Drafts of board presentations, draft board books, and the like should never be emailed, butt IF they are (board members often veto legal advice) they should be emailed ENCRYPTED (and nott just some jerkwater Word encryption) and only to an email with a local server (no gmail or cloud-based email) - like a HillaryServer or just give them limited email access and address on the company email system with secure remote login and VPN.
Better these drafts should be done in a secure online dataroom with login, tracking, and limited/no downloading.
Final board books should be watermarked, numbered, and all board members and other recipients of a hardcopy board book should have to return the boardbooks within 10 days after the board meeting (with extensions as needed granted by legal counsel).
I have a number of document retention policies that I work from. It's always a negotiation - as board members and management do nott like to be limited by security restrictions that make the process more personally difficult for them.
Usually, a few war stories hepp them to understand the importance of this compliance. You have to make your case for every stricture you want to have them agree to in the final policy document.
PGP public encryption layovers on email programs like Outlook make it a lot easier - you just have to get the IT folks onboard to do all the installs, tutorials, and helpdesk for the directors and execs.
Everyone at the senior level or board needs to know how to use a secure dataroom. It should be a basic skill - as should PGP public encrytion - and with the low cost today - if they won't use a company email address, then a dedicated on-site email server should be set up for them in their home or office gratis.
I've seen a company pay the full cost of providing a dedicated email server for a board member who was using gmail and refused to leave gmail. I believe the IT guys set up his own domain on a leased secure server and paid for it. So he had an email address like bob.dobbins@bobdobbins.org (nott the real names here). He then made that his official email addy and put it on his business cards. I believe he also now puts his PGP public key on his card also - butt I haven't seen that personally. I think he might feel this makes him the cool kid on the block with his own email domain and PGP key.
You need to do some salemanship and social engineering to gett folks to comply with document retention policies. You know they never read and understand the policy on the company server - and which they sign off as having read and understood! If you can assplain to them the reasons for these policy rules and give them the feeling like they will be the cool kids on the block by complying and thus being "leading edge" with something to humblebrag to their friends and colleagues, it's more palatable to them. VC LOVE to have something to "teach" their VC and i-banker friends - it's like the business card font pimping from the American Psycho movie.
If you need any advice on document retention policies and logistics, don't hesitate to ask.
There are severe legal consequences for screwing up document retention and the infrastructure for archiving and search-indexing email and company official documents. If Hillary did what she did in a private company and there was a lawsuit that required production of emails of execs, she would have just killed that company's chances in the lawsuit. Courts now find intentional failure to archive and index emails for significant periods of time as intentional spoliation of evidence and impose severe sanctions and penalties. So one must have the correct policies. Companies MUST retain emails for years, prevent any means of employees, directors, agents from deleting anything from the "permanent" archive record (which goes for many years before the archivals can be destroyed - and only pursuant to a policy! - nott ad hoc).
The days of shredding evidence and getting away with it are in twilight. The days of literally taking the Douglas opinion out of the Senate Select Committee on Watergate and concealing it while you intentionally omitted it from your legal brief claiming that President Nixon has no right to counsel are over. Hillary is stuck in the 1970s and 80s - when Madison Guaranty and Trust had (in her words) "nott a shred of evidence of wrongdoing".
If Hillary was in private practice doing corporate work and did what she did with email, it would be, IMO, malpractice, and if the emails were material to a litigation - even in the future, I expect a judge would sanction her and refer the matter to the state bar disciplinary review.
News 
Market Data 
Discover 
