Managing Born- Digital Documents www.archives.nysed.gov
Objectives Review the challenges of managing born-digital records Provide Practical strategies to ensure born-digital records are well managed Understand the basics of digital preservation Eliminate the need to print records to paper
Your Goal: If a record is born digital, it will die digital
What s Wrong with this Picture?
Issues and Opportunities DIGITAL RECORDS OVERVIEW
The Records Lifecycle
Same Rules Apply RM fundamentals apply regardless of format Storage Organization Ownership Retention & disposition Security & protection Authenticity Preservation
Same Questions Paper What records do you have? Who created them? Who is responsible for them? Where are they stored? What s their retention period? What is their format? Same Same Same Same Same Same E-Records
New Challenges Multiple managers IT, RMO, department, user Creation devices PC, laptop, tablet, smart phone, etc. Continuous changes Live applications (e.g. database-driven apps, GIS, web sites ) Storage locations Multiple repositories to manage (e.g. servers, handheld devices, cloud, etc.)
Additional Challenges Accessibility Local, shared, security, public Trustworthy Revision control Legal compliance Preservation challenges Maintaining readability/functionality Proprietary file formats; obsolescence
Consider This: Approximately 90% of all documents are created electronically About 70% of paper records were created electronically
Types, categories & locations KNOW WHAT YOU HAVE
Types of E-Records Word processing Spreadsheets PDF Databases Scanned images Email & attachments Presentations Photos Websites Social media Audio recordings Videos Electronic publications GIS CAD (Computer Aided Design)
Where Are Your Records? Desktop PC s Laptops Network servers File servers Application servers Removable media CDs, DVDs, USB drives, etc. Backup tapes Remote sites Home offices Tablets Smart phones The Cloud
Categories of e-records Structured Database driven applications (financial, permits, etc.) Unstructured Word processing, spreadsheets, PDF E-mail
Social Media Third-party hosted and managed Facebook, Twitter, blogging with comments Need centralize management Limit who can post Governing policies must be in place Tools needed to retain past information
Locally or Cloud? Where are your records stored? On your servers or a 3rd party (e.g. vendor, state, federal) If internally: Which devices store the data and who controls them? If third-party: What does your contract stipulate? Where are the primary servers? Where are the backups?
So It s Simple: If you want your digital documents to be records, treat them like records
Setting a Strategy MANAGING WHAT YOU HAVE
1. Identifying e-records Identify the records Creation applications Storage locations Identify the owner Creator, custodian, and owner Determine official record Paper print-out or electronic? Work-in-process or final?
2. Identify Risks Identify potential and existing risks Common risks Lack of security Lack of protection Risk of future inaccessibility
Potential Risks Security physical & logical/it Protection Retention Preservation Uncontrolled duplication Storage location
3. Determine Focus Where to begin? Where is your larger risk? Short term and long term Low hanging fruit Imminent threats Day-forward and backlog Can t address everything at once Be realistic in your approach
4. Action Plan Focus area will influence action plan Balanced approach Serious issues are priority What can easily be achieved? Identify short term and long term answers Plan accordingly
Project Management Project management is critical to overall success Patience Keep plan as simple as possible Get advice
IMPLEMENTING A STRATEGY
Practical Steps Inventory Dispose Organize Preserve Manage (on-going) Document (policies & procedures)
Dispose of What You Can Determine records retention requirements Use same schedules Separate records from non records Work-in-process, copies Determine official record Paper or electronic? Perform consistently in course of business Periodic review needed
Organization Structured Output periodic reports to PDF/A Unstructured Purging & developing a file plan Note: Preservation will be discussed later
Unstructured e-file Plan Standardized filing method for unstructured files Location where final record copies are stored Determine how you search for records Facilitate retrieval and access Recommendations Begin modeling using paper filing systems Use intelligible names Be consistent Use to track retention and versions
Naming Conventions
How to Stop the Paper Designate the electronic version the official copy Control printers and photocopiers Implement Electronic Forms Use e-signatures where appropriate
Sample Resolution The Town of Adams shall maintain all digitally created records in their native digital format for the legally proscribed retention period of the record. The Town shall maintain all digital records adhering to the guidelines set forth in the Regulations of the Commissioner of Education Part 185.8.
Implement Electronic Forms With an ECM Create your own
What s an ECM? Central technology platform used to capture, manage, store, preserve, and deliver electronic content Central repository for storing electronic records Manages records in many formats Provides structure for unstructured data
Electronic Forms
Electronic Forms II
Electronic Forms III
Electronic Signatures Electronic Signature and Records Act (ESRA) An electronic signature is an electronic sound, symbol, or process, attached to or logically associated with an electronic record and executed or adopted by a person with the intent to sign the record. https://its.ny.gov/sites/default/files/documents/g 04-001.pdf
ESRA esignature Approaches Click Through or Click Wrap Personal Identification Number (PIN) or password Digitized Signature Biometrics Public/Private Key
Click Through Example
Password Example
Password Example II
Email Retention Options Schedule-Based Retention Uniform Retention Functional Retention ( Big Bucket retention) Account Holder Retention
Schedule-Based Retention Each mailbox owner: Categorizes each message Matches the message to a specific schedule item Determines the disposition date Files the message in an appropriate place Disposes of the message when appropriate
Pros and Cons Schedule-Based Retention Pros Conforms to current retention rules Employs mailbox owner s knowledge Does not require additional software or hardware Cons Labor intensive Increased costs User resistance Often impracticable
Uniform Retention A single predetermined retention period for most email Applies to the official copy Most common retention is 3-10 years Exceptions for emails that need longer or shorter retention Event-based retentions Automatically deleted from email server Discourage saving emails outside the email server
Uniform Retention Pros and Cons Pros Easier to understand (than schedule-based) Less decision-making More compliance from mailbox owners Cons Goes against over 50 years of retention practice Keep records longer than you need Requires more storage capacity Affects performance of email servers
Functional Retention Consolidates schedules into broader functions Also known as the big bucket theory Middle ground between schedule-based retention and uniform retention Can use functional headings in schedules to implement
Big Bucket Example From the ED-1 Bank Statement [109] 6 years Budget preparation file [55] 6 years Voucher [121] 6 years Daily cash record [100] 6 years Purchase order [269] 6 years Big Bucket Approach Fiscal 6 years
Big Buckets Pros and Cons Pros Simplifies role of end user Simplifies system requirements Improves consistency Cons Leads to some increases in retention periods Goes against over 50 years of retention practice
Account Holder Retention Manage retention by email account Retention is based on email account holder s work And/or the account holder s position Examples Mayor s and secretary s email account is permanent Fiscal officer s email account is six years All other clerical staff is 1 year
Preservation Concerns Will file be readable for entire retention period? Format less of a concern for short term retention Native or neutral format (e.g..doc, PDF, etc.) Long term document and image formats PDF/A Tagged Image File Format TIFF
Media Limitations
Media Storage Standards Store media in proper environment Dust-free, closed container Temperature (60-68 ); Humidity (35%-45%) Properly labeled Keep away from cleaning supplies & chemicals Keep secure Maintain access log
Strategies: Social Media In most cases records will need to be extracted Built in tools Generally free May not extract data in a useful format May not extract complete record information 3rd party applications May have costs associated with them More selection May not extract complete record information
Strategies: Migration Maintenance Tape should be periodically rewound (every 24 months) Periodically refresh or transfer data to new media Develop migration plan Move/convert data before system is obsolete Include in budget Consider as hardware & software changes Test process
Strategies: Digital Preservation Systems Utilize the OAIS model to preserve records Example: Preservica, Archivematica Best for long-term and permanent records Require significant resources to implement
Preserving Databases How to preserve what is constantly changing? Start with need and then address in policy Snapshots captured at predetermined periods Determine retention requirements Long term retention requires movement to XML
Why not rely just on backups to preserve permanent e-records?
Policies and Procedures Integrate e-records into overall RM program One RM program; e-records are just another format Must have senior official s support Governing board acceptance Get IT input Often do not have time to write themselves Document systems & retain for life of system
Examples of Policies Acceptable use Systems use, social media, etc. Organizing How files (including email) should be named & filed Roles and responsibilities Record coordinators, administrators, etc. Protection Back-up procedures Security, passwords
Education Awareness & education Initial training Periodic reinforcement Integrate into new hire & staff review process Signed staff acknowledgement
PRACTICAL STEPS GOING FORWARD
Suggested Steps Use what you know now Discover what you don t know Prioritize Determine policy needs Address low hanging fruit Evaluate technologies e.g. Electronic Content Mgt System considerations
Use What You Know Start with willing partners/departments Your department or willing participant Inventory what you have Unstructured e-record file plan Structured record output Learn what works and does not for you Consider using a consultant
Discover What You Don t Know Pick next willing functional area(s) Inventory Determine needs Prioritize
Action Plan Address low hanging fruit Evaluate technologies (e.g. ECM considerations) File plan Folder & file naming convention Email folder structure Periodic output to PDF/A for structured e-records Policies Address cloud contracts, social media, preservation, etc.
LAST WORDS OF ADVICE
Conclusions Integrate into overall RM program Develop policies to guide RM program Procedures for day-to-day activities Integrate ERM into normal course of business Senior official s support required Develop e-records file plan Make the best use of technology Partner with IT Build functionality into your system
ERM Benefits Reduces risk & compliance costs Demonstrate compliance; facilitates discovery Improves staff efficiencies Reduce time searching for records Supports business continuity Identifies essential records for protection Facilitates sharing of information Reduces redundant copies