Control of email (and other electronic media) as Records - 4.2.4

#1
All,
As a company, we identify email (and other electronic media) as records.
Unfortunately, our Master Record List didn't. Minor n/c from our registrar auditor...no biggie. Easy enough to correct.
What I am struggling with is retention period. Our email server is via Office 365. All users 'manage' their own email accounts and we allow them the freedom to keep or delete as needed. As a general rule, for liability purposes, we don't want to keep records too long. But we don't want to restrict and have to police 100 email accounts.
Has/does anyone else face this issue? And how are you managing?
Thanks,

Mike C
 
Elsmar Forum Sponsor
#2
Re: 4.2.4 - Control of Records-emails

We use a passport drive on each desktop, strictly for email backup. Active email is controlled thru ACT software. For Office outlook, the pst backup simply goes to the passport drive. There really should not be a retention problem as far as space goes, nor any extra work involved. To purposefully limit retention would actually require a bit more effort.
 
J

JodiB

#3
Just like with all electronic records, emails are part of the network backup program. Anything that has ever come in or out of email has been recorded. A user might delete emails from their .pst, but they are still there in the backup files where they can be retrieved if necessary.
 
#4
Jodi,
We are using Microsoft Office 365 and they are our email server. If we delete an email, it remains in the Recycle Bin. If we empty the Recycle Bin, the MSO 365 server retains them for 31 days and then they are gone permanently.
As MSO 365 is somewhat new, I wonder who else is using it and how they manage it.
Thanks!!!
 

normzone

Trusted Information Resource
#5
An interesting problem. I've always just dealt with it in manners similar to [hogheavenfarm] and [JodiB].

Can the MSO 365 server setting be tweaked by a knowledgeable person to either extend the retention time or dump the contents to a known archive location?
 
#6
Yes...it is.
I am sure we can have our 'settings' adjusted on the server. But those are emails already disposed of.
I don't want to mandate a cumbersome policy within my organization that people won't follow and I don't want to open ourselves to unnecessary scrutiny by retaining things we don't need to retain...certainly a pickle...
 

Mark Meer

Trusted Information Resource
#7
Because of the "4.2.4" in the thread title, I'm assuming this relates to ISO quality system requirements?

As such, I'd suggest that the question to ask yourself is: what emails are quality system records? Most email traffic, I would imagine, is probably outside this scope.

Examples of emails that would constitute quality system records might be any correspondences regarding:
- Feedback & complaints (i.e. correspondences to/from customers)
- Orders & distribution
- Regulatory correspondences to do with post-market vigilance
- Any decisions or data not otherwise documented via established process data-collection methods (e.g. forms)
 

Mark Meer

Trusted Information Resource
#8
Previously, we had a system like you describe (individuals maintain their own emails, and the whole system is subject to regular backups).

But in a recent audit, we realized how much of a nightmare this can become if you need to dig up a particular email record in a timely manner. As such, we are now planning a repository of "quality system emails", and when emails are sent/received that meet the definition of a quality system record, they are exported to PDF and dumped in the repository.

This has the advantage that:
a) the emails relevant to the quality system are separated from the others; qnd
b) the emails (as records) are available to all individuals in the department.
 
P

PaulJSmith

#9
We use GoldMine CRM software. Any relevant emails are imported into it for retention. The rest are either archived with server backups or deleted at user discretion.

The problem with "the cloud" is that you really have no direct control of your files. There's no reason you can't back them up, as suggested above, and keep them in-house. Email files take up very little room on a drive (depending on any attachments, of course).
 
#10
Mark,
Thanks...
We have ID'ed email and other electronic media as records, so the horse is already out of the barn. Yes we can change it, but then/c is already written...
 
Thread starter Similar threads Forum Replies Date
A Document Control: Controlling Electronic Email (E-mail) Document Control Systems, Procedures, Forms and Templates 7
T How to Handle Email Document Control Document Control Systems, Procedures, Forms and Templates 2
O Process Flow Diagram, DFMEA, PFMEA, Control Plan integrated softwares FMEA and Control Plans 3
V Over 60 dimensions CMM measurement in control plan APQP and PPAP 4
A Document control system for QMS in Google Drive? Document Control Systems, Procedures, Forms and Templates 6
V Opinion on gauge control graphic General Measurement Device and Calibration Topics 5
S ISO 14001 Operational Planning and Control - Proving evidence of communicating environmental requirements to suppliers ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
V How to control odour outside paintshop ISO 14001:2015 Specific Discussions 1
G FMEA versus control plan IATF 16949 - Automotive Quality Systems Standard 6
K ISO 2859-5 (single run production) control plan issues FMEA and Control Plans 2
E Control Charts ISO 17025 related Discussions 7
E Control of Sterile Barriers made by the supplier Design and Development of Products and Processes 4
E Do anyone have document of automotive production risk and control of risk? Lean in Manufacturing and Service Industries 1
M X-MR Control Chart Rules (Particularly the MR) Statistical Analysis Tools, Techniques and SPC 3
I Clinical study suppliers (service providers) -- extent of control ISO 13485:2016 - Medical Device Quality Management Systems 4
P Product Requirements Control during Design Changes Design and Development of Products and Processes 4
T Control Excel template Document Control Systems, Procedures, Forms and Templates 5
J Document Control of Online Management Software ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
R 8.7 Control of Nonconforming Outputs AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
W Document control Document Control Systems, Procedures, Forms and Templates 10
S Control plan - Multiple batches Manufacturing and Related Processes 2
Q Control Plan and the frequency of sampling FMEA and Control Plans 11
A ISO 9001:2015 8.5.6 and 7.5.3 Document Control Questions ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
qualprod Sheets into a spreadsheet document control ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
Rene Minassian Control of (TMME) Testing and Measurement Equipment Oil and Gas Industry Standards and Regulations 2
C Control Plan APQP and PPAP 7
D Control of Records ISO 13485:2016 - Medical Device Quality Management Systems 7
M Document Control - Applying Suitable Identification to Obsolete Documents ISO 13485:2016 - Medical Device Quality Management Systems 5
L Control of Documents ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 29
S Control plan for "highly automated processes" FMEA and Control Plans 3
D Document Control Question involving DocuSign US Food and Drug Administration (FDA) 6
R SCORING OF MILLER MARITAL LOCUS OF CONTROL SCALE Coffee Break and Water Cooler Discussions 2
M Document Control ISO and FDA ISO 13485:2016 - Medical Device Quality Management Systems 7
M Design Control Procedure Medical Device and FDA Regulations and Standards News 4
D 8.5.1.2 Validation and control of special processes requirements for Heat Treat External Processor AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
R Humane Pest Control Food Safety - ISO 22000, HACCP (21 CFR 120) 1
B 8.5.1.1 Control Plan - question audit NC IATF 16949 - Automotive Quality Systems Standard 5
B QM Plan vs Control Plan IATF 16949 - Automotive Quality Systems Standard 3
N AS 13004 Control Plan and AQL FMEA and Control Plans 1
R Does anyone use iQMS for their ISO based document control? Manufacturing and Related Processes 1
qualprod Traceability with no rules to control labels? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
B Doubt about the correct control chart Statistical Analysis Tools, Techniques and SPC 14
G Change Control for Test Samples Inspection, Prints (Drawings), Testing, Sampling and Related Topics 3
Z Change color or shape of individual data point in control chart Using Minitab Software 6
Z Setting the Control limits on Minitab Using Minitab Software 4
C Elaborating a control chart with skewed data Manufacturing and Related Processes 4
M Who is performing quality control? IATF 16949 - Automotive Quality Systems Standard 2
S Risk control through Information for safety ISO 14971 - Medical Device Risk Management 12
D Locking Control Limits and SPC Sample Sizes (AIAG/Automotive Requirements) Six Sigma 2
Q Control limits Six Sigma 6

Similar threads

Top Bottom