RECORDS MANAGEMENT RECORDS MANAGEMENT SERVICES

Similar documents
Records Information Management

DIRECTIVE ON RECORDS AND INFORMATION MANAGEMENT (RIM) January 12, 2018

Cellular Site Simulator Usage and Privacy

SPRING-FORD AREA SCHOOL DISTRICT

UTAH VALLEY UNIVERSITY Policies and Procedures

The City of Mississauga may install Closed Circuit Television (CCTV) Traffic Monitoring System cameras within the Municipal Road Allowance.

Southington Public Schools

Community Unit School District No. 1. School Board

Record Retention Policies: How Long Do We Keep This Record? Pari J. Swift, CRM, Senior Records Manager

RECORDS MANAGEMENT AND YOU

2016 SC REGIONAL HOUSING AUTHORITY NO. 3 S EIV SECURITY POLICY

Records Retention 101 for Maryland Clerks

New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines

Gramm Leach Bliley Act 15 U.S.C GLBA/HIPAA Information Security Program Committee GLBA, Safeguards Rule Training, Rev.

Ashford Board of Education Ashford, Connecticut POLICY REGARDING RETENTION OF ELECTRONIC RECORDS AND INFORMATION

Records Management and Retention

UTAH VALLEY UNIVERSITY Policies and Procedures

RECORDS AND INFORMATION MANAGEMENT AND RETENTION

4.2 Electronic Mail Policy

Supersedes Policy previously approved by TBM

How Long to Keep Records & Legally Dispose of Them. Virginia Fritzsch Public Records Archivist Wisconsin Historical Society

INFORMATION TECHNOLOGY DATA MANAGEMENT PROCEDURES AND GOVERNANCE STRUCTURE BALL STATE UNIVERSITY OFFICE OF INFORMATION SECURITY SERVICES

DATA BACKUP AND RECOVERY POLICY

Virginia State University Policies Manual. Title: Information Security Program Policy: 6110

Chapter 1B-26, Florida Administrative Code RECORDS MANAGEMENT - STANDARDS AND REQUIREMENTS Electronic Recordkeeping

SECURITY & PRIVACY DOCUMENTATION

PCI Compliance and records management

CARROLL COUNTY BOARD OF DEVELOPMENTAL DISABILITIES

Afilias DNSSEC Practice Statement (DPS) Version

TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS

WHEATON COLLEGE RETENTION POLICY May 16, 2013

Information Security Policy

Use of Controlled Substances in Research

POLICY TITLE: Record Retention and Destruction POLICY NO: 277 PAGE 1 of 6

RPR CRITERIA AND FORMATS

Farmingdale State College Records Management Training PRESENTED BY DOROTHY HUGHES INTERNAL CONTROL OFFICER AND RECORDS MANAGEMENT OFFICER

Subject: University Information Technology Resource Security Policy: OUTDATED

Learning Management System - Privacy Policy

Recommendations for Implementing an Information Security Framework for Life Science Organizations

CARROLL COUNTY PUBLIC SCHOOLS ADMINISTRATIVE REGULATIONS BOARD POLICY EHB: DATA/RECORDS RETENTION. I. Purpose

8/28/2017. What Is a Federal Record? What is Records Management?

PSAB Supplement 21 Records Retention and Disposition

RECORDS WWU: . WWU Archives & Records Management Tony Kurtz x3124 Rachel Thompson x6654

University Information Technology Data Backup and Recovery Policy

Data Storage, Recovery and Backup Checklists for Public Health Laboratories

Records Retention Policy

Identity Theft Prevention Policy

Frequently Asked Questions Related to The Arkansas General Records Retention Schedule

ADIENT VENDOR SECURITY STANDARD

SOUTHERN CALIFORNIA EDISON COMPANY

RI AND RF CRITERIA AND FORMATS

Records Management at MSU. Hillary Gatlin University Archives and Historical Collections January 27, 2017

Retention Denise Szabo, RMC/MMC MCANJ for NJLM November 13, 2018

The date when this policy is posted to the online Company Policy Manual and communicated to all business lines: December 14, 2012

Refreshing Your Records Management. Tracy Rebstock, Southwest Regional Archivist

Management: A Guide For Harvard Administrators

U.S. Department of Health and Human Services (HHS) The Office of the National Coordinator for Health Information Technology (ONC)

Information Security Incident Response Plan

Policy and Procedure: SDM Guidance for HIPAA Business Associates

Development of your Company s Record Information System and Disaster Preparedness. The National Emergency Management Summit

Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud

5/6/2013. Creating and preserving records that contain adequate and proper documentation of the organization.

Red Flags/Identity Theft Prevention Policy: Purpose

Managing Records in Electronic Formats. An Introduction

Policies and Procedures

Trust Services Principles and Criteria

"PPS" is Private Practice Software as developed and produced by Rushcliff Ltd.

Office of Presidential Libraries; Proposed Disposal of George H.W. Bush and Clinton. Agency: National Archives and Records Administration (NARA)

Records Retention 101 for Local Government Agencies. Overview

IRM Standard 20, Version 1.3. Title: Minnesota Recordkeeping Metadata Standard. Table of Contents

ORA HIPAA Security. All Affiliate Research Policy Subject: HIPAA Security File Under: For Researchers

Washington State Archives Public Records Management for Conservation Districts

NASCIO Recognition Award Nomination. Title: Central Issuance of State Drivers Licenses. Category: Digital Government Government to Citizen

REVIEW OF MANAGEMENT AND OVERSIGHT OF THE INTEGRATED BUSINESS MANAGEMENT SYSTEM (IBMS) January 16, 2009

NORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers

Records Retention Schedule

RE: Preservation of video recordings 1 message

MICRO-ENTERPRISE CREDENTIAL TRACKING AGREEMENT

PRIVACY STATEMENT +41 (0) Rue du Rhone , Martigny, Switzerland.

Administrative Policies and Procedures

University Information Systems. Administrative Computing Services. Contingency Plan. Overview

Information Security Data Classification Procedure

Security Policies and Procedures Principles and Practices

Records Retention Training

SECTION 10 CONTRACTING FOR PROFESSIONAL SERVICES CONSULTANT COMPETITIVE NEGOTIATION ACT (CCNA)

HIPAA Compliance Checklist

2. What is Personal Information and Non-Personally Identifiable Information?

AAPA. Legal Issues and Record Retention. SML, Inc. Steve M. Lewis, President and CEO

PS Mailing Services Ltd Data Protection Policy May 2018

Rules of the Road for Scanning and Tossing. Imaging Requirements for Paper Based Records

Information technology security and system integrity policy.

RECORD RETENTION POLICY

REQUIREMENTS FOR PILOT ESCORT QUALIFIED TRAINING AND CERTIFICATION PROGRAMS

Is your privacy secure? HIPAA Compliance Workshop September Presented by: Andrés Castañeda, Senior Manager Steve Nouss, Partner

HIPAA Security Rule Policy Map

Sparta Systems TrackWise Digital Solution

Protecting Personally Identifiable Information (PII) Privacy Act Training for Housing Counselors

Information Technology Access Control Policy & Procedure

Open Data Policy City of Irving

Information Security Incident Response Plan

Transcription:

RECORDS MANAGEMENT DEPARTMENT OF THE TREASURY, DIVISION OF REVENUE AND ENTERPRISE SERVICES, RECORDS MANAGEMENT SERVICES RECORDS MANAGEMENT SERVICES Records Management Services, Division of Revenue and Enterprise Services, Department of the Treasury is the agency responsible for records management for all public agencies throughout the State of New Jersey. The Units s primary functions are: Records Management Imaging Registration Artemis 1

DESTRUCTION OF PUBLIC RECORDS ACT (PL 1953, C. 410): STATE RECORDS COMMITTEE The Destruction of Public Records Act (PL 1953, c. 410) created the State Records Committee (SRC) with having final authority over public records. State Records Committee Meetings are held every other month at the State Records Center. The SRC consists of representatives from: State Attorney General State Auditor State Treasurer Director of Division of Archives Director of Local Government Services/Department of Community Affairs WHAT IS A PUBLIC RECORD? Public records are records of activities, created on a daily basis, of an operating unit of government or an agent of government. These records are owned by the citizens. Any document, in any format, that has been created, maintained, or kept on file by the agency is a public record. Paper Microfilm Electronic Recordings (Tapes, CDs, Videos, etc.) Any information that a public agency generates or receives in the transaction of its official duties is a public record. These records may be subject to the OPEN PUBLIC RECORDS ACT (OPRA) Contact OPRA at 1-866-850-0511 2

RECORDS RETENTION SCHEDULE Detailed listing of the records maintained by an agency and the minimum legal and fiscal time periods they must be retained. The records retention schedule addresses: Legal, Fiscal & Administrative Value Records retention - how long the record must maintained (permanent, yearly, periodic review, as updated, after verification, etc.) Historical Record Final Disposition: Destroy, Archival Review, Archives 2 Types of Schedules: General schedules list record series that are common to most offices-e.g., correspondence, invoices, personnel files, etc. Agency Specific schedules list record series unique to a particular agency. 3

DAMAGED RECORDS - PREVENTION State and Local government agencies, districts and authorities are required by law to protect their records. A disaster prevention/recovery plan should be established before the disaster occurs. Damage can result from catastrophic events (a computer system crash, security breach, terrorist attack), or following damage to agency facilities due to as a acts of nature (floods, fires, hurricanes, earthquakes or or water leak.) A Prevention plan involves protection of records starting from their creation. It s records-proofing your office; making the office environment safe and protecting the records from damage or harm s way. Make these considerations when developing a plan: Records should be stored in areas that protect against damage or destruction from fire, water and other disasters. Consider temperature and climate controlled rooms, fire proof cabinets, pest control, etc. For computerized records and database systems, work with your information technology team to obtain off-site back-up and/or replication of records that are stored in digital format. Safeguarding privacy and security of records create authorization procedures and institute theft prevention measures. AN OUNCE OF PREVENTION IS WORTH A POUND OF CURE 4

DAMAGED RECORDS - RECOVERY Despite the steps taken to prevent damage to records, systems may fail and records will occasionally be damaged. A Recovery Plan will assist the agency that has been impacted by a disaster. In the aftermath of a disaster, once the facility is safe to enter, it is imperative that the agency conduct an assessment to determine the status of records. These are the initial and some of the most important steps to take: Consult with a qualified records restoration company to determine the extent of the damage and restoration costs. Review your insurance policy and determine your coverage. Obtain a master list of all damaged documents and apply appropriate records retention schedule. Determine if damaged records can be duplicated from other sources. Refer to Records Management Services website for additional information and relevant forms. http://www.state.nj.us/treasury/revenue/rms/disasterresponse.shtml RECORDS DISPOSAL DO NOT DESTROY WITHOUT APPROVAL! A request and authorization for Records disposal submitted through Artemis is required to document an official request for destruction by all state, county and municipal agencies. This process ensures that records earmarked for destruction are not needed by the agency in the transaction of its current business and do not appear to have sufficient administrative, legal, research or other value to warrant their continued preservation by the agency. All public records that contain private or confidential information shall require disposal by shredding, recycling, degaussing or deleting so that the information contained therein cannot be read or reconstructed. Proper authorization removes OPRA, Legal, and Fiscal Liabilities. Cost savings through reduced purchase and maintenance of real estate, equipment and supplies. Increases in efficiency and safety through the removal of unnecessary files, and reduces staff time allocated to managing unneeded files. 5

WHAT IS ARTEMIS? Artemis is a web based program designed to assist agencies with the Request and Authorization for Records Disposal, in a more efficient manner. Quicker Processing Time Less Data Entry Errors Access System Generated Reports Search Current Retention Schedules Designate Multiple Users Electronic Signatures for all agencies IMAGING All public agencies seeking to image their hardcopy public records must obtain an Imaging Certificate to ensure their compliance with the Public Records Laws and State Imaging Standards (N.J.A.C. 15:5-3). The system must be registered with the Division of Revenue and Enterprise Services Record Management Services. Any records with a retention of 10+ years must have an additional form of backup (approved migration path, microfilm or original paper). Quick and Effective Retrieval Space Savings Preservation Key Benefits File Integrity Security 6

AMENDED RULE CHANGES Title 15 of the New Jersey Administrative Code was amended to mark a new era in pubic records management. Major Changes Include: Imaging Systems are no longer certified. They now go through a Registration process and are approved by Records Management Services. PDF/A file format is now acceptable. Multi-Functional Devices (MFDs) with a secured log-in are acceptable. Elimination of hard copies and microfilm for those systems with an approved Migration Path. E-MAIL FOR COUNTY AND LOCAL GOVERNMENT An agency may use traditional general and agency-specific retention schedules when requesting authorization to dispose of email-based records, provided the requestors can attest that only the records series cited in the agency request (and no other types of records) are included. Alternately, the agency may use the general email record schedule item (0800-0001), to request disposition of E-Mail. Record Series (0800-0001): This schedule facilitates the management of E-Mail records of all kinds that pertain to routine administrative activities that are not otherwise classified by their record type. To use this schedule, agencies must attest that their E-Mail systems and general management practices incorporate elements designed to ensure soundness and accountability with respect to E-Mail records maintenance, access and destruction. Agencies must make these attestations each time they request authority, via ARTEMIS, to dispose of E-Mail in the general schedule category (Note 1). 7

Attestation elements include: That the agency s general records management program ensures that records with retention periods exceeding seven (7) years are held for the prescribed periods of time, in accessible form, in a records-keeping system(s) that is separate from the E-Mail system (Notes 2 and 3); That the E-Mail system used by the agency includes a central storage and management system for E-Mail that is separate from copies of E-Mail stored in the end-users email boxes, wherein only authorized information technology and/or records management staff control the disposition of E-Mail records stored in the centrally-managed system, includes provisions for administration of litigation holds and wherein individual end-users cannot delete email records from the central storage/management system (Note 2).; That the agency has adopted acceptable use polices for E-Mail and internet usage, with supporting employee training and/or informational programs; That the agency s system possesses security controls that guard against unauthorized access, use, modification, dissemination, disclosure and/or destruction of E-Mail records; and That the agency has back-up/disaster recovery services in place that allow for the restoration of E-Mail records following catastrophic or disruptive events. Note 1: Note 2: Note 3: An agency may dispose of E-Mail records sooner than the retention period in this schedule if the planned disposition action is in accordance with a specific general records schedule item. In each disposition request involving shorter term items, the agency will be required to attest that the disposition action includes only the type of record described in the records schedule item referenced in the request. For instance, a request to dispose of E-Mail described as internal correspondence must include an attestation that in fact, only E-Mail records of internal correspondence aged greater than one year (and no other types of records) are included in the request. Centrally managed E-Mail vaults and journals, cloud-based services, enterprise content management platforms and/or file shares may be used as separate records-keeping systems and for addressing the general requirement for central storage and management of E-Mail. Use of this General E-Mail schedule is not permitted if the agency creates/receives E-Mail messages and/or associated attachments with retention periods exceeding seven (7) years and does not store the items in a separate records-keeping system. 8

9

Records Management Services (RMS) http://www.state.nj.us/treasury/revenue/rms/index.shtml Liz Hartmann, Records Manager Records Analysts: John Berry Vilirie Perry James Jenkins Marcella Campbell 10

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback