Care Survey that analyzed 750,000 patient records over 2 years found the quality of care with EMRs superior in one area, worse in another and the same as paper in the 14 other categories evaluated. Better quality care results come from large institutions with internally developed EMR systems, but these systems are not considered broadly applicable, especially to small and medium size medical practices.

• EMRs can perpetuate inaccuracies. Pressed for time, physicians can easily introduce errors into an EMR. Once there, wrong information is unlikely to be questioned, yet quite likely to be copied, pasted and perpetuated by other healthcare professionals.

• EMRs can be costly, requiring significant expenditures in hardware, software and training.

• Switching between patients, which happens frequently in healthcare, often becomes a time-consuming process, requiring logins on multiple workstations, lengthy searches to complete a task and long response times.

• EMRs often limit simultaneous access to the same patient record, even though this is vital to the performing of parallel work between a physician and a nurse.

Despite these issues, the good news is that GRM Document Management is bringing much-needed help to EMR-challenged healthcare organizations through its Online Record Center service.

GRM’s Online Record Center has proven itself to be an effective supplement or even (in the case of such clients as Atlanta’s West End Medical Centers) an entire replacement to the EMR.

In either capacity, the GRM Online Record Center gets the job done, provides solutions to the problems listed above and delivers those benefits that made the concept of EMRs so attractive in the first place.

The ORC secures, handles and integrates structured and unstructured data, allowing high levels of workflow automation, management manipulation, tracking and simultaneous, authorized, multiple-user access.

Better yet, as an out-sourced, easy-to-use, web-hosted, on-demand SaaS (Software as a Service) system, the Online Record Center requires little or no upfront capital expenditures or ongoing costs for software upgrades, maintenance, IT and training. As part of the service, GRM can customize the ORC to work seamlessly with an existing EMR or as a completely compliant substitute for one.

The Online Record Center can help EMR-challenged healthcare organizations of virtually any size and at any stage of the EMR transition process. The ORC is ideal for smaller healthcare organizations that need to supplement and enhance their EMR capabilities. It can also provide an effective bridged solution for an organization in the midst of transitioning to an EMR. That’s what GRM accomplished recently for a medical center 3 months into an 18-month EMR rollout. Through the Online Record Center, all of the center’s charts were scanned and accessible in just 30 days. Then, when implementation of the EMR was complete, the information was quickly migrated to the new system.

While the inter-departmental integration capabilities of the Online Record Center can help cuts costs and improve productivity throughout a healthcare organization, it is a particularly effective solution in such areas as legacy, back office, AP and HR.

The bottom line is that GRM’s Online Record Center can assist hospitals, medical centers, physician practices, and other organizations in meeting EMR compliance requirements, overcoming the issues of existing EMRs, and adding supplemental capabilities that fulfill the EMR promise.

 By Steve Mackes         

Jersey City, New Jersey—GRM, a leading provider of lifecycle records management solutions, has announced the launch of GRMpedia, a web-based, on-demand subscription service that helps businesses identify regulatory risks and stay in compliance. What GRMpedia provides is an easily accessible, continuously updated one-stop source of Federal and State retention and reporting regulations.

Fred Diers, Vice President, General Manager of GRM’s Solutions Group, stated that the GRMpedia name draws from the suffix for ‘encyclopedia’ and the popular online resource, ‘Wikipedia’ to help convey what the service is about, namely that it is an informative, web-based compendium of knowledge. Mr. Diers, who has played a key role in developing the new service, went on to say, “GRMpedia is ground-breaking because it answers a critical, underserved, organizational need in the area of compliance. It provides the defensible criteria for realistic and compliant retention periods for organizational record categories. The service can provide virtually every business with an easy-to-understand, codified resource of regulations directly relevant to a company’s operations and the preservation of its information.”

GRMpedia is unique in its around-the-clock, online accessibility, ongoing updates and delivery of original, rather than interpreted data. “Interpreted data,” explained Mr. Diers, “is susceptible to misinterpretation. That’s why GRMpedia offers only original, credible regulation extracts and quotes, which are derived from the hundreds or thousands of pages comprising a specific regulation” Additional GRMpedia features include, Key Word Search, a ‘See More’ option that allows further investigation of a regulation, an At-A-Glance Risk Matrix and a variety of flexible customization capabilities.

The service is available to any organization on a subscription basis and is included when GRM’s Solutions Group is engaged to create a Records Governance Package and Retention Schedule. In conjunction with the launch, there is also a special, limited time introductory offer that provides the first month free with a 1-year subscription. For more information about GRMpedia, contact: grmpedia@ grmdocument.com

(The conclusion of a 2-part blog on reducing the risk inherent in e-messages)

By Steve Mackes

The first part of this blog touched on the nature of e-messaging, examined how it can incriminate individuals and organizations, and sought to dispel a number of e-messaging misconceptions. This final installment offers examples where e-messages came back to bite their originators big time, plus guidelines on how you can proactively minimize your e-message liability and risk.

It’s not just business executives and corporations who fall into the e-message trap. Recently, celebs such as Kanye West, Chris Brown and George Lopez have been called out for their e-messaging and then compelled to backtrack or apologize. As bad as those incidents might seem, they’re minor compared to some examples of e-message mismanagement.

Frank Quattrone, former head of Credit Suisse First Boston was convicted of obstructing justice and faced 25 years of imprisonment. His crime was sending emails encouraging the destruction of files while there was an ongoing criminal investigation of CSFB. One such email, titled, “Time to clean up files” was sent 2 days after Quattrone learned of the investigation by the Justice Department.

In Microsoft’s anti-trust case, email played an important role in exposing the real intentions of Bill Gates and his company to undermine competitors such as Real Networks, Sun Microsystems and, in particular Netscape. One Microsoft email asks: “How much do we have to pay you to screw Netscape?” While another, written by Microsoft VP Paul Maritz describes the plan to crush competition from Netscape. He says: “We are going to cut off their air supply. Everything they are selling, we are going to give away for free.” Even though this case was eventually settled, Microsoft was compelled to pay some 4.5 billion dollars to infringed parties, largely because of incriminating messages like those mentioned above.

But being used as evidence in litigation isn’t the only threat posed by e-messages. There’s also the possibility that sensitive product or other information can be stolen. The Gillette Company found this out the hard way when they discovered that a contract employee was using email to steal and then sell plans for the company’s new Mach-3 razor.

E-message Guidelines

When it comes to e-messaging, there are 4 simple guidelines to follow that can potentially keep you and/or your company out of harm’s way.

Watch what you say.

Though e-messages can be scrutinized by management at any time and easily distributed to the world, employees remain amazingly laid-back and complacent about what they say in them. As a good rule of thumb, do not put anything into an e-message that you would not be prepared to say out loud. In front of your mother. In Court. Do not write anything that you would not want to be tomorrow’s Wall Street Journal headline.

Understand that electronic documents pretty much last forever.

When documents are deleted, there is still a record on a hard drive, and it is retrievable until it is written over. Given the capacity of today’s computers, with hard drives of hundreds and thousands of gigabytes, it is doubtful that e-messages are ever written over. And if not, persons skilled in forensic retrieval can get at that information.

Distribute e-messages only to those who need the information.

The more you can effectively limit the spread of e-messages, the better. Rather than automatically hitting the ‘Reply to All’ button, carefully consider to whom you are distributing information. Suppose an email is sent to 7 persons, and 3 of the recipients forward the email to 5 additional people. In discovery, lawyers will be obligated to search the files of all persons who wrote or received the email, in this instance 12 persons. It’s easy to see how a case could require thousands of documents and numerous hard drives to be reviewed, dramatically increasing both potential liability and legal expense.

Be careful about the language you use in e-messages.

Never write e-messages when your emotions are raging. Anger and sarcasm often come across stronger in text than they would in person. Also, think about your choice of words, and don’t use all caps because it looks like you’re SHOUTING. Punitive words like ‘punish,’ or ‘teach a lesson’ can seem to indicate a state of mind to harm and, at the very least, reflect poorly on the sender. You should also be very careful about making any references to age, race or gender. One more thing to watch out for is inappropriate humor. Don’t send potentially offensive email such as jokes, questionable images, etc. When uncertain if something crosses the line, err on the side of caution.

Following these simple guidelines can help keep your emotions and potential liability in check when sending e-messages. That, in turn, can go a long way toward keeping you out of the news, out of court, out of jail and generally, out of trouble.

(The first of a 2-part blog on reducing the risk inherent in e-messages)

By Steve Mackes

You’d think by now, given what happened some years back with Enron and Microsoft and a host of other companies, most everyone would know. But based on what continues to pop up in the news—think Tiger Woods, Ohio State Football Coach, Jim Tressel and financial institutions like Goldman Sachs—it’s clear that many still have not received the memo, which is E-MESSAGES CAN INCRIMINATE!

It makes one wonder why, in this world of increased litigation, investigations and compliance mandates, otherwise savvy and careful individuals and businesses continue to underestimate the risk inherent in e-messaging. The answer appears to lie with the very nature of this kind of electronic communication.

Whether it involves emails, texting, or posting on social media sites like Facebook and Twitter, e-messaging feels informal, which, in many instances, causes people to let down their guard and say things they might, otherwise, not say. Further feeding that casual mindset is that e-messaging is often quickly received and responded to in an impulsive and emotional way, its immediacy trumping the urge to stop and reflect for a few moments on what someone might actually be saying. Also, because these messages lack that hard copy, hold-in-your-hand feel of permanence and are sent out into the ether, across the Internet, they seem like a kind of transient, anonymous, free-form interaction that is fleeting and without consequence.

In actuality, however, these are all misconceptions that couldn’t be further from the truth and only add to the risk and potential liability inherent in electronic communications. For your own awareness and protection, here are some sobering facts—what every individual and business should know—about e-messaging:

• E-messages are pretty much permanent. A deleted message resides on a computer or network until it runs out of free space, whereupon deleted files begin to be overwritten. Until then, deleted files can be retrieved by computer experts.
• Every e-message is being recorded somewhere—on a company’s network server, by an Internet or mobile service provider, on a computer hard drive or within Cloud storage.
• Electronic messaging in all of its forms are, more and more, used as evidence in litigation.
• Companies are required by law to retain email messages for a minimum of 2 years.
• Electronic attachments to messages provide much more information than what is seen on the screen. Every attachment contains metadata, which is essentially embedded background information about the content, quality, condition and other characteristics of data. Through metadata, virtually every keystroke, every typo, every trace of a document’s different incarnations can be traced.
• Non-company-related emails, generated at work, do not belong to the person who created them. Any emails generated at work, regardless of their nature, immediately become the property of the person’s employer.
• Emails are considered privileged information and off-limits to investigators only when they are lawyer-client communications.
• If an email sent to 5 people becomes potential litigation evidence, the number of files that will have to be examined can easily grow exponentially to include not only all of the files those 5 received but also the files of anyone who might have had the email in question forwarded to them.

Part II coming soon. Look for the conclusion of this blog, which will run down notorious examples of e-message mismanagement and offer some simple guidelines on how to proactively minimize your e-message liability and risk.

By Steve Mackes

It’s probably true that when most of us think of information management, (certainly most of us operating in the world of corporate business), what comes to mind are images of boxes or filing cabinets filled with hardcopy documents or hard drives and various media such as magnetic tapes, DVDs and the like loaded with digitized files. But at the National Center for Genetic Resources Preservation, information of a quite different kind is being stored and managed. For a wide variety of plants and animals, it’s the information of life itself.

For more than 50 years, with facilities in Fort Collins, Colorado and the Northern Plains, the center has operated under the premise that, just like businesses, plant and animal life forms, too need to have their information indexed, stored and retained in the event of circumstances that might endanger their very existence. But rather than papers, files and folders, this information comes in the form of something called germplasm, which is really genetic, biological plant and animal material. It might be a collection of seeds in the case of plants or semen, embryos and cells when it comes to animals.

All of this genetic material is retained and preserved through cryopreservation. This process works by slowing down the metabolism of a cell to the point that biochemical reactions stop, and the cell is kept in a kind of frozen suspended animation. The concept here is that cryopreserved seeds or cells can, at some later date, if needed, be thawed and revived.

Say a major natural event—a giant tsunami, a cataclysmic earthquake or a colossal meteor from space—impacts some part of the U.S. and wipes out all the plants and animals. Even under these dire circumstances, the National Center for Genetic Resources Preservation (provided its storage facilities aren’t themselves devastated) can provide the genetic fundamentals to bring these plants and animals back from what could otherwise be certain extinction. This is not a far-fetched scenario, given that many plants and animals, today are found only in isolated areas, where one disaster could be fatal to a species.

But it’s not just a huge, violent event that could bring the backup genetic information at the NCGRP into play. Though less dramatic, there are potentially more devastating forces likely to do in our wild and domesticated plants and animals. The activities of mankind such as deforestation, mining, land development, pollution and the use of pesticides continue to decimate many life forms on Earth, with no end in sight Add to that, the dangers of any number of diseases as well as invasive species, and it becomes pretty clear that, from many angles, our plants and animals continually face significant risks of eradication. Forget a major catastrophe. If the current trends of human and industrial expansion alone persist, the NCGRP estimates that as many as half of all plant species around the globe could eventually face extinction.

That’s why the work of the National Center for Genetic Resources Preservation is so incredibly important. And fortunately, the U.S. center is not alone in its commitment to preserving biodiversity. Other institutions, sharing a similar mission, include Bioversity International, headquartered in Italy with 20 offices around the world, the Nordic Gene Bank, India’s National Bureau of Animal Genetic Resources, the Taiwan Livestock Research Institute and the Australian Network of Plant Genetic Resource Centers.These unique organizations, in more ways than one, bring information management to life. And, in doing so, they are helping to ensure the sustainability of food supplies, the health of our planet and life in general on Earth.

By Steve Mackes

When we look at the ancient past, there’s a tendency to think that people and their motives way back then were far removed from today. But, in reality, though customs, technologies, environments and resources may be unique to a particular time, humans then and now are pretty much the same, driven by the same needs for clothing, food, shelter, status, etc. and realizing the importance of distributing and securing important information.

It was that need and desire to preserve information that led to the building of the Royal Library of Alexandria in Egypt. Said to hold the greatest collection of human knowledge in the ancient world, it contained, by all accounts, hundreds of thousands of manuscripts pertaining to science, technology, history and art. All of this information was recorded by hand on papyrus scrolls that were then codified and stored.

Founded in 283 BC by Ptolemy, a former general of Alexander the Great the library was the stuff of legends, by all accounts an extraordinary institution of records and writings and scholarly research. The main structure comprised several wings and porticos with lines of shelves for storing scrolls, all accessible from covered walkways. There were separate niches devoted to different types of authors and categories of learning, characteristics that persist in many libraries and archival facilities today.

Though it is known for a fact that this great library existed and eventually succumbed to fire, the details of exactly when and how the collection was destroyed are lost in a historical haze and clouded by mystery and bias. Multiple incidents of destruction were reported over the centuries, but their assertions are flawed and their accuracy suspect. This is because the authors lived long after the supposed occurrences and also, in each case, had personal and political reasons to blame a particular person or group for the library’s demise.

So, starting at 48 BC and extending to around 640 AD, a Roman General (Julius Caeser), a Christian Emperor and a Muslim Caliph (as well as their respective followers) were all implicated for having culpability when it came to the Royal Library of Alexandria going up in flames. While none of these stories can be verified, they may contain a shred of truth in that scholars and researchers of antiquity believe the library endured more than one disaster, from whatever source, and managed to rebound from all of them, except the last.

This was possible, it is believed, because the keepers of the library, intentionally or not, employed information management techniques and precautions that are used to this very day. For instance, accounts about the library indicate that it was somewhat decentralized. The records were stored in multiple buildings and some of these, such as the Serapeum sister library, were located in separate parts of the city. The Serapeum, it was said, held some duplicate copies of manuscripts that were in the main library, providing, a kind of ancient version of a mirrored repository.

Moreover, multiple versions of manuscripts were often created containing scholarly editing and annotations about the content. And all of these were able to be located and tracked through a sophisticated codifying system, which was really an early form of indexing. Copies were made not just for the library, but frequently for external consumption, sent to scholars and royalty elsewhere in the ancient world, who were willing to pay handsomely for this knowledge.

It was the decentralization of the library’s storage facilities that likely helped it survive disasters until at least 400 AD. Of course, in the end, whatever measures were taken were not enough to prevent the library’s ultimate destruction. Still, it was the wide distribution of certain library manuscripts (done for profit) that enabled some information to endure and be recovered even after the library itself was gone.

For today’s organizations intent on preserving their own vital data, the ancient lesson of what happened with the Royal Library of Alexandria underscores the need for indexing, multiple, separate storage facilities, information backup and something that wasn’t available in ancient times, fireproofing.

By Steve Mackes

In business, those three letters—R-O-I—have come to stand for what every organization and every executive seeks: Return On Investment. Along with widespread prevalence, the meaning and usage of the term have continued to evolve. Today, ROI represents not just the result, the “return” but even the promise and justification for making an investment in the first place.

As nothing in our language, including a popular acronym, stays static for long, expect this definition to morph as well. Just ask Fred V. Diers, an information management expert and the VP, General Manager of GRM’s Solutions Group. With extensive experience in Compliance Governance and Retention issues and a keen understanding of information trends, Mr. Diers sees a very big change coming to the meaning of ROI. And, every key business manager and C-level executive, if they haven’t already, should sit up and take notice.

Thanks to the Sarbanes-Oxley Act, along with the growing frequency of corporate litigations, government investigations and the instant exposure of information (true or false) over various facets of the Internet, ROI could soon come to represent, in the popular vernacular, something far less rewarding and far more threatening to upper management everywhere.

Coming to a plush, corner office or a boardroom near you is a new ROI that stands for RISK OF INDICTMENT! And while the earlier version of ROI might have brought stock options and a big promotion, implicit in the new interpretation are the possibility of a ruined reputation, loss of career, extreme financial liability and even prison.

Here’s how this cruel turn of events came to be: Way back in ancient corporate business history (say about ten or eleven years ago), company executives and board members were not legally liable for their firms’ bad decisions even though they might have been the very people making those decisions. At that time, only the legal entity could be sued or investigated. Employees who owned or ran a company were exempt. But Enron went and ruined this for everyone (at least everyone with a “Chief “or “Chairman” at the front of their title). In response to that company’s massive fraud and ultimate implosion, the Sarbanes-Oxley Act was passed. With this legislation, executives and board members could no longer avoid personal liability for company actions. With this legislation, the upper echelon of management in general was now held personally accountable.

But despite the fact that Enron and Sarbanes-Oxley are old news, a lot of top executives still don’t seem to have received the memo. Plenty of executives continue to implicate themselves with the content of their emails, text messages or phone conversations, and through lapses in managing company information resources or records. The current criminal trial of one-time Galleon Hedge Fund billionaire, Raj Rajartnam, for instance, has already brought down a board member of Goldman Sachs and a director of the consulting firm, McKinsey & Co.

“It’s all about information and the management of it,” insists Mr. Diers. “Even if you’re completely well-meaning and innocent of anything illegal, the mishandling or misplacement of information can bring a world of civil and criminal legal trouble. Information can seem insignificant and benign until it is placed in a greater context, where it might then reveal or support a pattern of behavior, an intention, a bias or a claim central to some litigation.”

He also points out that many C-level execs tend to be removed from the workings of their company’s records and information management systems. And remain so, until it’s sometimes too late; something that, in Mr. Diers’ view, should dramatically change. “To reduce risk for both themselves and their organization, executives, at the highest levels, have to be more involved and hands-on. They should seek to meet whatever level of risk is identified with the most compliant and secure systems possible. And they should have a robust retention schedule in place that sets both identification standards for access and procedures for the destruction of information no longer needed in the normal course of business. Because the bottom line is that these executives are responsible and liable.”

In reflecting on these sobering words, one additional bit of advice comes to mind, but offers little comfort. If all else fails, blame Enron.