Social Media Guidance. Who s here? 7/29/2015



Similar documents
September 15, 2014 MEMORANDUM FOR THE HEADS OF EXECUTIVE DEPARTMENTS AND AGENCIES AND INDEPENDENT AGENCIES

NARA s Capstone Management Implementation: Technical Perspective

Open Data and Information Sharing Michael Simcock, Chief Data Architect OCIO/EDMO

Records Management Policy. EPA Classification No.: CIO CIO Approval Date: 02/10/2015. CIO Transmittal No.: Review Date: 02/10/2018

GRS 6.1 Managed Under a Capstone Approach

Interagency Science Working Group. National Archives and Records Administration

PROCEDURES FOR ELECTRONIC MANAGEMENT OF RULEMAKING AND OTHER DOCKETED RECORDS IN THE FEDERAL DOCKET MANAGEMENT SYSTEM

Transmittal Memo. SUBJECT: AGENCY POLICY 801 Capstone Records Management Policy

Business Process Design As-Is and To-Be Checklists Introduction

Allison Stanton, Director of E-Discovery U.S. Department of Justice, Civil Division. U.S. Department of Agriculture

UNITED STATES DEPARTMENT OF THE INTERIOR BUREAU OF LAND MANAGEMENT MANUAL TRANSMITTAL SHEET Data Administration and Management (Public)

Data Management Planning Tool User Guide

UNIVERSITY OF MANITOBA PROCEDURE

Records Management and SharePoint 2013

Cloud Computing Best Practices. Creating Effective Cloud Computing Contracts for the Federal Government: Best Practices for Acquiring IT as a Service

US Department of Education Federal Student Aid Integration Leadership Support Contractor June 1, 2007

Corporate Property Automated Information System CPAIS. Privacy Impact Assessment

USER GUIDE: MANAGING NARA RECORDS WITH GMAIL AND THE ZL UNIFIED ARCHIVE

GENERAL RECORDS SCHEDULE 3.1: General Technology Management Records

INFORMATION MANAGEMENT

State of Michigan Records Management Services. Frequently Asked Questions About E mail Retention

Capstone for Records Management

TERRITORY RECORDS OFFICE BUSINESS SYSTEMS AND DIGITAL RECORDKEEPING FUNCTIONALITY ASSESSMENT TOOL

Audit Report. The Social Security Administration s Management of Electronic Message Records

A. Title 5, United States Code (U.S.C.), Section 552a, Records Maintained On Individuals (The Privacy Act of 1974)

ERA Challenges. Draft Discussion Document for ACERA: 10/7/30

Allison Stanton Director of E-Discovery U.S. Department of Justice, Civil Division

In ediscovery and Litigation Support Repositories MPeterson, June 2009

How To Manage Cloud Data Safely

Cloud Service Contracts: An Issue of Trust

An Introduction to E-Discovery. Gary Robinson, Director Washington State Department of Information Services September 30, 2008

Content Management. component of BoxesOSv3.0

Office of Financial Research Constituent Relationship Management Tool Privacy Impact Assessment ( PIA ) April, 2015

Preservation of Separated Personnel s Electronically Stored Information Subject to Litigation Holds

Verizon Notification Service (VNS)

Archiving: What to Keep, What to Purge, and How To Tell

Best Practices for Long-Term Retention & Preservation. Michael Peterson, Strategic Research Corp. Gary Zasman, Network Appliance

Practical tips for managing e mail

Change & Configuration! Management

MANAGING GOVERNMENT RECORDS DIRECTIVE

Scotland s Commissioner for Children and Young People Records Management Policy

Record Retention and Digital Asset Management Tim Shinkle Perpetual Logic, LLC

EPA Classification No.: CIO 2155-P-3.0 CIO Approval Date: 04/04/2014 CIO Transmittal No.: Review Date: 04/04/2017

Information Management Advice 18 - Managing records in business systems Part 1: Checklist for decommissioning business systems

Functional Requirements for Digital Asset Management Project version /30/2006

Contents. Table of Contents

University of Michigan School of Music, Theatre & Dance Conflicts of Interest and Conflicts of Commitment Staff Policy

Federal Trade Commission Privacy Impact Assessment for:

esignature FAQ s Table of Contents

Essentials. Agenda. A Little History. New York State Archives. Today we will learn to

Generally Accepted Recordkeeping Principles How Does Your Program Measure Up?

3. Ensure the management of information is compliant with legislative requirements to maximise the benefits and minimise risks;

Background. Model Data Inventory Approach. Forming the Team. Model Data Inventory Approach

How the Information Governance Reference Model (IGRM) Complements ARMA International s Generally Accepted Recordkeeping Principles (GARP )

UNITED STATES OF AMERICA FEDERAL TRADE COMMISSION WASHINGTON, D.C

B2B: Personnel Open Integration

Department of the Interior Privacy Impact Assessment

Secure Gateway (EMSG)

United States Department of the Interior

Policy: Retention, Storage and Archiving

Department of Defense INSTRUCTION

Public Access Plan. U.S. Department of Energy July 24, 2014 ENERGY.GOV

Office of the Auditor General of Canada. Internal Audit of Document Management Through PROxI Implementation. July 2014

Immigration and Customs Enforcement Forensic Analysis of Electronic Media

Frequently Asked Questions (FAQs) about GRS 3.1, General Technology Management Records

Foreign Account Tax Compliance Act (FATCA) IDES Implementation Update. April 2015

Information Management

Now that the program is up and running: Reaching Consumers via Social Media

August 24, 2012 MEMORANDUM FOR THE HEADS OF EXECUTIVE DEPARTMENTS AND AGENCIES AND INDEPENDENT AGENCIES

U.S. Nuclear Regulatory Commission

Office of IT Planning, Architecture, and E-Government Office of the Chief Information Officer

Enterprise Data Governance

Washington State Archives Electronic Records Management: Improving Your Outlook

Managing Records Strategies That Work

April 7, 2010 MEMORANDUM FOR THE HEADS OF EXECUTIVE DEPARTMENTS AND AGENCIES, AND INDEPENDENT REGULATORY AGENCIES

NATO UNCLASSIFIED. 27 February 2012 DOCUMENT C-M(2012)0014 Silence Procedure ends: 16 Mar :00

Protected Critical Infrastructure Information Management System (PCIIMS) Final Operating Capability (FOC)

Privacy Impact Assessment. For Personnel Development Program Data Collection System (DCS) Date: June 1, 2014

1. FROM (Agency or establishment) DATE RECEIVED/ / U.S. Nuclear Regulatory Commission

Protecting Official Records as Evidence in the Cloud Environment. Anne Thurston

Gaming System Monitoring and Analysis Effort

Text Banking FAQ How do I sign up? Text Banking

Solution Brief. Archiving from Office 365 for Compliance and ediscovery. 1) Capture Everything

DEPARTMENT OF THE INTERIOR. Privacy Impact Assessment Guide. Departmental Privacy Office Office of the Chief Information Officer

CHAPTER 9 RECORDS MANAGEMENT (Revised April 18, 2006)

E-Discovery. Counsel for Procurement and Employment Law Office of General Counsel National Archives and Records Administration

5 FAM 630 DATA MANAGEMENT POLICY

Capstone Compliance Using Symantec Archiving and ediscovery Solutions

WebChurch CONNECT. Managing your: ASSIMILATIONS Module. This will show you how to manage your ASSIMILATIONS module

Management of Records

BPA Policy Information Governance & Lifecycle Management

December 8, 2009 MEMORANDUM FOR THE HEADS OF EXECUTIVE DEPARTMENTS AND AGENCIES

U.S. Nuclear Regulatory Commission

Student Administration and Scheduling System

Department of Homeland Security Management Directives System MD Number: Issue Date: 03/01/2003 DHS USAGE

Records Management Guidance for Agencies Implementing Electronic Signature Technologies

StarterPak: HubSpot and Dynamics CRM Lead and Contact Synchronization

U.S. Department of Energy Washington, D.C.

Third Party Application Privacy Impact Assessment

Combining Technologies to Create New Solutions

Transcription:

Social Media Guidance Lisa Haralampus, Hannah Bergman NARA ASAP National Training Conference July 29, 2015 Who s here? Is your agency using social media? Is it being captured and managed as a record? Have you gotten FOIA requests that required you to search social media records? 3 1

NARA s Social Media Guidance NARA Bulletin 2014-02 Issued October 25, 2013 Superseded previous guidance Contains high-level requirements and best practices for capturing records created when Federal agencies use social media 4 What are social media records? If any answers are YES, then content is likely a record: Does it contain evidence of an agency s policies, business, or mission? Is the information only available on the social media site? Does the agency use the tool to convey official agency information? Is there a business need for the information? 5 What are social media records? Social media content may be a Federal record when the use of social media provides added functionality It must have content, context, and structure along with associated metadata The complete record must be maintained to ensure reliability and authenticity 6 2

Challenges and Best Practices Recordkeeping Content in multiple places Ownership and control Identification of records Scheduling Capture Personally identifiable information Public expectations Articulate clear processes, policies, and recordkeeping roles and responsibilities Areas to consider include: Identifying records Defining ownership Terms of service (TOS) Communicating policies Monitoring use and value Monitoring changes to TOS 7 Scheduling social media Agencies must identify the official record and determine how it will be managed. Some social media records may be temporary; with a transitory, short, or long term retention. Some may even be permanent, such as a blog by an agency senior official. 8 Capturing social media Temporary records may not need to be captured Assess business needs and evaluate risks Capture long-term and permanent records Export into a recordkeeping system 9 3

Capturing Social Media Methods to capture social media records include: Using web crawling software Using web capture tools to capture content Using platform APIs Using RSS Feeds, aggregators, or manual methods Using tools built into some social media platforms to export content 10 RM responsibilities with third party providers Be aware that the provider could discontinue their service or delete information from an agency's account Agencies may stop using a platform at any time In either situation, the agency is not relieved of its records management and possible capture obligations 11 RM responsibilities with third party providers Determine if provider can export the complete record If yes, include instructions for notification and export requirements Agencies will have other business and legal needs regarding capture and should work with providers to ensure these needs are met 12 4

So now You ve done all of this work, figured out what your social media records are, what schedule they have, and captured them And, you get a FOIA request and it turns out the program office was using GitHubto create policy. The request: All documents related to the development of the Project Open Data Metadata Schema About you: Primary job: You process FOIA requests Other duties: privacy and records management Employer: agency responsible for the Open Data policy. So what is GitHub? GitHubis a platform for creating, storing and running code The platform allows you to collaborate internally and externally while you develop Collaboration creates records 5

The search Where are we looking? What are we looking for? Who is likely to have it? Project Open Data Governance Approving Changes In GitHub speak, Project Open Data is actually a collection of different little-p projects housed in individual repositories, or repos. Each individual project repo will be managed as an open source project i.e., users can make pull requests (suggest changes). A repo manager will adjudicate the pull requests (accept, modify, or reject) in a public log on a standard release cycle. Proposed changes to relevant policy areas will be evaluated by relevant policy officials. Information on the repo manager and release cycle for updates will be available in each repo s documentation file. A program management office (PMO) in the General Services Administration (GSA) may be delegated management of individual technical repos, as well as provide daily technical oversight and user support for the Project. Given that the breadth of Project Open Data supports both technical and policy work, there will be different governance processes for each subject. Technical Repositories Governance & Review Cycle(e.g., source code, applications, best practices) Technical repositories will be maintained by staff within the Office of Management and Budget and the Office of Science and Technology Policy, with support from technical staff at GSA (i.e., the Technical Review Committee). All comments and proposed changes from the public or other Federal employees will be reviewed regularly by the Technical Review Committee, on bi-weekly intervals. Additional stakeholders will be involved in review processes based on needed subject matter expertise. Policy Related Repositories Governance & Release Cycle(e.g., open licensing, metadata) Changes to repositories with implications for the policy must be approved by OMB and OSTP policy officials. All comments and proposed changes from the public or other Federal employees will be reviewed by the appropriate staff on bi-weekly intervals. Additional Federal stakeholders will be involved in review processes based on needed subject matter expertise. There are two policies repos that will have very regulated release cycles: Project Open Data Metadata Schema Changes to the Project Open Data metadata schema will be reviewed on an ongoing basis. Starting November 9th, new releases of the schema will only be issued every 6 months, as needed. Suggested changes that alter implementation and structure of the schema will not be merged in-between the regular release cycles, though discussion and commenting during these periods are encouraged. Each version of the schema will have a depreciation date of one year. The Open Data Policy M-13-13 A version of The Open Data Policy (M-13-13) is available for public feedback and suggested changes through Project Open Data. Suggested changes to the policy will be reviewed bi-annually. Adjudication times will depend on the extent of the suggested policy changes and decisions regarding the mechanism for dissemination (e.g., the need to consider updating official version of M-13-13, or other forms of guidance). Accepted changes to the policy will not be merged in-between the regular release cycles to prevent inconsistencies and confusion, though discussion and commenting during these periods are encouraged. 6

Repos Pull requests Repo managers So we ve got And back and forth between repo managers and policy experts about whether or not to make these requested changes. Are the things in the repos agency records? For FOIA? For Federal Records Act purposes? For discovery? Sometimes repos are private Private repo Use: Internal pull requests from staff, discussions of what to do next, etc. What are the challenges associated with requests for this information? 7

It looks like source code... But is it? Issues: Public or private discussions about the direction the project should take Often agency employees are engaging in these conversations It may not be apparent immediately who is an employee, etc. Context is key This is a comment from the repository owner If we click on Phil s profile, we ll learn that he s the Chief Architect for Data.gov and a GSA employee. Pull requests 4 employees 32 conversation entries 1 commit 1 file changed 8

Questions to ask Were there discussions about those changes that took place in: Email? Texts? (the SMS kind) Chats? (gchat, Instant messaging) Other platforms (Slack, internal collaboration tools)? All of these things are electronic messages See NARA e-messages bulletin With people at other agencies? Have those places been searched and the documents given to you? Review process These types of records can be responsive to access requests. How will you review them? Importance of comparing public conversation with internal conversation. What if: The GitHub repository is taken down, and you receive a FOIA request? Have you preserved those records for agency business? If so, search, review, produce If not, should you have? Does your records officer know what your agency is doing on GitHub[and your other similar development platforms]? How: Use an API to ingest all information from a platform, most likely in xml format Questions? Hannah Bergman hannah.bergman@nara.gov Assistant General Counsel NARA Lisa Haralampus lisa.haralampus@nara.gov Director, Federal Records Management Policy NARA 9

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information