Storage organizations must balance the reality of compliance mandates with the need to be profitable. Compliance with high risk items is fundamental however trade offs must be made when evaluating 'gray areas' of compliance. Clear retention and destruction policies help but policies alone won't ensure compliance. Technology must be judiciously applied to minimize exposure while at the same time allowing compliance to be automated where possible.