Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Living in a Hybrid Records World

690 views

Published on

  • Be the first to comment

  • Be the first to like this

Living in a Hybrid Records World

  1. 1. Living in a hybrid records world Practical skills for synchronizing paper AND electronic records
  2. 2. Agenda  What is a “hybrid” world? – Requirements to synchronize practices  Standards – based strategies  Coffee Break  Low-cost or zero-cost strategies  Implementation
  3. 3. 1. A hybrid world  A MULTIMEDIA world – mix of information assets  Growth in paper records and electronic formats – Recent – digital  “born digital”  Decisions in e-mail – Legacy – paper –  convert to digital  Despite predictions, generally a 50-50 split
  4. 4. Impact on organizations  RIM efforts focused on paper formats – growth of electronic assets – diverse or no control  Exposure to risk  What’s happening at your shop? – Strategic opportunity? – SWOT
  5. 5. 2. A standards – based approach In the absence of laws or regulations, a reasonable approach  International Standards  Canadian Standards  Practice Standards
  6. 6. RIM Program Standards – International Standards Organization ISO 15489 Information and Documentation – Records Management – Part 1 – General and Part 2 – Guidelines (2001)
  7. 7. Required Program Components  Include: – Policies and processes to assert control over records life cycle – Basic instruments are records classification, disposition, authority, and security, and access evaluations  Delivered through Policy, and Records Classification and Retention Schedule
  8. 8. Electronic Records Standards  Canadian General Standards Board CAN/CGSB – 72.11-93 Microfilm and Electronic Images as Documentary Evidence, including amendment 1 (2006)  Canadian General Standards Board. CAN/CGSB – 72.34-2005 Electronic Records as Documentary Evidence (2005)
  9. 9. “Authentic” and “Reliable” Electronic Records?  How to prove authenticity and reliability of electronic records?  ISO 15489 – Authenticity: a. Implement and document policies & procedures b. Ensure creators are authorized and identified c. Ensure records are protected from unauthorized addition, deletion, alteration, us and concealment  Reliability: – Versions of records are documented and evident
  10. 10. Integrity of Electronic Records Management Systems Provides support for electronic records as evidence  Provincial and Federal Evidence Acts, juridical decisions  CGSB Electronic Documents as Documentary Evidence – Procedures manual as required in policy should meet evidentiary standards for admissibility – Manual as “eyewitness” to prove records created in the usual and ordinary course of business
  11. 11. Practice Standards  Technical RIM Standards – Requirements for Managing Electronic Messages as Records (2004) – Retention Management – Digital Records Conversion Process (2007) – Etc.
  12. 12. A. Review Policy Environment  Hasyour organization established a RIM policy? – defines “records”  Other policies – E-mail Management – Appropriate Use of Technology – Privacy Management
  13. 13. RIM Policy Components  Defines expectations upon staff, and links expectations to practices  Ensures that evidence, accountability and information about practices are met  Outlines what organization intends to do – program and procedures – identifies senior manager with lead responsibility  Supported by procedures and guidelines, planning and strategy statements, disposition authorities and other documents Policies are statements of intent
  14. 14. Procedures Manual  “Proof” of management  Same classification, retention  Procedures differ for paper and electronic  Paper – folders, groups  Electronic – documents, folders
  15. 15. Chain of Evidence Records are considered as documentary evidence, and must demonstrate that they were created as follows: 1. Created in “usual and ordinary course of business”; 2. Meet business requirements and comply with RIM best practices; 3. Comply with national and international standards for RIM; 4. Comply with information technology requirements and standards; 5. Comply with applicable provincial and federal laws, and court rulings.
  16. 16. B. Records Instruments  Classification/Taxonomy/Information Map? – Subject or function based – Specific to general  Retention? – Granular or big bucket? – Procedures?  Security?  Accountability?
  17. 17. Universal approach, diverse practices  RIM program requirements – Policy level  Responsibility  Defined processes  Quality assurance and control – Common instruments  Classification  Retention
  18. 18. C. Legal context  Format neutral – Anything that records  Processesnot systems  Accountability  Risk management
  19. 19. Legal trends*: “going electronic”  Potential adoption of best practices, like Sedona Canada Principles for Electronic Discovery (www.thesedonaconference.org)  New BC Supreme Court Rules potentially adopting proportionality discovery rules similar to Sedona Canada Principles for Electronic Discovery (www.bcjusticereviewforum.ca/civilrules/) * Information provided by Stuart Rennie, LLB, MLIS, member of Sedona Canada
  20. 20. Sedona Canada principles
  21. 21. Sedona Canada: RIM implications  E-discovery should apply to all relevant electronically stored information and should be proportionate as to costs and accessibility of production of this information (Principles 1,2,5)
  22. 22. Sedona Canada: RIM implications  The reasonable costs of discovery should be borne by the party producing the e- documents. Parties should agree on preservation, access and production, using agreed upon electronic tools and formats but also protecting privileges and confidential information. Parties should respect the rules of the forum in which the litigation takes place (Principles 3,6,7,8,9,10,12)
  23. 23. Sedona Canada: RIM  Sanctions should be considered by the court where a party will be materially prejudiced by another party’s failure to meet any obligation to preserve, collect, review or produce electronically stored information. The party in default may avoid sanctions if it demonstrates the failure was not intentional or reckless (Principle 11) “Compliance with a reasonable records management policy, or justifiable inadvertent destruction or non-production of relevant documents should not, in the ordinary course, constitute sanctionable conduct.” (Comment 11.e on Principle 11)
  24. 24. Life Cycle of Electronic Records A. Creation: record keeping activities are undertaken under the custody and control of the creator – Application specific – “Saving” requires document naming  Needs consistent metadata – Forms and templates (Forms Management) B. Registration – Valid? Complete? Drafts vs. Final? – Attachments – Versions
  25. 25. Life Cycle of Electronic Records Continued C. Use/Maintenance/Retrieval – Directory/Folder system – Shared filing places  Open  All applications/network – Closed or secure filing spaces  Privacyprotection/confidential  User access permissions – Protection through back-up
  26. 26. Life Cycle of Electronic Records D. Disposition/Deletion – How? Must be authorized – Difficult to segregate by retention – Migration E. Preservation – Challenge (migration?) – Not currently guaranteed/ Research F. Quality Assurance & Audit Trail – To prove reliability of systems
  27. 27. COFFEE BREAK Image taken from Answers.com
  28. 28. 3. Low cost or zero cost strategies  Assumptions – No funding for EDMS, large projects – Possible slowdown in general environment – Opportunities for cost sharing and savings  Potential of strategic approach – Alliances with IT, RIM, Legal  Practice for EDMS implementation (if, when…)
  29. 29. A. Identify challenges/set priorities Find the challenges, frame the message!  Organization awareness?  Organization risk?  Leadership?  Lack of time?  Lack of tools?
  30. 30. B. Conduct Risk assessment  Records census  “Worst first”  Examples – Ingest of documents into EDMS*  UBC InterPARES case study – Management of e-mail – Conversion of legacy paper to digital
  31. 31. C. Drive and folder management Drives:  Partition by retention  Apply classification – Simplify – Based on network management Layers from drive, to folders, to documents – Extra level at documents
  32. 32. Drives by document types P drive - Personal for work in progress  S drive - Shared for final work to be shared  Dedicated drives for graphics (G), applications (A), archives (X)  Ghost drive for past documents
  33. 33. Folders Parallel to subjects and functions of classification  Shared drives – classification, simplified, from records classification – No file codes  Personal drives – topics relevant to staff work only – Same topics as file plan (max 10 topics)
  34. 34. Sample structure
  35. 35. Documents  Once saved, READ ONLY in shared drive  Final versions in .PDF format  Once saved, READ ONLY in archives drive  Once saved, access only by permission in ghost drive  Need document naming convention
  36. 36. Sample Naming Conventions 1. Title – free form text that clearly describes the content of the document; 2. Version – two digit version number to facilitate sorting and display of documents; 3. Date – YYYY_MM_DD – significant date relevant to the document, e.g. Version date or publication date; 4. Author – first initial and last name; 5. Business unit/program – name of business unit or program area; 6. Type – document type, e.g. AGD (agenda) AGR (agreement) PRC (procedures); 7. Extension – application in which the document has been created, e.g. ..doc; .xls. Alberta. Information Management Branch. “Naming Conventions for Electronic Documents.”Electronic Information Management. August 2005. http://www.im.gov.ab.ca/index.cfm?page=imtopics/eim.html .
  37. 37. Naming Conventions: Examples  Using the full naming convention: – Document Naming Conventions_V09_2009- 0501_sb_armacalgary_PRE.doc; – Elements are: Title_Version_Date_Author_Organization_Type_extention;  Using the folder structure: ARMA Presentations Calgary ChapterMeetings The naming convention may consist of: Meeting Date_Version_Author.doc; 2009-05-01_V01_sbradley.doc; 2009-05-01_V02_sbradley.doc;
  38. 38. Permissions  As open as possible – Facilitate SHARING, rather than SECURITY  Closed for: – Privacy matters – Business confidential matters  Can be the most contentious issue
  39. 39. Migrate old files to new structure  Pick go forward date  Defined time period for migration – Set criteria, e.g. In use? Decision?  Cut off  Close off, move to “ghost drive”  Available only if necessary  Project to review, and then dispose
  40. 40. D. Retention Management  Big buckets? – Aggregate to assist IT backup and retention  Depends on your organization, accountability  Example from project (Non-profit legal research organization)
  41. 41. Legal Citations (where present) LEGAL CITATION INFORMATION SUMMARY OF NUMBER MAP TOPIC(S) LEGAL RETENTION REQUIREMENT 1 Administration: Personnel/HR Personal Information Recruitment Protection Act, Projects S.B.C.2003, c. 63 in Employment section 35 requires Applications; that an individual's Operations: personal information Development must be retained for Donors (Personal) at least 1 year after Donor information being used.
  42. 42. Model “buckets” 9 categories of retention:  Group 1 – CY; nil, D (Transitory records: Keep for current year at maximum, then destroy). This would apply to duplicate materials, transitory documents and draft items  Group 2 – SO, nil, D (Templates and forms: keep active until updated, replaced or expired, then destroy)  Group 3 – CY+1; 6y; D (Keep in active workspace for current year plus one additional year. Move to storage space for six years. Destroy in the 8th year.) This would generally apply to most financial and taxation reporting records  Group 4 – CY+1; 8y; D (Keep in active workspace for current year plus one additional year. Move to storage for 8 years. Destroy in the 11th year.) This would apply to most working notes, project drafts and other items excepting for final reports and recommendations
  43. 43. Model buckets, cont’d  Group 5 – SO; 6y; D (Keep active until updated, replaced or expired and all obligations to the organization cease. Move to storage for six years, Destroy in the 7th year.) This would generally apply to most agreements, arrangements, and other continuing items, where the retention period applies after the agreement is completed or the relationship is terminated of and all obligations are completed  Group 6 – CY+1, 8y, D (Keep active for 2 years, close and store for 8 years, then destroy). This would apply to legal advice provided by staff lawyers on establishing an easement, covenant, right of way, conveyance or providing tax advice.  Group 7 – SO, 6y, D (Keep active until no longer referenced or related to current program work, close and store for six years, then destroy. Upon file closing, remove any documents that are publicly available, such as pleadings or court documents.) This would apply to WCEL program, summary advice or client representation.
  44. 44. Model buckets, cont’d  Group 8 – CY + 2, 7y, D (Keep active for three years, close and store for seven years, then destroy. Upon file closing, remove all application information except financial information.) This would apply to records of the Fund.  Group 9 – SO, nil, P (Keep active until updated, replaced or expired.) (Archival records: move to a permanent storage location and retain for the duration of the organization.)  This would apply to society incorporation documents and related board and financial reporting information, agreements, policies, procedures and activities that are required for the lifetime of the organization, as well as reports and data useful for long term planning and analysis.
  45. 45. Match drives, folders to buckets  Link retention periods to largest element – Drives  Folder – Subfolders by date  Work with IT for back up, disposal
  46. 46. E. E-mail Management  What are the concerns about this format?  What are the biggest challenges?  What are some of the solutions currently in play? – Size limitations on mailbox – Print and file
  47. 47. E-mail Filing Responsibilities  Set up message directories the same as electronic directories (apply the same retention)  Establish protocol, e.g. – Author saves e-mails sent internally  Originating author saves threaded message – Recipient saves e-mails received from external sources – First recipient of multiple recipients saves message – Workgroups should designate e-mail gatekeeper to save and file
  48. 48. E-mail retention procedures  Separate transitory from substantive  Date or time limit (90 days) to force decision  Approved processes for deleting transitory  Duplicates  Facilitative,such as bookings, scheduling  Copies for information only  Threaded messages when the final is the complete message  Personal messages
  49. 49. Procedures for other Electronic Formats  Scanning  Digital photographs  Graphic applications, e.g. drawing, mapping  Records in databases  Web content  Instant messaging, etc. Deal with as you have time, and there is benefit
  50. 50. Scanning  Conversion of paper to digital form  Justification  Method  Reliability and integrity of digital form  “best evidence”  Adherence to standards
  51. 51. 4. Implementation and Change Management  Pilot and user groups – Team leaders  Desk top support – Cheat sheets – KISS
  52. 52. 5. Return on Investment?  Legal context - risk avoidance – Demonstration of expert control  ITcontext – network/resources optimization  Business owners – – information access, ease of use
  53. 53. Thank you Alexandra (Sandie) Bradley, CRM Harwood Information Associates Limited 1236 Fulton Avenue West Vancouver BC V7T 1N6 harwoodinfo@telus.net

×