Managing Born- Digital Documents.

Similar documents
Emerging Trends in Records Management Technology. Jessie Weston, CRA 2018 MISA Conference October 11-12, 2018

How Long to Keep Records & Legally Dispose of Them. Virginia Fritzsch Public Records Archivist Wisconsin Historical Society

POLICY TITLE: Record Retention and Destruction POLICY NO: 277 PAGE 1 of 6

GUIDELINES FOR CREATION AND PRESERVATION OF DIGITAL FILES

Managing Records in Electronic Formats. An Introduction

HPE ControlPoint. Bill Manago, CRM IG Lead Solutions Consultant HPE Software

Southington Public Schools

Terms in the glossary are listed alphabetically. Words highlighted in bold are defined in the Glossary.

Case Study: Building Permit Files

UNIVERSITY OF MASSACHUSETTS AMHERST INFORMATION SECURITY POLICY October 25, 2017

UNIVERSITY OF MASSACHUSETTS AMHERST INFORMATION SECURITY POLICY September 20, 2017

Electronic Signature Policy

Records Information Management

Records Management at MSU. Hillary Gatlin University Archives and Historical Collections January 27, 2017

SPRING-FORD AREA SCHOOL DISTRICT

CARROLL COUNTY PUBLIC SCHOOLS ADMINISTRATIVE REGULATIONS BOARD POLICY EHB: DATA/RECORDS RETENTION. I. Purpose

Is SharePoint the. Andrew Chapman

Title: Case Study 08 North Vancouver Museum and Archives (NVMA): Customizable Versions of Products

Community Unit School District No. 1. School Board

DIGITAL RECORDS MANAGEMENT GUIDELINES

GDPR compliance. GDPR preparedness with OpenText InfoArchive. White paper

Washington State Archives Public Records Management for Conservation Districts

Data Inventory and Classification, Physical Devices and Systems ID.AM-1, Software Platforms and Applications ID.AM-2 Inventory

Policies & Regulations

Chapter 9 Section 3. Digital Imaging (Scanned) And Electronic (Born-Digital) Records Process And Formats

NARA RECORDS MANAGEMENT INITIATIVES FOR MORE EFFECTIVE ACCESS TO INFORMATION. SERI Educational Webinar Tuesday, September 9, :00 pm Eastern

How to Clean Up Files for Better Information Management Brian Tuemmler. Network Shared Drives: RIM FUNDAMENTALS

Setting the Stage for Automatic Disposition

Developing an Electronic Records Preservation Strategy

General Data Protection Regulation: Knowing your data. Title. Prepared by: Paul Barks, Managing Consultant

White Paper Assessment of Veriteq viewlinc Environmental Monitoring System Compliance to 21 CFR Part 11Requirements

Retention and Disposal of Library Records

IT risks and controls

Common approaches to management. Presented at the annual conference of the Archives Association of British Columbia, Victoria, B.C.

RECORD RETENTION POLICY

RECORDS MANAGEMENT AND YOU

Assessment of Vaisala Veriteq viewlinc Continuous Monitoring System Compliance to 21 CFR Part 11 Requirements

8/28/2017. What Is a Federal Record? What is Records Management?

Presented by: Therese Mickelson, ABC!

Data Protection. Plugging the gap. Gary Comiskey 26 February 2010

EU GDPR & NEW YORK CYBERSECURITY REQUIREMENTS 3 KEYS TO SUCCESS

Product Overview Archive2Azure TM. Compliance Storage Solution Based on Microsoft Azure. From Archive360

Ashford Board of Education Ashford, Connecticut POLICY REGARDING RETENTION OF ELECTRONIC RECORDS AND INFORMATION

COMPLIANCE BRIEF: HOW VARONIS HELPS WITH PCI DSS 3.1

5/6/2013. Creating and preserving records that contain adequate and proper documentation of the organization.

The Making of PDF/A. 1st Intl. PDF/A Conference, Amsterdam Stephen P. Levenson. United States Federal Judiciary Washington DC USA

Digital Preservation at NARA

KuppingerCole Whitepaper. by Dave Kearns February 2013

Refreshing Your Records Management. Tracy Rebstock, Southwest Regional Archivist

IT CONTINUITY, BACKUP AND RECOVERY POLICY

Part 11 Compliance SOP

Supersedes Policy previously approved by TBM

2/24/2015. What are File Formats? Types of File Formats. Sustainable Formats. File formats can be grouped into three categories:

Introduction to Digital Preservation. Danielle Mericle University of Oregon

Security Policies and Procedures Principles and Practices

Adobe Sign and 21 CFR Part 11

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

Policy Summary: This guidance outlines ACAOM s policy and procedures for managing documents. Table of Contents

INFORMATION ASSET MANAGEMENT POLICY

Chapter 10. Administration

The Trail of Electrons

RECORDS MANAGEMENT RECORDS MANAGEMENT SERVICES

Managing Official Electronic Records Guidelines

Records Retention Policy

Publications. ACH Audit Requirements. A new approach to payments advising SM. Sound Practices Checklists

Archiving Market Update

Records Retention 101 for Local Government Agencies. Overview

Importance of cultural heritage:

Records management workflows

Freedom of Access in Maine

Data Protection. Rethinking. Michael Andrews, Director, Enterprise Data Protection, APJ HP Autonomy IM

Implementing Electronic Signature Solutions 11/10/2015

COMPTIA CLO-001 EXAM QUESTIONS & ANSWERS

OAKLAND COUNTY, MICHIGAN GEOSPATIAL DATA ACCESS, DISTRIBUTION AND USE

COMPLIANCE BRIEF: VARONIS AND THE US SECURITY AND EXCHANGE COMMISSION S OFFICE OF COMPLIANCE INSPECTIONS AND EXAMINATIONS (SEC OCIE)

EDRMS Document Migration Guideline

10 Hidden IT Risks That Might Threaten Your Business

The Emerging Data Lake IT Strategy

RECORDS AND INFORMATION MANAGEMENT AND RETENTION

Cloud Computing Standard 1.1 INTRODUCTION 2.1 PURPOSE. Effective Date: July 28, 2015

DRS Policy Guide. Management of DRS operations is the responsibility of staff in Library Technology Services (LTS).

Element Finance Solutions Ltd Data Protection Policy

<Criminal Justice Agency Name> Personally Owned Device Policy. Allowed Personally Owned Device Policy

Integrated Access Management Solutions. Access Televentures

Archive and Records Management Policy

SYSTEMS ASSET MANAGEMENT POLICY

2016 SC REGIONAL HOUSING AUTHORITY NO. 3 S EIV SECURITY POLICY

Farmingdale State College Records Management Training PRESENTED BY DOROTHY HUGHES INTERNAL CONTROL OFFICER AND RECORDS MANAGEMENT OFFICER

21 CFR Part 11 LIMS Requirements Electronic signatures and records

Case Study: Using the Principles to Assess Current & Future State Presented by John Isaza, Esq., FAI ARMA Houston Chapter April 23, 2013

Creative Funding Solutions Limited Data Protection Policy

POLICIES AND PROCEDURES

Technical and Functional Standards for Digital Court Recording

Employee Security Awareness Training Program

Records Management and Retention

Development Authority of the North Country Governance Policies

Best Practices in Securing Your Customer Data in Salesforce, Force.com & Chatter

Bootstrapping Enterprise Standards A Real World Approach

RECORDS WWU: . WWU Archives & Records Management Tony Kurtz x3124 Rachel Thompson x6654

Recordkeeping Metadata Study Committee

Transcription:

Managing Born- Digital Documents www.archives.nysed.gov

Objectives Review the challenges of managing born-digital records Provide Practical strategies to ensure born-digital records are well managed Understand the basics of digital preservation Eliminate the need to print records to paper

Your Goal: If a record is born digital, it will die digital

What s Wrong with this Picture?

Issues and Opportunities DIGITAL RECORDS OVERVIEW

The Records Lifecycle

Same Rules Apply RM fundamentals apply regardless of format Storage Organization Ownership Retention & disposition Security & protection Authenticity Preservation

Same Questions Paper What records do you have? Who created them? Who is responsible for them? Where are they stored? What s their retention period? What is their format? Same Same Same Same Same Same E-Records

New Challenges Multiple managers IT, RMO, department, user Creation devices PC, laptop, tablet, smart phone, etc. Continuous changes Live applications (e.g. database-driven apps, GIS, web sites ) Storage locations Multiple repositories to manage (e.g. servers, handheld devices, cloud, etc.)

Additional Challenges Accessibility Local, shared, security, public Trustworthy Revision control Legal compliance Preservation challenges Maintaining readability/functionality Proprietary file formats; obsolescence

Consider This: Approximately 90% of all documents are created electronically About 70% of paper records were created electronically

Types, categories & locations KNOW WHAT YOU HAVE

Types of E-Records Word processing Spreadsheets PDF Databases Scanned images Email & attachments Presentations Photos Websites Social media Audio recordings Videos Electronic publications GIS CAD (Computer Aided Design)

Where Are Your Records? Desktop PC s Laptops Network servers File servers Application servers Removable media CDs, DVDs, USB drives, etc. Backup tapes Remote sites Home offices Tablets Smart phones The Cloud

Categories of e-records Structured Database driven applications (financial, permits, etc.) Unstructured Word processing, spreadsheets, PDF E-mail

Social Media Third-party hosted and managed Facebook, Twitter, blogging with comments Need centralize management Limit who can post Governing policies must be in place Tools needed to retain past information

Locally or Cloud? Where are your records stored? On your servers or a 3rd party (e.g. vendor, state, federal) If internally: Which devices store the data and who controls them? If third-party: What does your contract stipulate? Where are the primary servers? Where are the backups?

So It s Simple: If you want your digital documents to be records, treat them like records

Setting a Strategy MANAGING WHAT YOU HAVE

1. Identifying e-records Identify the records Creation applications Storage locations Identify the owner Creator, custodian, and owner Determine official record Paper print-out or electronic? Work-in-process or final?

2. Identify Risks Identify potential and existing risks Common risks Lack of security Lack of protection Risk of future inaccessibility

Potential Risks Security physical & logical/it Protection Retention Preservation Uncontrolled duplication Storage location

3. Determine Focus Where to begin? Where is your larger risk? Short term and long term Low hanging fruit Imminent threats Day-forward and backlog Can t address everything at once Be realistic in your approach

4. Action Plan Focus area will influence action plan Balanced approach Serious issues are priority What can easily be achieved? Identify short term and long term answers Plan accordingly

Project Management Project management is critical to overall success Patience Keep plan as simple as possible Get advice

IMPLEMENTING A STRATEGY

Practical Steps Inventory Dispose Organize Preserve Manage (on-going) Document (policies & procedures)

Dispose of What You Can Determine records retention requirements Use same schedules Separate records from non records Work-in-process, copies Determine official record Paper or electronic? Perform consistently in course of business Periodic review needed

Organization Structured Output periodic reports to PDF/A Unstructured Purging & developing a file plan Note: Preservation will be discussed later

Unstructured e-file Plan Standardized filing method for unstructured files Location where final record copies are stored Determine how you search for records Facilitate retrieval and access Recommendations Begin modeling using paper filing systems Use intelligible names Be consistent Use to track retention and versions

Naming Conventions

How to Stop the Paper Designate the electronic version the official copy Control printers and photocopiers Implement Electronic Forms Use e-signatures where appropriate

Sample Resolution The Town of Adams shall maintain all digitally created records in their native digital format for the legally proscribed retention period of the record. The Town shall maintain all digital records adhering to the guidelines set forth in the Regulations of the Commissioner of Education Part 185.8.

Implement Electronic Forms With an ECM Create your own

What s an ECM? Central technology platform used to capture, manage, store, preserve, and deliver electronic content Central repository for storing electronic records Manages records in many formats Provides structure for unstructured data

Electronic Forms

Electronic Forms II

Electronic Forms III

Electronic Signatures Electronic Signature and Records Act (ESRA) An electronic signature is an electronic sound, symbol, or process, attached to or logically associated with an electronic record and executed or adopted by a person with the intent to sign the record. https://its.ny.gov/sites/default/files/documents/g 04-001.pdf

ESRA esignature Approaches Click Through or Click Wrap Personal Identification Number (PIN) or password Digitized Signature Biometrics Public/Private Key

Click Through Example

Password Example

Password Example II

Email Retention Options Schedule-Based Retention Uniform Retention Functional Retention ( Big Bucket retention) Account Holder Retention

Schedule-Based Retention Each mailbox owner: Categorizes each message Matches the message to a specific schedule item Determines the disposition date Files the message in an appropriate place Disposes of the message when appropriate

Pros and Cons Schedule-Based Retention Pros Conforms to current retention rules Employs mailbox owner s knowledge Does not require additional software or hardware Cons Labor intensive Increased costs User resistance Often impracticable

Uniform Retention A single predetermined retention period for most email Applies to the official copy Most common retention is 3-10 years Exceptions for emails that need longer or shorter retention Event-based retentions Automatically deleted from email server Discourage saving emails outside the email server

Uniform Retention Pros and Cons Pros Easier to understand (than schedule-based) Less decision-making More compliance from mailbox owners Cons Goes against over 50 years of retention practice Keep records longer than you need Requires more storage capacity Affects performance of email servers

Functional Retention Consolidates schedules into broader functions Also known as the big bucket theory Middle ground between schedule-based retention and uniform retention Can use functional headings in schedules to implement

Big Bucket Example From the ED-1 Bank Statement [109] 6 years Budget preparation file [55] 6 years Voucher [121] 6 years Daily cash record [100] 6 years Purchase order [269] 6 years Big Bucket Approach Fiscal 6 years

Big Buckets Pros and Cons Pros Simplifies role of end user Simplifies system requirements Improves consistency Cons Leads to some increases in retention periods Goes against over 50 years of retention practice

Account Holder Retention Manage retention by email account Retention is based on email account holder s work And/or the account holder s position Examples Mayor s and secretary s email account is permanent Fiscal officer s email account is six years All other clerical staff is 1 year

Preservation Concerns Will file be readable for entire retention period? Format less of a concern for short term retention Native or neutral format (e.g..doc, PDF, etc.) Long term document and image formats PDF/A Tagged Image File Format TIFF

Media Limitations

Media Storage Standards Store media in proper environment Dust-free, closed container Temperature (60-68 ); Humidity (35%-45%) Properly labeled Keep away from cleaning supplies & chemicals Keep secure Maintain access log

Strategies: Social Media In most cases records will need to be extracted Built in tools Generally free May not extract data in a useful format May not extract complete record information 3rd party applications May have costs associated with them More selection May not extract complete record information

Strategies: Migration Maintenance Tape should be periodically rewound (every 24 months) Periodically refresh or transfer data to new media Develop migration plan Move/convert data before system is obsolete Include in budget Consider as hardware & software changes Test process

Strategies: Digital Preservation Systems Utilize the OAIS model to preserve records Example: Preservica, Archivematica Best for long-term and permanent records Require significant resources to implement

Preserving Databases How to preserve what is constantly changing? Start with need and then address in policy Snapshots captured at predetermined periods Determine retention requirements Long term retention requires movement to XML

Why not rely just on backups to preserve permanent e-records?

Policies and Procedures Integrate e-records into overall RM program One RM program; e-records are just another format Must have senior official s support Governing board acceptance Get IT input Often do not have time to write themselves Document systems & retain for life of system

Examples of Policies Acceptable use Systems use, social media, etc. Organizing How files (including email) should be named & filed Roles and responsibilities Record coordinators, administrators, etc. Protection Back-up procedures Security, passwords

Education Awareness & education Initial training Periodic reinforcement Integrate into new hire & staff review process Signed staff acknowledgement

PRACTICAL STEPS GOING FORWARD

Suggested Steps Use what you know now Discover what you don t know Prioritize Determine policy needs Address low hanging fruit Evaluate technologies e.g. Electronic Content Mgt System considerations

Use What You Know Start with willing partners/departments Your department or willing participant Inventory what you have Unstructured e-record file plan Structured record output Learn what works and does not for you Consider using a consultant

Discover What You Don t Know Pick next willing functional area(s) Inventory Determine needs Prioritize

Action Plan Address low hanging fruit Evaluate technologies (e.g. ECM considerations) File plan Folder & file naming convention Email folder structure Periodic output to PDF/A for structured e-records Policies Address cloud contracts, social media, preservation, etc.

LAST WORDS OF ADVICE

Conclusions Integrate into overall RM program Develop policies to guide RM program Procedures for day-to-day activities Integrate ERM into normal course of business Senior official s support required Develop e-records file plan Make the best use of technology Partner with IT Build functionality into your system

ERM Benefits Reduces risk & compliance costs Demonstrate compliance; facilitates discovery Improves staff efficiencies Reduce time searching for records Supports business continuity Identifies essential records for protection Facilitates sharing of information Reduces redundant copies

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback