Data deletion, or letting go is hard to do
The July 2008 column discussed the advantages of creating a manufacturing operations cloud, a set of servers that provide common services for manufacturing operations. These services include manufacturing execution systems (MES), laboratory management systems (LIMS), maintenance management, warehouse management, receiving, material tracking, equipment logs, and training logs. A manufacturing cloud can provide backup, archiving, redundancy, and scalability for these services. A manufacturing cloud can also provide the vital, but usually overlooked, function of deleting data.
There are many good reasons to keep manufacturing data. As engineers, we want to keep data for comparison and evaluation, because past production data can be used for lean manufacturing and Six Sigma projects. There are also rules and regulations that require data to be preserved. Data associated with materials, production, training, and maintenance often have compliance retention periods required by state and national regulations. Another important reason for retaining data is for legal challenges, to demonstrate production quality and testing activities.
Despite the desire to retain data, there is also an important reason to delete it. While deleting old and no-longer-relevant data can save disk storage and reduce backup requirements, the primary reason to delete data is litigation discovery cost. During the discovery phase of litigation, someone has to look at the data and decide if it is relevant to the case, and the time and cost to do the evaluation is large, often one of the major costs of litigation. Therefore, deleting old and no longer relevant data is a key requirement to reducing litigation costs.
Clear policy needed
Companies that have been through a discovery process have realized that they need a formal retention and disposition policy. This is a clear policy identifying types of retained data, how long it must be retained, and who has the responsibility for deleting it. Development of a retention and disposition policy must involve IT, legal experts, compliance officers, and line of business managers. It is important to not forget the people that create and use the content, because they may have local copies. The retention and disposition policy and automated procedures must also have provisions for a litigation hold. In this situation, data that may be scheduled for deletion must be preserved if it is relevant to the litigation. This means that responsibilities must be assigned to ensure that relevant data is not accidently deleted, because this is a red flag to juries that something is being hidden.
If your company has a retention and disposition policy, check to make sure that manufacturing data is addressed in the policy. Often the focus is on financial data and emails, but manufacturing data is often relevant to product liability litigation.
Also, it is important to ensure that manufacturing implements the policies. If the company has a policy but does not follow it and ends up in litigation, then this indicates that the company cannot be trusted to follow any policies.
Don’t have a policy?
If your company does not have a retention and disposition policy, then start the work to support future policy development. This involves identifying all of the data that is retained, what the data represents, where it is located, where copies can reside, what applications are needed to delete the data, and who should have deletion responsibility.
During development of the retention and deployment policy, you will need to know what the data represents in order to know what rules and regulations apply. These steps also help identify what data should reside in your manufacturing operations cloud. Permanently and unequivocally deleting data is hard to do, but it is an important function for well-run manufacturing IT organizations.
|Dennis Brandl is president of BR&L Consulting, Cary, NC, which is focused on manufacturing IT solutions ( firstname.lastname@example.org .|