IT Forum 2-11-2013 UW-Madison Records Management Program. UW Archives and Records Management

Similar documents
UW-Madison Records Management Program

How To Manage Cloud Data Safely

UNIVERSITY OF MANITOBA PROCEDURE

Protecting Official Records as Evidence in the Cloud Environment. Anne Thurston

Scotland s Commissioner for Children and Young People Records Management Policy

Management: A Guide For Harvard Administrators

What We ll Cover. Defensible Disposal of Records and Information Litigation Holds Information Governance the future of records management programs

John Essner, CISO Office of Information Technology State of New Jersey

ELECTRONIC RECORDS MANAGEMENT

RUTGERS POLICY. Approval Authority: Executive Vice President for Academic Affairs and Senior Vice President for Administration

File Management : Guidelines & Policies

Union County. Electronic Records and Document Imaging Policy

State of Michigan Records Management Services. Frequently Asked Questions About E mail Retention

TERRITORY RECORDS OFFICE BUSINESS SYSTEMS AND DIGITAL RECORDKEEPING FUNCTIONALITY ASSESSMENT TOOL

PSAB Supplement 21 Records Retention and Disposition

Arizona State Library, Archives and Public Records

RECORD AND INFORMATION MANAGEMENT FRAMEWORK FOR ONTARIO SCHOOL BOARDS/AUTHORITIES

SOUTHWEST VIRGINIA COMMUNITY COLLEGE RECORDS MANAGEMENT POLICY

Cloud Service Contracts: An Issue of Trust

Records Management Policy.doc

Retention & Disposition in the Cloud Do you really have control?

University of Wisconsin - Madison Records Management Program

September Tsawwassen First Nation Policy for Records and Information Management

RECORDS MANAGEMENT POLICY

DELAWARE PUBLIC ARCHIVES POLICY STATEMENT AND GUIDELINES MODEL GUIDELINES FOR ELECTRONIC RECORDS

Online/Cloud Services Trust challenges & eidentity-aspects

HIPAA Compliance Guide

FTP-Stream Data Sheet

Chapter WAC PRESERVATION OF ELECTRONIC PUBLIC RECORDS

PLEASE NOTE. For more information concerning the history of this Act, please see the Table of Public Acts.

University of Wisconsin - Madison Records Management Program

9. GOVERNANCE. Policy 9.8 RECORDS MANAGEMENT POLICY. Version 4

CLOUD COMPUTING. 11 December 2013 TOWNSHIP OF KING TATTA 1

Cloud Computing Questions to Ask

plantemoran.com What School Personnel Administrators Need to know

Security Considerations

SOUTHERN ILLINOIS UNIVERSITY EDWARDSVILLE RECORDS MANAGEMENT MANUAL

Streamline Enterprise Records Management. Laserfiche Records Management Edition

FROM PAPER TO ELECTRONIC RECORDS MANAGEMENT MANAGING THE TRANSITION

Department of Veterans Affairs VA Directive 6311 VA E-DISCOVERY

John B. Breeden, CRM VDOT Records Manager Virginia Department of Transportation

Administrative Office of the Courts

INFORMATION AND DOCUMENTATION RECORDS MANAGEMENT PART 1: GENERAL IRISH STANDARD I.S. ISO :2004. Price Code

PII Compliance Guidelines

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT

Securing Your Sensitive Data with EKM & TDE. on SQL Server 2008/2012

Cloud Computing & Health Care Organizations: Critical Privacy & Security Issues - December 16, 2015

User Guide to Retention and Disposal Schedules Council of Europe Records Management Project

Life Cycle of Records

POLICY AND GUIDELINES FOR THE MANAGEMENT OF ELECTRONIC RECORDS INCLUDING ELECTRONIC MAIL ( ) SYSTEMS

Records Management Policy

Record Retention and Digital Asset Management Tim Shinkle Perpetual Logic, LLC

Cloud Computing: Legal Risks and Best Practices

Management of Records

PROTECTING YOUR VOICE SYSTEM IN THE CLOUD

Digital Records Preservation Procedure No.: 6701 PR2

Frequently Asked Questions about Cloud and Online Backup

The legal admissibility of information stored on electronic document management systems

BOARD POLICY POLICY TITLE. Records and Information Management 1.0 PURPOSE

Allison Stanton Director of E-Discovery U.S. Department of Justice, Civil Division

Compliance: Records Management and the Law

4.10 Information Management Policy

SOUTHWEST VIRGINIA COMMUNITY COLLEGE RECORDS MANAGEMENT PROGRAM. Revised January 15, 2014

State of Florida ELECTRONIC RECORDKEEPING STRATEGIC PLAN. January 2010 December 2012 DECEMBER 31, 2009

International Council on Archives

LabArchives Electronic Lab Notebook:

Institute for Advanced Study Shelby White and Leon Levy Archives Center

STATE OF NEBRASKA STATE RECORDS ADMINISTRATOR DURABLE MEDIUM WRITTEN BEST PRACTICES & PROCEDURES (ELECTRONIC RECORDS GUIDELINES) OCTOBER 2009

Rowan University Data Governance Policy

UNIVERSITY OF NAIROBI POLICY ON RECORDS MANAGEMENT

EFFECTIVE DATE: JULY 1, 2010

WHY YOU SHOULD CONSIDER CLOUD BASED ARCHIVING.

Cloud Security and Managing Use Risks

STATE OF WYOMING Electronic Mail Policy

Information Management Advice 50 Developing a Records Management policy

Presented by Vickie Swam, Director of University Compliance. Records Management is one of the functions supported by the University Compliance Office.

AIIM & ASSUREON AN ASSUREON BRIEF

Interagency Science Working Group. National Archives and Records Administration

Enterprise Key Management: A Strategic Approach ENTERPRISE KEY MANAGEMENT A SRATEGIC APPROACH. White Paper February

Recommendations for companies planning to use Cloud computing services

Management of Official Records in a Business System

Transcription:

IT Forum 2-11-2013 UW-Madison Records Management Program

Records facilitate and sustaining day-to-day university operations. Records support organizational activities such as student admissions, research or budgeting and planning. Records assist in answering questions about past decisions and activities to make better decisions going forward. Records demonstrate and document compliance with applicable laws, regulations, and standards.

Definition of a Record Wisconsin State Statutes 16.61(2)(b) defines a Public Record as all books, papers, maps, photographs, films, recordings, electronically formatted documents or other documentary materials, regardless of physical form or characteristics, made, or received by any state agency or its officers or employees in connection with the transaction of public business ISO 15489-1 Information and Documentation Records Management Part I: General gives the following definition for a record: Information created, received, and maintained as evidence and information by an organization or person, in pursuance of legal obligations or in the transaction of business.

The purpose of this chapter is to ensure that public records in electronic format are preserved and maintained and remain accessible for their designated retention period. It establishes defined requirements, standards and guidelines for state and local government accessibility of electronic public records from creation through active use, long term management, preservation and disposition.

Must maintain accurate linkages to sites. Must be able to produce records that will continue to have meaning throughout their life. Must have the capability to delete and purge records from a system in accordance with an approved records retention schedule. Must be able to accurately reproduce a record with a high degree of legibility and readability and correctly reflect the original record. Must insure the records authenticity. Information systems must be able to document that only authorized persons were involved in the creation, receipt, transmission, maintenance and disposition of records. Must have a documented migration plan for electronic records. --------------------------- Tools: See Administrative Rule 12: Legal Requirements for Public Records on Website.

The lack of common standards such as file format. Interactive content management sites dynamic. Capture of frequently updated records. Ownership and control of data that resides with 3 rd party. Implementation of records disposition schedules, including the ability to transfer and permanently delete records or perform other records management functions.

Overarching University Principles for Recordkeeping The 8 Generally Accepted Recordkeeping Principles 1. Accountability 2. Transparency 3. Integrity 4. Protection 5. Compliance 6. Availability 7. Retention 8. Disposition The Principles' The Principles

What will records will be stored, processed, and how are they accessed? Network Access and Uptime- Is available 24/7? Organization of information. Establish a good file structure and consistent naming conventions for accessible records. Mapping and Knowledge of where ESI is stored.

Importance of Digital Chain of Custody... Regardless of the collection method employed, strict chain of custody must be maintained for all documents, data, and objects collected so that their authenticity can be assured. A sort of paper tail of sorts...who handled the records and when, and where are the records/data stored?

Access and Security of the records/data Encryption: Is the data encrypted when it is in the cloud? Who holds the keys to un-encrypting the data? Storage, Accessing, Privacy concerns handling of record containing (PHI and PII ) FERPA, HIPAA or FISMA in the cloud. Data Location: Where is the data repository located and stored? Data Backup and Recovery: Is there proof of back up plans and documentation in agreement?

How do we insure that our retention obligations are met for records generated in and stored in the cloud? Retention Schedule : Under Wis. Stat.16.62(4), government agencies must identify the period of time to retain public records in a retention schedule and obtain Public Records Board approval of that policy.

An organization shall provide secure and appropriate disposition for records that are no longer required to be maintained by applicable laws and the organization s policies. How is disposition completed in the cloud or can it be? What about legal holds?

Scope of records: What university records will be stored, processed, or accessed through the cloud? Think overarching Records Principles of Accountability, Transparency, Integrity, Protection, Availability, Compliance, Disposition and Retention. Retention of Records: Often multiple copies of the data are store on Geographically- dispersed servers. How will the vendor ensure destruction of all copies of the records that have met retention? Can there be establish procedures and protocols for data disposition, which may include multilevel approvals and audit trails? Legal/Policy Compliance: Cloud computing may not adequately address compliance issues such as FERPA, FISMA, HIPAA or PCI security requirements there should be mechanisms for implementing and management of legal holds or open records or audits. Is there a Data Map for ESI? Interoperability: It is important to ensure that records are not trapped in a proprietary system in the cloud that will require considerable expense or effort to migrate it to another system. Are records management process documented to meet WI ADM 12?

Contact: Peg Eusch, CRM University Records Officer 432 Steenbock Library meusch@library.wisc.edu

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information