Salesforce Chatter Archiving & Compliance: A Primer

Chris Ricciuti Founder and CEO, eDynamics

Posted on October 11th 2012

Salesforce Chatter Archiving & Compliance: A Primer

Social Media ArchiveRecently, we authored a blog post entitled, "Is Chatter FINRA Compliant?" In that blog post, we discussed whether or not Salesforce Chatter, as a form of social media, satisfies FINRA regulations. To summarize, Salesforce Chatter is not FINRA compliant. But FINRA is not the only regulatory organization that provides rules around electronic communications use and compliance. Organizations that are subject to Sarbanes-Oxley, HIPAA or the FDA should also take note. Here's what you need to know, regardless of the regulatory entity that governs your organization.


If your Organization is Regulated, Archiving is a Must

As with all electronic communications, you must archive Salesforce Chatter content if you want to maintain regulatory compliance with the rulesets that apply to your organization.

Should a regulatory request for information arise, you need to be able to produce all electronic communications related to that specific request. Failure to do so could result in steep fines. This holds true regardless of whether FINRA, the SEC, Sarbanes-Oxley, HIPAA or FDA rules apply to your organization.

Bottom line, if you want to use social media and your organization is regulated, you'd better find a solution to archive its content first.

Chatter Archiving: Lots of Functionality, Little (Archiving) Facility

Great, we've established that we need to archive our Chatter content, but how? Unfortunately, Salesforce Chatter, in its native state, is not archive-friendly.

First, most regulators require that archived electronic communications are stored in a non-modifiable state, in industry parlance, write-once read-many (WORM) storage. Clearly, the Salesforce enviroment does not satisfy this basic requirement, as it is designed to be an interactive application whereby data is not static but active. There is no guarantee that Chatter content that is available in Salesforce today will be available tomorrow.

Second, there is no means of extracting Chatter data in a format that easily ports over to your existing archiving solution. Chatter content is not centrally stored in the Salesforce environment, rather, it is scattered in various locations inside the Salesforce database. The decentralized nature of Chatter data makes it difficult to capture.

Last, an important component of any archiving solution is a method of reviewing and reporting on the captured content. As Salesforce Chatter is not designed to be a archiving nor a reviewing application, this facility does not exist.

Chatter Archiving: Communications that you Need to Capture

To begin archiving Chatter content, we need to first identify the types of Chatter communications that need to be captured. Here is a list of these communication types:

  • Posts and Comments
  • User Profile Updates
  • Shares
  • File attachments (on posts and comments)
  • Website Links (on posts)
  • Polls (on posts)
  • Private Messages

Chatter as a whole is comprised of the above communication types. Each one of these types constitutes a communication that could involve one or parties within (or outside of) your organization and, therefore, need to be archived.

Chatter Archiving: Converting, Integrating and Reviewing

Now that we've established the types of Chatter communications that need to be archived, the next logical step is to discuss the optimal export format for integation with your existing archiving and reviewing software.

We've learned over the years that the simplest solution is often the best solution. When it comes to electronic communications archving, more specifically email archiving, most likely simple SMTP email messages are being routed to your archiving solution for archiving and retention. Plain and simple - this works - no need to reinvent the wheel. Converting Chatter content into email form for integration with your existing archiving solution is ideal.

Once Chatter content has been routed to your archiving software in email format, you can apply that application's existing reviewing and legal hold functionality to your Chatter content as well. That's the beauty of converting Chatter into email form; you can leverage the archiving solution that you already have in place, with little or no additional configuration in your back office systems.

Chatter Archiving: Other Important Items

So we've now captured and converted Chatter content, and we've integrated it into your existing archiving application. Here are some other items to consider when capturing Chatter content for regulatory compliance:

  • Context: be sure to capture the full conversation thread (posts and comments)
  • Selectivity: Only capture the Chatter content of users that are subject to industry regulations
  • Configurability: Ensure that your Chatter archiving solution can replicate your existing email archiving workflows

In Summary

The capability to capture Chatter content for archiving and retention is critical if your organization is subject to industry regulations surrounding electronic communications. If you intend to capture Chatter content, ensure that you capture all Chatter content. Do not reinvent the wheel, leverage your existing email archive for Chatter archiving as well. And ensure that your Chatter archiving solution is flexible enough to meet the needs of your existing electronic communications archiving workflows.


Chris Ricciuti

Founder and CEO, eDynamics

Founder and CEO of cloud computing start-up that caters to organizations in regulated industries. I often blog about the regulatory implications of social media.

See Full Profile >


Posted on October 13th 2012 at 5:09PM

Hey Chris, while Chatter is not compliant with some regulations and the Salesforce team does not plan to self-designate the service as compliant with industry practices, the API access to the various features of Chatter does allow for archiving along with proactive compliance.

I am the product manager for Compliance Locker, a free archiving utility listed on the AppExchange. Also, I spoke at Dreamforce '12 with a manager from Smarsh, that offers Chatter support as part of their cloud-based compliance platform (along with other e-communication methods and proactive compliance rules). I think it's a bit hard to say that capturing Chatter data is difficult because the API does support all objects (aside from Chatter Messenger, which cab be disabled by an admin).