ArcMail Compliance Management


Welcome to ArcMail Compliance Management - your source for federal and state legal and regulatory compliance news.

Maximize Legal and Regulatory Compliance, While Minimizing Risks.

ArcMail Compliance Management is brought to you by ArcMail Technology and The ePolicy Institute, a training and consulting firm dedicated to helping employers reduce electronic risks - including litigation and regulatory violations - through the implementation of effective email policy, which is supported by employee training and enforced by proven-effective technology, including the ArcMail Defender solution for email archiving.

ArcMail Compliance Management provides information and links to federal and state laws and regulations governing issues, such as:

  • E-discovery
  • Electronic evidence
  • Record retention requirements
  • Email retention policy
  • Email archiving
  • Email management

Federal Law: FRCP

Email messages and other electronic business records play an ever-increasing evidentiary role. When sued in federal court, you must comply with the amended Federal Rules of Civil Procedure (FRCP). Under FRCP, email and other electronically stored information (ESI) may be subpoenaed and used as evidence. Coupling email retention policy with a proven-effective email archiving solution, like ArcMail Defender, helps ensure your ability to comply with FRCP’s electronic discovery guidelines. FRCP’s 99-Day Rule requires all parties to a lawsuit to meet and discuss the scope and accessibility of email and other ESI within 99 days of a claim’s initiation. Could you comply with federal electronic evidence discovery rules within 99 days? If not, best practices require you to implement email compliance policy and technology today, or face potentially costly federal court sanctions tomorrow.

Federal Regulations: HIPAA

The healthcare industry is under growing regulatory pressure to safeguard patients’ electronic protected health information (EPHI). Health Insurance Portability and Accountability Act (HIPAA) compliance requires organizations that produce, handle, transmit or acquire EPHI to establish email policy and use effective technology to protect the security and privacy of email messages, attachments and other data containing EPHI related to patients’ health status, medical care, treatment plans and payment issues. Regulatory compliance also calls for adherence to HIPAA’s record retention requirements. Best practice: Combine email policy and email retention policy with email archiving technology to support HIPPA email regulatory compliance.

State Laws and Regulations: State Rules of Civil Procedure and State E-Discovery Rules

State Rules of Civil Procedure and E-Discovery Rules continue to evolve. Some states mirror the Federal Rules of Civil Procedure, while other states have yet to adopt rules based on FRCP. Click on the states in which you do business or litigate claims to learn how each state handles e-discovery, electronic evidence and record retention requirements.


*ArcMail Compliance Management is updated bimonthly and is produced with the understanding that the author, ePolicy Institute Executive Director Nancy Flynn, and publisher, ArcMail Technology, are presenting a general overview and are not engaged in rendering legal, regulatory or other professional services. If legal advice or other expert assistance is required, please seek the services of a competent professional.