Record Retention and Digital Asset Management Tim Shinkle Perpetual Logic, LLC

Similar documents
Electronic Recordkeeping

State of Michigan Records Management Services. Frequently Asked Questions About E mail Retention

TERRITORY RECORDS OFFICE BUSINESS SYSTEMS AND DIGITAL RECORDKEEPING FUNCTIONALITY ASSESSMENT TOOL

RECORDS AND INFORMATION MANAGEMENT AND RETENTION

Records Management Focus White Paper Understanding Digital Records Management

Life Cycle of Records

Section 28.1 Purpose. Section 28.2 Background. DOT Order Records Management. CIOP Chapter RECORDS MANAGEMENT

Scotland s Commissioner for Children and Young People Records Management Policy

ELECTRONIC RECORDS MANAGEMENT

What We ll Cover. Defensible Disposal of Records and Information Litigation Holds Information Governance the future of records management programs

Cloud Service Contracts: An Issue of Trust

ELECTRONIC SIGNATURES AND MANAGEMENT OF ELECTRONICALLY SIGNED RECORDS

Arizona State Library, Archives and Public Records

POLICY AND GUIDELINES FOR THE MANAGEMENT OF ELECTRONIC RECORDS INCLUDING ELECTRONIC MAIL ( ) SYSTEMS

PROCEDURES FOR ELECTRONIC MANAGEMENT OF RULEMAKING AND OTHER DOCKETED RECORDS IN THE FEDERAL DOCKET MANAGEMENT SYSTEM

Approved by: Vice President, Human Resources & Corporate Resources and Vice President, Treasury & Compliance Date: October 14, 2009

UNIVERSITY OF MANITOBA PROCEDURE

DESIGN CRITERIA STANDARD FOR ELECTRONIC RECORDS MANAGEMENT SOFTWARE APPLICATIONS

Records Management and SharePoint 2013

Records Management. Training 101

State Records Guideline No 15. Recordkeeping Strategies for Websites and Web pages

Corporate Records Management Policy

RETENTION BEST PRACTICE. Issue Date: April 20, Intent and Purpose:

Department of Veterans Affairs VA Directive 6311 VA E-DISCOVERY

State of Montana Guidelines

RECORDS MANAGEMENT POLICY

Management: A Guide For Harvard Administrators

EPA Classification No.: CIO 2155-P-3.0 CIO Approval Date: 04/04/2014 CIO Transmittal No.: Review Date: 04/04/2017

General Records Management Training

Management of Records

DELAWARE PUBLIC ARCHIVES POLICY STATEMENT AND GUIDELINES MODEL GUIDELINES FOR ELECTRONIC RECORDS

Institute for Advanced Study Shelby White and Leon Levy Archives Center

The archiving activities occur in the background and are transparent to knowledge workers. Archive Services for SharePoint

DELAWARE PUBLIC ARCHIVES POLICY STATEMENT AND GUIDELINES ELECTRONIC MAIL

SOUTHWEST VIRGINIA COMMUNITY COLLEGE RECORDS MANAGEMENT PROGRAM. Revised January 15, 2014

City of Minneapolis Policy for Enterprise Information Management

State Records Office Guideline. Management of Digital Records

Table of Contents. To control records generated by the Medical Device Single Audit Program and Quality Management System (QMS) processes.

How To Manage Records And Information Management In Alberta

The Importance of Records Management within a Governance, Retention and Compliance Strategy

Records Management Policy.doc

Digital Records Preservation Procedure No.: 6701 PR2

September 15, 2014 MEMORANDUM FOR THE HEADS OF EXECUTIVE DEPARTMENTS AND AGENCIES AND INDEPENDENT AGENCIES

DEPARTMENT OF THE NAVY RECORDS MANAGEMENT PROGRAM

FUNCTIONAL SPECIFICATION FOR INTEGRATED DOCUMENT AND RECORDS MANAGEMENT SOLUTIONS

Interagency Science Working Group. National Archives and Records Administration

Office of IT Planning, Architecture, and E-Government Office of the Chief Information Officer

Queensland recordkeeping metadata standard and guideline

PSAB Supplement 21 Records Retention and Disposition

A 15-Minute Guide to 15-MINUTE GUIDE

Integrated archiving: streamlining compliance and discovery through content and business process management

5 FAM 400 RECORDS MANAGEMENT

Implementing an Electronic Document and Records Management System. Key Considerations

RUTGERS POLICY. Approval Authority: Executive Vice President for Academic Affairs and Senior Vice President for Administration

Rackspace Archiving Compliance Overview

RECORDS MANAGEMENT VITAL RECORDS MANAGEMENT

Audit Report. The Social Security Administration s Management of Electronic Message Records

ELECTRONIC RECORDS MANAGEMENT AND ARCHIVES MANAGEMENT POLICY

What NHS staff need to know

Polices and Procedures

RECORDS MANAGEMENT POLICY

FREEDOM OF INFORMATION (SCOTLAND) ACT 2002 CODE OF PRACTICE ON RECORDS MANAGEMENT

Capstone for Records Management

EFFECTIVE DATE: JULY 1, 2010

GLOSSARY: A, B, C, D, E, F, G, H, I, J, K, L, M, N, O, P, Q, R, S, T, U, V, W, X, Y, Z

Realizing the ROI of Information Governance. Gregory P. Kosinski Director, Product Marketing EMC

RECORDS MANAGEMENT POLICY MANUAL

Systems Requirements: Gap Analysis Tool

Department of Defense INSTRUCTION

Union County. Electronic Records and Document Imaging Policy

Information Management Policy for The Treasury Department

Reduce Cost, Time, and Risk ediscovery and Records Management in SharePoint

Management of Official Records in a Business System

ANU Electronic Records Management System (ERMS) Manual

USER GUIDE: MANAGING NARA RECORDS WITH GMAIL AND THE ZL UNIFIED ARCHIVE

Add the compliance and discovery benefits of records management to your business solutions. IBM Information Management software

INFORMATION AND DOCUMENTATION RECORDS MANAGEMENT PART 1: GENERAL IRISH STANDARD I.S. ISO :2004. Price Code

Records Management Policy. EPA Classification No.: CIO CIO Approval Date: 02/10/2015. CIO Transmittal No.: Review Date: 02/10/2018

Electronic Records Management

BPA Policy Information Governance & Lifecycle Management

UNIVERSITY OF NAIROBI POLICY ON RECORDS MANAGEMENT

WEST LOTHIAN COUNCIL RECORDS MANAGEMENT POLICY. Data Label: Public

Basic Records Management Practices for Saskatchewan Government*

INFORMATION MANAGEMENT

Records and Information Management. General Manager Corporate Services

Records Management - Department of Health

Presented by Vickie Swam, Director of University Compliance. Records Management is one of the functions supported by the University Compliance Office.

Best Practices for Long-Term Retention & Preservation. Michael Peterson, Strategic Research Corp. Gary Zasman, Network Appliance

Electronic Records Management Guidelines

Transcription:

Record Retention and Digital Asset Management Tim Shinkle Perpetual Logic, LLC 1

Agenda Definitions Electronic Records Management EDMS and ERM ECM Objectives Benefits Legal and Regulatory Requirements (NARA) DOD 5015.2 File Plan Retention Schedule Typical ERM Functions Lifecycle of a record Best practices State of Michigan Example Points of contact 2

Definitions Record Books, papers, maps, photographs, machine readable materials, or other documentary materials Made or received by an agency of the Government under State law or in connection with the transaction of public business Preserved or appropriate for preservation by that agency As evidence of the organization, functions, policies, decisions, procedures, operations or other activities of the Government, or because of the informational value of the data in them. (Federal Records Act: 44 USC 3301) 3

Definitions Electronic Record Any information that is recorded in a form that only a computer can process and that satisfies the definition of a record. (NARA regulations: 36 CFR 1234.2) Electronic records are not necessarily kept in recordkeeping systems but may be created, stored, and managed in any form of electronic information system or application program, such as e-mail or word processing. 4

Definitions Records Management The field of management responsible for the systematic control of the creation, maintenance, use and disposition of records. (Society of American Archivists, 1992) As defined in the Code of Federal Regulations definition, is the rubric "umbrella term" for the discipline defined by a company s policies and processes for managing the records that document its activities. 5

Definitions Electronic Records Management (ERM) Using automated processes to manage any records regardless of format: paper, electronic, microform, etc. Electronic Recordkeeping (ERK) Using automated processes to manage the electronic records. ERK should preserve the content of electronic records, and their context and structure, over time. 6

Principles of a Records Management Program (ISO 15489-1) a) determining what records should be created in each business process, and what information needs to be included in the records, b) deciding in what form and structure records should be created and captured, and the technologies to be used, c) determining what metadata should be created with the record and through records processes and how that metadata will be persistently linked and managed, d) determining requirements for retrieving, using and transmitting records between business processes and other users and how long they need to be kept to satisfy those requirements, e) deciding how to organize records so as to support requirements for use, 7

Principles of a Records Management Program (ISO 15489-1) f) assessing the risks that would be entailed by failure to have authoritative records of activity, g) preserving records and making them accessible over time, in order to meet business requirements and community expectations, h) complying with legal and regulatory requirements, applicable standards and organizational policy, i) ensuring that records are maintained in a safe and secure environment, j) ensuring that records are retained only for as long as needed or required, and k) identifying and evaluating opportunities for improving the effectiveness, efficiency or quality of its processes, decisions, and actions that could result from better records creation or management. 8

Electronic Records Management Records Management (RM) Traditional Records Management Electronic Records Management (ERM) Electronic Recordkeeping [ERK] (All Media, Including Paper) (Electronic Only) ----- MANUAL ----- ----- AUTOMATED ----- 9

EDMS and ERM Electronic Document Management System [EDMS] An electronic document management system [EDMS] is software that manages the creation, storage, and control of semi-structured documents. In part, because an EDMS does not support the preservation of the business context of an individual record (i.e., EDMS systems manage a content item as an individual unit, as opposed to preserving its relationship to a larger group of documents that provide evidence of the same particular organizational function), EDMS systems are not electronic recordkeeping systems. 10

ECM Enterprise Content Management [ECM] AIIM defines Enterprise Content Management (ECM) as the technologies used to capture, manage, store, preserve, and deliver content and documents related to organizational processes. ECM tools and strategies allow the management of an organization's unstructured information, wherever that information exists. EDMS and ERM are components of ECM as found in EMC Documentum 11

Objectives Meet requirements imposed by law and regulations Meet business needs Expedite fulfillment legal discovery requests Meet requirements of current/proposed policy Address other specific objectives (e.g., manage volumes of data) 12

Benefits Accessibility Authenticity and reliability Business dispute resolution Improved productivity Long-term cost savings Reduced cost of compliance and legal discovery 13

Legal and Regulatory Requirements (NARA) http://www.archives.gov/records-mgmt/policy/prod2fnl.html 1. Presidential Decision Directive 63 (PDD-63) 2. Electronic Freedom of Information Act - EFOIA 3. Government Paperwork Elimination Act 4. Paperwork Reduction Act of 1995 5. Information Technology Management Reform Act - ITMRA (aka "Clinger-Cohen") 6. Government Performance and Results Act - GPRA 7. Armstrong v. Executive Office of the President 8. Public Citizen v. John Carlin 9. OMB Circular A-130: Management of Federal Information Resources 14

DOD 5015.2 Chapters 2, 3 and 4 Mandatory for DOD to use a certified tool for ERM Chapter 2 requirements include: File Plan (taxonomy) Scheduling Records (retention rules) Declaring and filing records (includes mandatory metadata) Filing email Storing records (Controlled repository) Retention and Vital Records (cut-off, vital record review, holds,..) Access Controls System Audits System Management Additional baseline requirements (e.g., Accessioning) Chapter 3 Non-mandatory requirements Chapter 4 Classified records 15

File Plan (or Classification Scheme) Function Human Resources Record Series Compensation Record Series Training Record Series Personnel Files Record Type Bonuses Record Type Stock Options Record Type Training Materials Record Type Attendance Rolls Record Type Background Checks Record Type Applications 16

Retention Schedule 17

Typical ERM Functions Declare a record Capture a record Organize records Maintain records security Manage records access Facilitate records retrieval Preserve records Audit/oversight Disposition 18

Typical ERM Functions DECLARE A RECORD For all records the system should: Assign unique identifiers to records and their associated metadata. Capture as much metadata automatically as possible, and reliably link metadata to the records. Some metadata captured for records might include: creator, creating organization, author, recipients, subject matter, format, various dates (date created, date filed), a "vital records" indicator, and others. (See also DOD 5015.2 metadata needs) 19

Typical ERM Functions CAPTURE RECORDS For all records the system should: Allow import of records from other sources. This may involve format conversion for records that are imported from external information systems. Allow establishing a link from the ERM system to a record in an external information system in order to establish records management control. In this case physical transport of the records from one system to another isn't required. 20

Typical ERM Functions ORGANIZE RECORDS For all records the system should: Allow implementation of a corporate scheme for how records are organized. Allow users to select categories in which records are filed and assign records to these categories. Allow records to be linked to other records. Allow certain users to create file folders, and to add, edit and delete categories or file folders. Allow certain users to add, edit and delete records retention schedules. Execute disposition instructions. Allow certain users to assign a status to records that prevents their destruction. Allow certain users to specify staff or unit to which records management responsibility may be assigned. Import information from other sources. Allow users to specify identifiers for non-electronic records. 21

Typical ERM Functions MAINTAIN RECORDS SECURITY For all records the system should: Prevent over-writing of a record. (Usually, a record 'copy' is checked out of the system and a refiled record is written as a new record or a new version of an existing record.) Prevent any modification of a record's unique identifier, once it is defined. Prevent deletion of indexes, categories, and other 'pointers' to records. Maintain a means of detecting any alteration of record or metadata. Provide audit trails of all add, update, deletion, and retrieval activity. Maintain appropriate backup copies of records and recordkeeping systems. Provide adequate recovery/rollback procedures and rebuild procedures, so that records may be recovered or restored following a system malfunction. 22

Typical ERM Functions MANAGE RECORDS ACCESS For all records the system should: Control access so that only an authorized individual is able to retrieve, view, print, copy, or edit a record or other entities (e.g., metadata, file plan) in the record keeping system. Permit the identification of individual users and groups of users, and enable different access privileges to be assigned to individuals or groups. Access privileges may limit access to selected records or groups of records, and may limit access by selected individuals. Maintain the integrity of redacted records and assure that redacted material is not accessible. 23

Typical ERM Functions FACILITATE RECORDS RETRIEVAL For all records systems the system should: Allow searching on metadata, record content, or assigned subject categories. Ensure that all access privileges (permissions and restrictions) are enforced on all retrievals. Allow searching based on a combination of metadata, content, and subject categories within a single query. Query results that may be a list of records and their locations, or may be the records themselves. Allow retrieval of records and associated metadata, and allow retrieval of records based on defined links (e.g., between versions of the same record). 24

Typical ERM Functions PRESERVE RECORDS For all records the system should: Ensure that all records can be read and accurately interpreted throughout their useful life in that system. Enable migration of records to new storage media or formats in order to avoid loss due to media decay or technology obsolescence. Ensure that all captured metadata remains linked to appropriate records and is unchanged throughout the useful life of the records, including after migration to new media or technology. 25

Typical ERM Functions AUDIT/OVERSIGHT For all records the system should: Create and maintain an audit trail (also called use-history metadata) for all records activity and system functions. Provide access to audit trail information at the fully detailed level (e.g., each individual record access, including record identifier, time, date, and user). Provide summary reports of audit trail information (e.g., number of accesses). 26

Typical ERM Functions DISPOSITION For all records the system should: Identify records eligible to be destroyed or permanently archived, based on records retention schedules and disposition instructions. Delete records in a manner that they cannot be physically reconstructed or otherwise retrieved. Optionally provide a record of all record destructions, providing certifiable proof of destruction. 27

Life Cycle of a Record Create/Receive (Identify) Distribute/Use (Classify) Archival Preservation Storage & Maintenance Retention & Disposition 28

Best Practices Methodology ERM Industry standards ISO 15489 is one of the best known approaches to ERM Technology Enterprise Content Management that includes records management functionality Enables continuity and control of data throughout its lifecycle; Robust and scalable platform Usability: Make records management functionality non-intrusive Separate policy taxonomy from business user taxonomy so it will not confuse the business users with legal and regulatory terminology; Records can be identified and captured through lifecycle controls and classification inheritance 29

Ex. State of Michigan Michigan Department of History, Arts and Libraries Records Management Services Frequently Asked Questions about Electronic Records for Local Governments It is essential that government agencies manage their electronic records appropriately. Like all other government records, electronic records are subject to Freedom of Information Act (FOIA) requests and litigation. Agencies can be held liable if they keep their electronic records too long, if their electronic records are not properly destroyed, or if they are destroyed too soon. Under all of these circumstances, the agency can be publicly embarrassed by the events, and can lose significant dollars attempting to protect itself, to produce the required records, to identify the relevant records, or to recover lost records. 30

Ex. State of Michigan In Michigan, it is acceptable to retain a hardcopy version of an electronic record as the official copy, provided that sufficient evidential metadata is retained. Retention in electronic form is also acceptable for bornelectronic records and digital images of paper or microfilm. You may want to look at the Michigan e-mail guidelines and FAQ document we have on our website, as well as our records reproduction standards. http://www.michigan.gov/recordsmanagement/. 31

Ex. State of Michigan Web Content: Web page retention solutions and principles are still evolving. Some states treat it as a publication, others as a record. Some are trying to capture the content electronically, some are trying to get printouts. In Michigan, they are treating it as both a publication and a record. Archives is working to preserve an annual snapshot of the entire web portal as evidence of the "look and feel" of the portal at that moment in time Agencies can document what content appeared online at a particular date/time if there are questions/litigation about accuracy of web content. 32

Ex. State of Michigan Email: Buckets: Records, Non-records, Personal, Transitory Who is responsible for filing e-mail messages? Senders: Are generally considered to be the person of record for any communication. Recipients: May also file a message to support their own business functions, especially if they do not have access to the sender s records. Recipients: May also file a message until a task or activity is completed. Recipients: Informational copies do not need to be retained. 33

Record Retention and Digital Asset Management Tim Shinkle Perpetual Logic, LLC tim.shinkle@perpetuallogic.com Carolyn O'Connor EMC Corporation Field Marketing Phone: (610) 234-4734 Efax: (509) 267-6174 oconnor_carolyn@emc.com 34

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information