You are right to worry about your e-discovery obligations these days. They are critical for just about any company; you never know when you are going to sue or get sued. But compliance, when it comes to retention is difficult. Law.com notes e-records are usually spread across different computer systems and managed in different ways. Perhaps the biggest point of failure is the nexus between the IT and legal teams; at most places, they rarely communicate. These days, that's a bad idea.

Law.com recommends that companies convene a regular crisis team meeting that brings together key legal and IT professionals, including general counsel and the chief technology officer. I would add key consultants and contractors. This would allow for an on-going discussion and on-going action in the face of the many facets of compliance, Sarbanes-Oxley, HIPAA, Federal Rules of Civil Procedure and so on. It would be nice of the CEO bestowed real authority on the working group. In addition, "courts will look favorably on the working group because it demonstrates the company's good faith in dealing with e-discovery and records-management issues," says the site. 

For more:
- here's the article

Related Articles:
E-discovery still a problem for financial firms
Financial firms face e-discovery imperative; are they prepared?
How to be prepared for a lawsuit
How to protect against employee email