A Mapping of the Victorian Electronic Records Strategy Schema to openehr
|
|
- Joan Green
- 8 years ago
- Views:
Transcription
1 VERS openehr Mapping Commentary A Mapping of the Victorian Electronic Records Strategy Schema to openehr Electronic Health Records: Achieving an Effective and Ethical Legal and Recordkeeping Framework Australian Research Council Discovery Grant, DP School of Law Deakin University, School of Information Management and Systems Faculty of Information Technology and Faculty of Law Monash University, Australia Rob Meredith School of Information Management & Systems, Monash University Rob.Meredith@infotech.monash.edu.au January, 2004
2 Introduction This document is a commentary on a comparison between the Victorian Electronic Records Strategy (VERS) and the openehr electronic health records standard. VERS documents the Victorian State Government s requirements for electronic records submitted to the Public Records Office of Victoria, and forms the basis for other electronic records systems to be used by other branches of the Government. The specification can be found at openehr is an open standard for the design of electronic health records systems. Consisting of a number of models specifying the data required by compliant systems for various aspects of a medical records system, it is still a work in progress, in that a number of the proposed models are yet to be released to the public. Documentation for the current models can be found at Purpose The purpose of this document is to provide an overview of the results of the VERSopenEHR mapping. It should be read in conjunction with the mapping document itself (VERS-EHR.xls), as well as the VERS and openehr documentation itself (see below). This document highlights some of the main issues that have been identified as a result of the mapping process, but doesn t claim to be a comprehensive list of limitations of openehr from a record-keeping perspective. Document Versions The following document versions were used for the mapping process: VERS: [VERS1] Public Records Office Victoria (2003) Management of Electronic Records, PROS 99/007, Version 2.0, available at [VERS2] Public Records Office Victoria (2003) Advice 9: Introduction to the Victorian Electronic Records Strategy (VERS), PROS 99/007, Version 2.0, available at [VERS3] Public Records Office Victoria (2003) Specification 1: System Requirements for Preserving Electronic Records, PROS 99/007, Version 2.0, available at 1_Std_ver_2-0.pdf [VERS4] Public Records Office Victoria (2003) Specification 2: VERS Metadata Scheme, PROS 99/007, Version 2.0, available at 2_Std_ver2-0.pdf [VERS5] Public Records Office Victoria (2003) Specification 3: VERS Standard Electronic Record Format, PROS 99/007, Version 2.0, available at 3_Std_ver_2-0.pdf 1
3 [VERS6] Public Records Office Victoria (2003) Specification 4: VERS Long Term Preservation Formats, PROS 99/007, Version 2.0, available at 4_Std_ver_2-0.pdf [VERS7] Public Records Office Victoria (2003) Specification 5: Export of Electronic Records to PROV, PROS 99/007, Version 2.0, available at 5_Std_ver_2-0.pdf openehr: [EHR1] Beale, T., Heard, S., Kalra, D., & Lloyd, D. (2002) The openehr Technical Roadmap, The openehr Foundation, Revision 1.2 [EHR2] Beale, T., Goodchild, A., & Heard, S. (2002) Design Principles for the EHR, The openehr Foundation, Revision 2.4 [EHR3] Beale, T. (2002) The openehr Modelling Guide, The openehr Foundation, Revision 1.0 [EHR4] Beale, T., Heard, S., Kalra, D., & Lloyd, D. (Eds.) (2003) The openehr EHR Reference Model, The openehr Foundation, Revision [EHR5] Beale, T., Heard, S., Kalra, D., & Lloyd, D. (Eds.) (2003) The openehr Common Reference Model, The openehr Foundation, Revision [EHR6] Beale, T., Heard, S., Kalra, D., & Lloyd, D. (Eds.) (2003) The openehr Data Types Reference Model, The openehr Foundation, Revision [EHR7] Beale, T., Heard, S., Kalra, D., & Lloyd, D. (Eds.) (2003) The openehr Data Structures Reference Model, The openehr Foundation, Revision [EHR8] Beale, T., Heard, S., Kalra, D., & Lloyd, D. (Eds.) (2003) The openehr Demographic Reference Model, The openehr Foundation, Revision [EHR9] Beale, T., Heard, S., Kalra, D., & Lloyd, D. (Eds.) (2003) The openehr Support Reference Model, The openehr Foundation, Revision [EHR10] Beale, T., Heard, S., Kalra, D., & Lloyd, D. (Eds.) (2003) The openehr EHR_EXTRACT Reference Model, The openehr Foundation, Revision Methodology A direct mapping of VERS to openehr is not possible for a number of reasons, the first being that the two models are intended for quite different purposes. VERS was developed with the needs of the Victorian Public Records Office in mind, that is, the needs of that office to be able to accept, for archival preservation and storage, records in electronic format from a number of agencies. openehr, on the other hand, is a logical model unrelated directly to any physical system, designed to manage patient health data. Whilst the two overlap (they are both concerned with record-keeping), there are broad areas of incompatibility. 2
4 The method adopted, therefore, has been to derive the requirements for records from the VERS documentation. These include system requirements, metadata and other aspects of record-keeping. Rather than directly mapping to openehr elements, the task is to determine whether a system implementing openehr either directly supports, or could be made to support, the derived VERS requirements. For example, a particular VERS Metadata item may not necessarily exist within an openehr model, but it might be reasonable to assume that if asked, the operator of an openehr system might be able to generate the metadata item asked for in VERS. There are therefore a number of levels of compatibility: Full, Implementation Dependent, Derivable (not directly supported, but reasonable to assume that the data could be generated), Partial, and Not Supported. Finally, some elements of VERS are listed as deprecated those elements have not been mapped, but they have been included in the mapping spreadsheet for completeness. The mapping spreadsheet, VERS-EHR.xls, has been structured in the same manner as the VERS documentation. For each document, a separate worksheet has been created that lists, on the left, the record-keeping requirements derived from that document. The next column specifies the level of compliance by openehr with that requirement. Where necessary, commentary has been provided in the next column. Main Findings A good summary of the overall support offered by openehr for the VERS requirements can be found in the worksheet relating to the VERS System Requirements document [VERS3]. The requirements listed in this document outline the requirements of a good electronic record-keeping system. This sheet is reproduced below: Requirements derived from VERS System Requirements Specification Record Authenticity Record Integrity Document Conversion Metadata Capture Modifying information associated with Records and Folders Documenting the History of the Records and Folders Reliability Refresh Record Transfer openehr Compliance Depends on Access Control Models, yet to be documented Partial Not applicable Partial Full Partial (record creation and modification, but not access) Depends on implementation Depends on implementation Not applicable Table 1 - VERS System Requirements & openehr Compliance Inapplicability of parts of VERS As can be seen from the table above, some sections of the VERS specification are not applicable to a mapping with openehr. The purpose of VERS is partly to specify for client organisations of the public records office the format of electronic records to be provided for long term preservationl. A compliant system owned by a client will be able to generate an electronic object (VEO) which is then able to be sent to the public records office for storage. Requirements specifically designed for long term preservation such as 3
5 the ability to convert documents to a VEO compliant format, and the ability to transfer this to the Public Records Office of Victoria are not the principal design specifications of openehr. Altough, as recorded below, openehr has components that comply with VERS. Most VERS Metadata Elements Fully Supported or Derivable The main area of relevance for openehr is the VERS metadata scheme [VERS4]. By mapping the schemas documented in the various openehr models, it has been possible to highlight a number of areas of difference. It should be noted that, whilst openehr doesn t provide complete compliance with the VERS metadata, the majority of metadata elements required in VERS are supported, at least to the point where they can be derived from an openehr system. Aspects of the VERS metadata such as the structuring of records and descriptions of their contents are fully supported by openehr. Those areas of VERS that receive the least amount of support, however, tend to relate to record-keeping business functions. Given the recordkeeping needs, however, of the medical industry, where long term, authentic and secure records are vital, the seriousness of these shortcomings should not be overlooked. These record keeping aspects are as follows: Rights Management The most glaring omission from openehr as it stands in the documents used for this comparison is the area of the control of use and access to records. Section 9.2 of Design Principles for the EHR [EHR2] states that the following five principles should underlie any openehr system (see [EHR2] for precise definitions): Authentication Confidentiality Integrity Availability Non-Repudiation Whilst these principles are worthwhile, the inclusion of these into the overall openehr model base is a work in progress. Section 9.2 itself has a number of sections marked To Be Continued, and the model that would contain most of the security functionality, Access Control (see Figure 2 openehr Model Family, page 10, [EHR1]) has yet to be released to the public. As a result, large sections relating to rights management in VERS, comprising VERS metadata elements M25-M31, M135-M151, and M154, are unable to be mapped as they may, or may not be supported by a subsequent version of openehr. Audit Trails Broadly speaking, openehr has a relatively rigorous audit trail mechanism in place. It provides support for the logging of the creation, modification and deletion of records, and ensures that all previous versions of a record are available if needed. It achieves this by implementing a chain of records representing the different versions of an individual record over time, beginning with the initial creation of the record, and allowing for a record to be flagged as deleted, rather than physically removing it at the end of its life. 4
6 This same concept is utilised in VERS with its modified VEO object (see [VERS3]). However, VERS also goes further in tracking not only the creation, modification and deletion of records, but their access as well, through the use of the following metadata elements (see [VERS3]: M73 Object Content.Record.Use History.Use.Use Date/Time M74 Object Content.Record.Use History.Use.Use Type M75 Object Content.Record.Use History.Use.Use Description This ensures that even if a user has legitimate rights to access a record for some purpose (rights management), all access to that record outside of the scope of that purpose is logged. This is an important privacy mechanism, missing in openehr. Whilst it is conceivable, and even likely, that the developer of an electronic health record system based compliant with openehr would incorporate such functionality, this is by no means guaranteed by the standard. Since privacy and accountability are vital aspects of the medical industry, it is surprising that logging of record access has been omitted in openehr. Scheduling of Specific Record Keeping Actions VERS includes a mechanism for the scheduling and logging of actions to be undertaken in regard to the preservation and disposal of a record. The following metadata elements are incorporated into VERS for record preservation (see [VERS3]): M78 Object Content.Record.Preservation History.Action.Action Date/Time M79 Object Content.Record.Preservation History.Action.Action Type M80 Object Content.Record.Preservation History.Action.Action Description M81 Object Content.Record.Preservation History.Next Action M82 Object Content.Record.Preservation History.Next Action Due Whilst the following manage record disposal: M89 Object Content.Record.Disposal.Disposal Authorisation M90 Object Content.Record.Disposal.Sentence M91 Object Content.Record.Disposal.Disposal Action Due M92 Object Content.Record.Disposal.Disposal Status Of these metadata elements, only M92 Disposal Status can at least be derived from an openehr system (by determining whether or not a record still exists and is accessible). Mandates for Record Keeping Activities Related to the issue of the management of record keeping activities, VERS supports the logging of the mandate used by a record-keeper to undertake an action in relation to a record. For example, a particular action, such as the deletion of a record, may be mandated by legislation, or some organisational policy. VERS incorporates the following metadata elements to implement this (see [VERS3]): M94 Object Content.Record.Mandate.Mandate Type M95 Object Content.Record.Mandate.Refers To 5
7 M96 Object Content.Record.Mandate.Mandate Name M97 Object Content.Record.Mandate.Mandate Reference M98 Object Content.Record.Mandate.Requirement Whilst the tracking of a mandate may not be as important as the logging of access to a record, or the management of record-keeping activities, the capture and logging of the mandate related to record-keeping activities is never-the-less important for ensuring the integrity and legality of the record, especially in long term time frames. None of these elements are supported by openehr in regard to records-management activities. Long Term Preservation of Records One of the strengths of VERS is that it has been designed with an emphasis on the long term preservation of records and their metadata. VERS mandates, for example, the use of common, standard encoding techniques such as Adobe s open, ubiquitous, even if proprietary portable document format (PDF), ASCII text, TIFF images and standard compression algorithms [VERS6]. It also specifies standard media such as 63 or 74 minute CD-R as opposed to 80 minute CDs or CD-RW formats [VERS7]. VERS also specifically prohibits the encryption of records to ensure their long-term accessibility. openehr, on the other hand, does not deal well with the issue of long-term preservation of records. openehr does have, as one of its stated aims, the long-term accessibility of health records (see section 9.4, page 88 of [EHR2]), and references concepts of selfdocumentation, self-containment and record structure extensibility, which are in common with long term preservation models. It also recognises a number of strategies by which this can be achieved (from [EHR2], page 88): Preservation of the original system Emulation of the original system on a new platform Migration of the data to a new system Encapsulation of the older data within the new format However, this being said, openehr sidesteps the issue of long-term preservation by arguing that the method of ensuring this principle is one of enterprise policy ([EHR2], p. 88) that is, it is up to the system developers/builders to derive an acceptable solution. This is further compounded when it is considered that data encryption is a likely tool for system developers to be used for ensuring security and privacy of health records, although encryption is not specifically incorporated into the openehr specification. Encryption is acceptable for transmission but not storage. There is a tension between the long-term access needs for health records (>100 years), and the security and privacy requirements placed upon system owners and operators. By placing the burden upon developers to devise a suitable long-term archival mechanism, with some justification (openehr doesn t claim to be a system requirements specification document), openehr leaves this important issue somewhat up to chance. 6
8 Conclusion In general, based upon this comparison with the record-keeping requirements of VERS, openehr has a moderately good level of support for basic record-keeping principles. Certainly the introductory documentation to openehr including the technical roadmap [EHR1] and the Design Principles [EHR2] outline a sound treatment of the recordkeeping aspects of electronic health records systems. Where the model currently falls down, however, is primarily in managing record-keeping activities (such as scheduling and the logging of record-keeping mandates) and in extending the audit trail to include record access as use in addition to creation, modification and deletion. openehr also sidesteps the important issue of the long term preservation of records by leaving the most important aspects of the mechanism for ensuring this up to system developers. Despite addressing the majority of record-keeping issues in the EHR context, these aspects of openehr reflect, perhaps, the fact that record-keepers have not had a strong influence on the development of the standard. Inclusion of input from record-keeping experts is an important task that the openehr Foundation should turn its attention to. Further work will be needed when the Access Control models for openehr are made available, at which time, the rights management aspects of VERS can be compared for a more detailed assessment of the security and access control features of openehr. 7
Management of Official Records in a Business System
GPO Box 2343 ADELAIDE SA 5001 Tel (08) 8204 8773 Fax (08) 8204 8777 DX:467 srsarecordsmanagement@sa.gov.au www.archives.sa.gov.au Management of Official Records in a Business System October 2011 Version
More informationPublic Record Office Standard PROS 99/007. Public Record Office Victoria. Management of Electronic Records
Public Record Office Standard PROS 99/007 Public Record Office Victoria Management of Electronic Records Version 1.0 April 2000 PROS 99/007: Management of Electronic Records 1 Table of Contents 1.0 Introduction...
More informationSystem Requirements for Archiving Electronic Records PROS 99/007 Specification 1. Public Record Office Victoria
System Requirements for Archiving Electronic Records PROS 99/007 Specification 1 Public Record Office Victoria Version 1.0 April 2000 PROS 99/007 Specification 1: System Requirements for Archiving Electronic
More informationADRI. Digital Record Export Standard. ADRI-2007-01-v1.0. ADRI Submission Information Package (ASIP)
ADRI Digital Record Export Standard ADRI Submission Information Package (ASIP) ADRI-2007-01-v1.0 Version 1.0 31 July 2007 Digital Record Export Standard 2 Copyright 2007, Further copies of this document
More informationQueensland recordkeeping metadata standard and guideline
Queensland recordkeeping metadata standard and guideline June 2012 Version 1.1 Queensland State Archives Department of Science, Information Technology, Innovation and the Arts Document details Security
More informationDocument and Records Management Systems
GPO Box 2343 Adelaide SA 5001 Tel (08) 8204 8773 Fax (08) 8204 8777 DX:467 srsarecordsmanagement@sa.gov.au www.archives.sa. gov.au Document and Records Management Systems August 2009 Version 2.1 Table
More informationTERRITORY RECORDS OFFICE BUSINESS SYSTEMS AND DIGITAL RECORDKEEPING FUNCTIONALITY ASSESSMENT TOOL
TERRITORY RECORDS OFFICE BUSINESS SYSTEMS AND DIGITAL RECORDKEEPING FUNCTIONALITY ASSESSMENT TOOL INTRODUCTION WHAT IS A RECORD? AS ISO 15489-2002 Records Management defines a record as information created,
More informationGuideline 1. Cloud Computing Decision Making. Public Record Office Victoria Cloud Computing Policy. Version Number: 1.0. Issue Date: 26/06/2013
Public Record Office Victoria Cloud Computing Policy Guideline 1 Cloud Computing Decision Making Version Number: 1.0 Issue Date: 26/06/2013 Expiry Date: 26/06/2018 State of Victoria 2013 Version 1.0 Table
More informationThe legal admissibility of information stored on electronic document management systems
Softology Ltd. The legal admissibility of information stored on electronic document management systems July 2014 SOFTOLOGY LIMITED www.softology.co.uk Specialist Expertise in Document Management and Workflow
More informationGuideline. Records Management Strategy. Public Record Office Victoria PROS 10/10 Strategic Management. Version Number: 1.0. Issue Date: 19/07/2010
Public Record Office Victoria PROS 10/10 Strategic Management Guideline 5 Records Management Strategy Version Number: 1.0 Issue Date: 19/07/2010 Expiry Date: 19/07/2015 State of Victoria 2010 Version 1.0
More informationStandards Development. PROS 14/00x Specification 3: Long term preservation formats
Standards Development PROS 14/00x Specification 3: Long term preservation formats 1 2 Copyright Statement State of Victoria 2014 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 This work is licensed
More informationANU Electronic Records Management System (ERMS) Manual
ANU Electronic Records Management System (ERMS) Manual May 2015 ERMS Manual May 2015 1 Contents The ERMS Manual 1. Introduction... 3 2. Policy Principles... 3 3. The Electronic Records Management System...
More informationScotland s Commissioner for Children and Young People Records Management Policy
Scotland s Commissioner for Children and Young People Records Management Policy 1 RECORDS MANAGEMENT POLICY OVERVIEW 2 Policy Statement 2 Scope 2 Relevant Legislation and Regulations 2 Policy Objectives
More information9. GOVERNANCE. Policy 9.8 RECORDS MANAGEMENT POLICY. Version 4
9. GOVERNANCE Policy 9.8 RECORDS MANAGEMENT POLICY Version 4 9. GOVERNANCE 9.8 RECORDS MANAGEMENT POLICY OBJECTIVES: To establish the framework for, and accountabilities of, Lithgow City Council s Records
More informationDELAWARE PUBLIC ARCHIVES POLICY STATEMENT AND GUIDELINES MODEL GUIDELINES FOR ELECTRONIC RECORDS
DELAWARE PUBLIC ARCHIVES POLICY STATEMENT AND GUIDELINES MODEL GUIDELINES FOR ELECTRONIC RECORDS STATEMENT OF PURPOSE The Delaware Public Archives (DPA) has issued "Model Guidelines for Electronic Records"
More informationMicrosoft SharePoint and Records Management Compliance
Microsoft SharePoint and Records Management Compliance White Paper Revision: 2 Date created: 20 February 2015 Principal author: Nigel Carruthers-Taylor, Principal, icognition Reference: 15/678 Summary
More informationLife Cycle of Records
Discard Create Inactive Life Cycle of Records Current Retain Use Semi-current Records Management Policy April 2014 Document title Records Management Policy April 2014 Document author and department Responsible
More informationData Portability Requirements for EHRs
Data Portability Requirements for EHRs Robert Rogers Chief Technology Officer mrrogers@applicationmatrix.com Open Source EHR Summit and Workshop Gaylord National, National Harbor, MD October 18,2012 Disclaimer
More informationInformation Management Advice 50 Developing a Records Management policy
Information Management Advice 50 Developing a Records Management policy Introduction This advice explains how to develop and implement a Records Management policy. Policy is central to the development
More informationADRI. Statement on the Application of Digital Rights Management Technology to Public Records. ADRI-2008-001-v1.0
ADRI Statement on the Application of Digital Rights Management Technology to Public Records ADRI-2008-001-v1.0 Version 1.0 6 August 2008 Statement on the Application of Digital Rights Management Technology
More informationReport on a preliminary analysis of the dataflow(s) in HealthConnect system
Report on a preliminary analysis of the dataflow(s) in HealthConnect system Electronic Health Records: Achieving an Effective and Ethical Legal and Recordkeeping Framework Australian Research Council Discovery
More informationPublic Record Office Standard. Retention & Disposal Authority for Records of the Transport Accident Prevention and Assistance Functions
Public Record Office Standard PROS 14/01 Authority Retention & Disposal Authority for Records of the Transport Accident Prevention and Assistance Functions Version 2014 14/01 Issue Date: 15/08/2014 Copyright
More informationDigitisation of official records and management of source documents
GPO Box 2343 Adelaide SA 5001 Tel (08) 8204 8773 Fax (08) 8204 8777 DX:467 srsarecordsmanagement@sa.gov.au www.archives.sa. gov.au Digitisation of official records and management of source documents December
More informationFREEDOM OF INFORMATION (SCOTLAND) ACT 2002 CODE OF PRACTICE ON RECORDS MANAGEMENT
FREEDOM OF INFORMATION (SCOTLAND) ACT 2002 CODE OF PRACTICE ON RECORDS MANAGEMENT November 2003 Laid before the Scottish Parliament on 10th November 2003 pursuant to section 61(6) of the Freedom of Information
More informationInformation Sheet: Cloud Computing
info sheet 03.11 Information Sheet: Cloud Computing Info Sheet 03.11 May 2011 This Information Sheet gives a brief overview of how the Information Privacy Act 2000 (Vic) applies to cloud computing technologies.
More informationRecords and Information Management. General Manager Corporate Services
Title: Records and Information Management Policy No: 057 Adopted By: Chief Officers Group Next Review Date: 08/06/2014 Responsibility: General Manager Corporate Services Document Number: 2120044 Version
More informationRecords Management Policy
Records Management Policy Responsible Officer Chief Operating Officer Approved by Vice-Chancellor Approved and commenced April, 2014 Review by April, 2017 Relevant Legislation, Ordinance, Rule and/or Governance
More informationCOUNCIL POLICY R180 RECORDS MANAGEMENT
1. Scope The City of Mount Gambier Records Management Policy provides the policy framework for Council to effectively fulfil its obligations and statutory requirements under the State Records Act 1997.
More informationRecords Management Security of University Records Procedures
Records Management Security of University Records Procedures pro-064 To be read in conjunction with: Records Management Policy Version: 2.00 Last amendment: Nov 2014 Next Review: Nov 2016 Approved By:
More informationinformation Records Management Checklist business people security preservation accountability Foreword Introduction Purpose of the checklist
Records Management Checklist Foreword We fi rst developed the Records Management Checklist in 2008 to complement our performance audit Records Management in the Victorian Public Sector. At that time the
More informationRecords Management - Department of Health
Policy Directive Records Management - Department of Health Document Number PD2009_057 Publication date 24-Sep-2009 Functional Sub group Corporate Administration - Records Ministry of Health, NSW 73 Miller
More informationGuideline 2. Cloud Computing: Tools. Public Record Office Victoria Cloud Computing Policy. Version Number: 1.0. Issue Date: 26/06/2013
Public Record Office Victoria Cloud Computing Policy Guideline 2 Cloud Computing: Tools Version Number: 1.0 Issue Date: 26/06/2013 Expiry Date: 26/06/2018 State of Victoria 2013 Version 1.0 Table of Contents
More informationDigital Archiving Survey
Digital Archiving Survey Background information Under the Public Records Act 2002 (the Act), public authorities have a responsibility to ensure that digital records under their control remain accessible
More informationRecords Management Checklist. preservation. accountability. information. security. peoplep. A tool to improve records management
Records Management Checklist preservation accountability information security busine ess peoplep A tool to improve records management preservation people security business Foreword accountability information
More informationPublic Record Office Standard. Retention & Disposal Authority for Records of the Victims of Crime Assistance Tribunal
Public Record Office Standard PROS 04/08 Authority Retention & Disposal Authority for Records of the Victims of Crime Assistance Tribunal Version 2013 04/08 Issue Date: 01/12/2004 Expiry Date: 01/12/2014
More informationGuideline 2. Cloud Computing: Tools. Public Record Office Victoria Cloud Computing Policy. Version Number: 1.0. Issue Date: 26/06/2013
Public Record Office Victoria Cloud Computing Policy Guideline 2 Cloud Computing: Tools Version Number: 1.0 Issue Date: 26/06/2013 Expiry Date: 26/06/2018 State of Victoria 2013 Version 1.0 Table of Contents
More informationImplementing an Electronic Document and Records Management System. Key Considerations
Implementing an Electronic Document and Records Management System Key Considerations Commonwealth of Australia 2011 This work is copyright. Apart from any use as permitted under the Copyright Act 1968,
More informationNewcastle University Information Security Procedures Version 3
Newcastle University Information Security Procedures Version 3 A Information Security Procedures 2 B Business Continuity 3 C Compliance 4 D Outsourcing and Third Party Access 5 E Personnel 6 F Operations
More informationLORD CHANCELLOR S CODE OF PRACTICE ON THE MANAGEMENT OF RECORDS UNDER
LORD CHANCELLOR S CODE OF PRACTICE ON THE MANAGEMENT OF RECORDS UNDER SECTION 46 OF THE FREEDOM OF INFORMATION ACT 2000 NOVEMBER 2002 Presented to Parliament by the Lord Chancellor Pursuant to section
More informationVERS Standard Electronic Record Format PROS 99/007 Specification 3. Public Record Office Victoria
VERS Standard Electronic Record Format PROS 99/007 Specification 3 Public Record Office Victoria Version 1.0 April 2000 PROS 99/007 Specification 3: VERS Standard Electronic Record Format 1 Table of Contents
More informationPDF/A A standard for document archiving. Dipl. Inf. Reinhold Müller-Meernach. Dr. Uwe Wächter. SEAL Systems info@sealsystems.com www.sealsystems.
PDF/A A standard for document archiving Dipl. Inf. Reinhold Müller-Meernach Röttenbach Dr. Uwe Wächter Roßdorf No. 2/2006 SEAL Systems info@sealsystems.com www.sealsystems.com PDF/A A standard for document
More informationDigital Preservation Guidance Note: Selecting File Formats for Long-Term Preservation
Digital Preservation Guidance Note: 1 Selecting File Formats for Long-Term Preservation Document Control Author: Adrian Brown, Head of Digital Preservation Research Document Reference: Issue: 2 DPGN-01
More informationMetadata, Electronic File Management and File Destruction
Metadata, Electronic File Management and File Destruction By David Outerbridge, Torys LLP A. Metadata What is Metadata? Metadata is usually defined as data about data. It is a level of extra information
More information16 Electronic health information management systems
16 Electronic health information management systems Section 16: Electronic information management systems The continued expansion and growth in global technologies is aiding the development of many new
More informationE-mail Management: A Guide For Harvard Administrators
E-mail Management: A Guide For Harvard Administrators E-mail is information transmitted or exchanged between a sender and a recipient by way of a system of connected computers. Although e-mail is considered
More informationDigital Continuity Plan
Digital Continuity Plan Ensuring that your business information remains accessible and usable for as long as it is needed Accessible and usable information Digital continuity Digital continuity is an approach
More informationInformation and Compliance Management Information Management Policy
Aurora Energy Group Information Management Policy Information and Compliance Management Information Management Policy Version History REV NO. DATE REVISION DESCRIPTION APPROVAL 1 11/03/2011 Revision and
More informationBSBRKG403B Set up a business or records system for a small business
BSBRKG403B Set up a business or records system for a small business Release: 1 BSBRKG403B Set up a business or records system for a small business Modification History Not applicable. Unit Descriptor Unit
More informationGeneral Disposal Authority. For encrypted records created in online security processes
General Disposal Authority For encrypted records created in online security processes May 2004 Commonwealth of Australia 2004 ISBN 1 920807 04 7 This work is copyright. Apart from any use as permitted
More informationArticle 29 Working Party Issues Opinion on Cloud Computing
Client Alert Global Regulatory Enforcement If you have questions or would like additional information on the material covered in this Alert, please contact one of the authors: Cynthia O Donoghue Partner,
More information4 NUMBER 004 Policy Data base Document Reference Number 134004P
NUMBER 00 olicy Data base Document Reference Number 100 urpose/ objectives This policy sets out the requirements for La Trobe University researchers to manage their research data and primary materials
More informationCloud Computing and Records Management
GPO Box 2343 Adelaide SA 5001 Tel (+61 8) 8204 8773 Fax (+61 8) 8204 8777 DX:336 srsarecordsmanagement@sa.gov.au www.archives.sa.gov.au Cloud Computing and Records Management June 2015 Version 1 Version
More informationRecords Management and Information Lifecycle Strategy
LINCOLNSHIRE PARTNERSHIP NHS FOUNDATION TRUST Records Management and Information Lifecycle Strategy DOCUMENT VERSION CONTROL Document Type and Title: Strategy New or Replacing: Revised/Updated Version
More informationBSO Board Director of Human Resources & Corporate Services Digitalisation of records in the Scanning Centre. 21 June 2012
To: From: Subject: Status: Date of Meeting: BSO Board Director of Human Resources & Corporate Services Digitalisation of records in the Scanning Centre For Approval 21 June 2012 The Board is asked to consider
More informationIndependent Auditors Report to the Commissioner for Law Enforcement Data Security -
Commissioner for Law Enforcement Data Security Audit of Victoria Police Compliance with CLEDS standards on Access Control and Release June 2008 Reference: Version: FY07/08 Final Date of review: April -
More informationComplying with the Records Management Code: Evaluation Workbook and Methodology
Complying with the Records Management Code: Evaluation Workbook and Methodology Page 1 of 110 Crown copyright 2006 First edition published February 2006 Author: Richard Blake The National Archives Ruskin
More informationDigital Archives Migration Methodology. A structured approach to the migration of digital records
Digital Archives Migration Methodology A structured approach to the migration of digital records Published July 2014 1 Table of contents Executive summary... 3 What is the Digital Archives Migration Methodology?...
More informationNHS Business Services Authority Records Management Audit Framework
NHS Business Services Authority Records Management Audit Framework NHS Business Services Authority Corporate Secretariat NHSBSARM019 Issue Sheet Document Reference Document Location Title Author Issued
More informationTechnical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and
Technical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and procedures to govern who has access to electronic protected
More informationStaffordshire County Council. Records Retention and Disposal Policy
Staffordshire County Council Records Retention and Disposal Policy Version Author Approved By Date Published Review V. 1.1 Information Governance Unit Philip Jones, Head of Information Governance 2/11/2012
More informationIn addition, a decision should be made about the date range of the documents to be scanned. There are a number of options:
Version 2.0 December 2014 Scanning Records Management Factsheet 06 Introduction Scanning paper documents provides many benefits, such as improved access to information and reduced storage costs (either
More informationADRI. Advice on managing the recordkeeping risks associated with cloud computing. ADRI-2010-1-v1.0
ADRI Advice on managing the recordkeeping risks associated with cloud computing ADRI-2010-1-v1.0 Version 1.0 29 July 2010 Advice on managing the recordkeeping risks associated with cloud computing 2 Copyright
More informationInformation Security Policies. Version 6.1
Information Security Policies Version 6.1 Information Security Policies Contents: 1. Information Security page 3 2. Business Continuity page 5 3. Compliance page 6 4. Outsourcing and Third Party Access
More informationINFORMATION UPDATE: Removable media - Storage and Retention of Data - Research Studies
INFORMATION UPDATE: Removable media - Storage and Retention of Data - Research Studies REMOVABLE MEDIA: NSW MoH are currently undergoing review with a state-wide working party developing the Draft NSW
More informationRecords Management Standards. Records Management Standards for Public Sector Organisations in the Northern Territory
Records Management Standards Records Management Standards for Public Sector Organisations in the Northern Territory August 2010 Overview of the standards Standard 1 Governance (including identification
More informationQueensland Government Digital Continuity Strategy
Queensland Government Digital Continuity Strategy Future proofing the critical digital records of government business September 2012 Queensland State Archives Department of Science, Information Technology,
More informationDocument Storage Tips: Inside the Email Vault
Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com Document Storage Tips: Inside the Email Vault Law360,
More informationRECORDS MANAGEMENT POLICY
RECORDS MANAGEMENT POLICY POLICY STATEMENT The records of Legal Aid NSW are a major component of its corporate memory and risk management strategies. They are a vital asset that support ongoing operations
More informationInformation Management Policy
Title Information Management Policy Document ID Director Mark Reynolds Status FINAL Owner Neil McCrirrick Version 1.0 Author Deborah Raven Version Date 26 January 2011 Information Management Policy Crown
More informationClarifications of EPSRC expectations on research data management.
s of EPSRC expectations on research data management. Expectation I Research organisations will promote internal awareness of these principles and expectations and ensure that their researchers and research
More informationERMS Solution BUILT ON SHAREPOINT 2013
ERMS Solution BUILT ON SHAREPOINT 2013 Purpose of the Presentation Present a comprehensive proprietary Electronic Records Management System (ERMS) Communication Progress is developing on SharePoint 2013,
More informationINTEGRATING RECORDS MANAGEMENT
INTERNATIONAL RECORDS MANAGEMENT TRUST INTEGRATING RECORDS MANAGEMENT IN ICT SYSTEMS Good Practice Indicators CONTENTS Figure 1: Designing a Records Management Improvement Programme iv Figure 2: Integrating
More informationCorporate Records Management Policy
Corporate Records Management Policy Introduction Part 1 Records Management Policy Statement. February 2011 Part 2 Records Management Strategy. February 2011 Norfolk County Council Information Management
More informationElectronic Records Management Systems
Functional Requirements for Electronic Records Management Systems 1 : Statement of Requirements November 1999 Electronic Records Management Systems This Statement of Functional Requirements is one of the
More informationCyber Security: Guidelines for Backing Up Information. A Non-Technical Guide
Cyber Security: Guidelines for Backing Up Information A Non-Technical Guide Essential for Executives, Business Managers Administrative & Operations Managers This appendix is a supplement to the Cyber Security:
More informationAHDS Digital Preservation Glossary
AHDS Digital Preservation Glossary Final version prepared by Raivo Ruusalepp Estonian Business Archives, Ltd. January 2003 Table of Contents 1. INTRODUCTION...1 2. PROVENANCE AND FORMAT...1 3. SCOPE AND
More informationRecommendations for companies planning to use Cloud computing services
Recommendations for companies planning to use Cloud computing services From a legal standpoint, CNIL finds that Cloud computing raises a number of difficulties with regard to compliance with the legislation
More informationInformation Management Advice 39 Developing an Information Asset Register
Information Management Advice 39 Developing an Information Asset Register Introduction The amount of information agencies create is continually increasing, and whether your agency is large or small, if
More informationManaging Closed Circuit Television (CCTV) Records
Queensland State Archives Managing Closed Circuit Television (CCTV) Records Guideline for Queensland Public Authorities October 2010 Document details Security Classification PUBLIC Date of review of security
More informationCORPORATE RECORDS MANAGEMENT POLICY
1.1 Introduction Derbyshire County Council is dependent on its records to operate efficiently and to account for its actions. This policy defines a structure for Derbyshire County Council to ensure that
More informationRecords Management Policy
Records Management Policy Document Number SOP2006-073 File No. 07/7 Date issued 1 September 2006 Author Branch Records and Mail Services Unit Branch contact 9320.7722 Division Finance & Data Services Summary
More informationHow To Protect Decd Information From Harm
Policy ICT Security Please note this policy is mandatory and staff are required to adhere to the content Summary DECD is committed to ensuring its information is appropriately managed according to the
More informationBradford Scholars Digital Preservation Policy
DIGITAL PRESERVATION The value of the research outputs produced by staff and research students at the University of Bradford cannot be over emphasised in demonstrating the scientific, societal and economic
More informationUniversity of Liverpool
University of Liverpool Information Security Policy Reference Number Title CSD-003 Information Security Policy Version Number 3.0 Document Status Document Classification Active Open Effective Date 01 October
More informationData Protection Act 1998. Guidance on the use of cloud computing
Data Protection Act 1998 Guidance on the use of cloud computing Contents Overview... 2 Introduction... 2 What is cloud computing?... 3 Definitions... 3 Deployment models... 4 Service models... 5 Layered
More informationSTATEMENT OF ETHICAL PRACTICE
STATEMENT OF ETHICAL PRACTICE Preamble Records and information management (RIM) is the branch of the information professions primarily concerned with the efficient and systematic control of the creation,
More informationA grant number provides unique identification for the grant.
Data Management Plan template Name of student/researcher(s) Name of group/project Description of your research Briefly summarise the type of your research to help others understand the purposes for which
More informationManagement of Email Records
Department of Culture and the Arts Government of Western Australia State Records Office of Western Australia SRO Guideline Management of Email Records A Recordkeeping Guideline for State Organizations
More informationSuitable file formats for transfer of digital records to The National Archives
Suitable file formats for transfer of digital records to The National Archives The National Archives September 2011 Crown copyright 2011 You may re-use this information (excluding logos) free of charge
More informationImplementing an Electronic Document and Records Management System. Checklist for Australian Government Agencies
Implementing an Electronic Document and Records Management System Checklist for Australian Government Agencies Acknowledgments The checklist for implementing an electronic document and records management
More informationData Security Policy
Policy Number: Revision Number: 0 QP1.44 Date of issue: March 2009 Status: Approved Date of approval: April 2009 Responsibility for policy: Responsibility for implementation: Responsibility for review:
More informationScanning Guidelines. Records Management
Records Management Scanning Guidelines for compliance with Code of practice for legal admissibility and evidential weight of information stored electronically (Reference document BSI document: BS10008)
More informationUNIVERSITY OF MANITOBA PROCEDURE
UNIVERSITY OF MANITOBA PROCEDURE Procedure: Parent Policy: Effective Date: June 23, 2015 Revised Date: Review Date: June 23, 2025 Approving Body: Authority: Responsible Executive Officer: Delegate: Contact:
More informationSpatial Information Data Quality Guidelines
Spatial Information Data Quality Guidelines Part of Victoria s Second Edition The Victorian Spatial Council was established under the Victorian Spatial Information Strategy 2004-2007 to support the advancement
More informationProtection. Code of Practice. of Personal Data RPC001147_EN_WB_L_1
Protection of Personal Data RPC001147_EN_WB_L_1 Table of Contents Data Protection Rules Foreword From the Data Protection Commissioner Introduction From the Chairman Data Protection Responsibility of Employees
More informationSpecial Purpose Reports on the Effectiveness of Control Procedures
Auditing Standard AUS 810 (July 2002) Special Purpose Reports on the Effectiveness of Control Procedures Prepared by the Auditing & Assurance Standards Board of the Australian Accounting Research Foundation
More informationRESEARCH DATA MANAGEMENT AT THE UNIVERSITY OF WARWICK: RECENT STEPS TOWARDS A JOINED-UP APPROACH AT A UK UNIVERSITY
Abstract RESEARCH DATA MANAGEMENT AT THE UNIVERSITY OF WARWICK: RECENT STEPS TOWARDS A JOINED-UP APPROACH AT A UK UNIVERSITY from Jenny Delasalle This paper charts the steps taken and possible ways forward
More informationRecords Management Policy
Once printed off, this is an uncontrolled document. Please check the Intranet for the most up to date copy Author Freedom of Information Lead Version 5.0 Issue Issue Date October 2011 Review Date October
More informationAUDITING TECHNIQUES TO ASSESS FRAUD RISKS IN ELECTRONIC HEALTH RECORDS
AUDITING TECHNIQUES TO ASSESS FRAUD RISKS IN ELECTRONIC HEALTH RECORDS OBJECTIVE Increase your IT vocab so that you can assess the risks related to your audits of EHRs and/or EHR related data AGENDA What
More information