Records management

From Wikipedia, the free encyclopedia

Jump to: navigation, search

Records management, or RM, is the practice of maintaining the records of an organisation from the time they are created up to their eventual disposal. This may include classifying, storing, securing, and destruction (or in some cases, archival preservation) of records.

A record can be either a tangible object or digital information: for example, birth certificates, medical x-rays, office documents, databases, application data, and e-mail. Records management is primarily concerned with the evidence of an organization's activities, and is usually applied according to the value of the records rather than their physical format.

Contents

[edit] Definitions of records management

In the past, 'records management' was sometimes used to refer only to the management of records which were no longer in everyday use but still needed to be kept - 'semi-current' or 'inactive' records, often stored in basements or offsite. More modern usage tends to refer to the entire 'lifecycle' of records - from the point of creation right through until their eventual disposal.

The ISO 15489: 2001 standard defines records management as "The field of management responsible for the efficient and systematic control of the creation, receipt, maintenance, use and disposition of records, including the processes for capturing and maintaining evidence of and information about business activities and transactions in the form of records".

The ISO defines records as "information created, received, and maintained as evidence and information by an organization or person, in pursuance of legal obligations or in the transaction of business". The International Council on Archives (ICA) Committee on Electronic Records defines a record as "a recorded information produced or received in the initiation, conduct or completion of an institutional or individual activity and that comprises content, context and structure sufficient to provide evidence of the activity."

[edit] Practicing records management

The practice of records management may involve:

  • Planning the information needs of an organisation
  • Identifying information requiring capture
  • Creating, approving, and enforcing policies and practices regarding records, including their organize and disposal
  • Developing a records storage plan, which includes the short and long-term housing of physical records and digital information
  • Identifying, classifying, and storing records
  • Coordinating access to records internally and outside of the organization, balancing the requirements of business confidentiality, data privacy, and public access.
  • Executing a retention policy on the disposal of records which are no longer required for operational reasons; according to organizational policies, statutory requirements, and other regulations this may involve either their destruction or permanent preservation in an archive.

Records management principles and automated records management systems aid in the capture, classification, and ongoing management of records throughout their lifecycle. Such a system may be paper based (such as index cards as used in a library), or may be a computer system, such as an electronic records management application.

ISO 15489:2001 states that records management includes:

  • setting policies and standards;
  • assigning responsibilities and authorities;
  • establishing and promulgating procedures and guidelines;
  • providing a range of services relating to the management and use of records;
  • designing, implementing and administering specialized systems for managing records; and
  • integrating records management into business systems and processes.

[edit] Managing physical records

Managing physical records involves different disciplines and may draw on a variety of forms of expertise.

Records must be identified and authenticated. This is usually a matter of filing and retrieval; in some circumstances, more careful handling is required.

Identifying records
If an item is presented as a legal record, it needs to be authenticated. Forensic experts may need to examine a document or artifact to determine that it is not a forgery, and that any damage, alteration, or missing content is documented. In extreme cases, items may be subjected to a microscope, x-ray, radiocarbon dating or chemical analysis. This level of authentication is rare, but requires that special care be taken in the creation and retention of the records of an organization.
Storing records
Records must be stored in such a way that they are accessible and safeguarded against environmental damage. A typical paper document may be stored in a filing cabinet in an office. However, some organisations employ file rooms with specialized environmental controls including temperature and humidity. Vital records may need to be stored in a disaster-resistant safe or vault to protect against fire, flood, earthquakes and conflict. In extreme cases, the item may require both disaster-proofing and public access, such as the original, signed US Constitution. Civil engineers may need to be consulted to determine that the file room can effectively withstand the weight of shelves and file cabinets filled with paper; historically, some military vessels were designed to take into account the weight of their operating procedures on paper as part of their ballast equation[citation needed] (modern record-keeping technologies have transferred much of that information to electronic storage). In addition to on-site storage of records, many organizations operate their own off-site records centers or contract with commercial records centers.
Circulating records
Tracking the record while it is away from the normal storage area is referred to as circulation. Often this is handled by simple written recording procedures. However, many modern records environments use a computerized system involving bar code scanners, or radio-frequency identification technology (RFID) to track movement of the records. These can also be used for periodic auditing to identify unauthorized movement of the record.
Disposal of records
Disposal of records does not always mean destruction. It can also include transfer to a historical archive, museum, or private individual. Destruction of records ought to be authorized by law, statute, regulation, or operating procedure, and the records should be disposed of with care to avoid inadvertent disclosure of information. The process needs to be well-documented, starting with a records retention schedule and policies and procedures that have been approved at the highest level. An inventory of the records disposed of should be maintained, including certification that they have been destroyed. Records should never simply be discarded as refuse. Most organizations use processes including pulverization, paper shredding or incineration.

[edit] Managing electronic records

The general principles of records management apply to records in any format. Digital records (almost always referred to as electronic records) raise specific issues. It is more difficult to ensure that the content, context and structure of records is preserved and protected when the records do not have a physical existence.

Functional requirements for computer systems to manage electronic records have been produced by the US Department of Defense[1], the National Archives of England & Wales[2] and the European Commission,[3] whose Moreq specification has been translated into at least twelve languages[4] and is used beyond the borders of Europe. Development of MoReq was initiated by the DLM Forum[5], funded by the European Commission.[6]

Particular concerns exist about the ability to access and read electronic records over time, since the rapid pace of change in technology can make the software used to create the records obsolete, leaving the records unreadable. A considerable amount of research is being undertaken to address this, under the heading of digital preservation. The Public Record Office Victoria (PROV) located in Melbourne, Australia published the Victorian Electronic Records Strategy (VERS) which includes a standard for the preservation, long-term storage and access to permanent electronic records. The VERS standard has been adopted by all Victorian Government departments. A digital archive has been established by PROV to enable the general public to access permanent records.

[edit] Current issues in records management

As of 2005, records management has increased interest among corporations due to new compliance regulations and statutes. While government, legal, and healthcare entities have a strong historical records management discipline, general record-keeping of corporate records has been poorly standardized and implemented. In addition, scandals such as the Enron/Andersen scandal, and more recently records-related mishaps at Morgan Stanley, have renewed interest in corporate records compliance, retention period requirements, litigation preparedness, and related issues. Statutes such as the US Sarbanes-Oxley Act have created new concerns among corporate "compliance officers" that result in more standardization of records management practices within an organization. Most of the 90s has seen discussions between records managers and IT managers, and the emphasis has expanded to include the legal aspects, as it is now focussed on compliance and risk.

Privacy, data protection, and identity theft have become issues of interest for records managers. The role of the records manager to aid in the protection of an organization's records has often grown to include attention to these concerns. The need to ensure that certain information about individuals is not retained has brought greater focus to records retention schedules and records destruction.

The most significant issue is implementing the required changes to individual and corporate culture to derive the benefits to internal and external stakeholders. Records management is often seen as an unnecessary or low priority administrative task that can be performed at the lowest levels within an organization. Publicised events have demonstrated that records management is in fact the responsibility of all individuals within an organization and the corporate entity.

Related topics of current note include: information lifecycle management and enterprise content management.

[edit] Education and certification

Many colleges and universities offer degree programs in library and information sciences which cover records management. Furthermore, there are professional organizations such as the Records Management Association of Australasia (RMAA) and the Institute of Certified Records Managers which provides a separate, non-degreed, professional certification for practitioners, the Certified Records Manager designation or CRM. Additional educational opportunities in the form of a certificate program are also available from AIIM International, ARMA, and from the Records Management Society in Great Britain and Ireland. Education and training courses and workshops on scientific and technical records full lifecycle management and the Quality Electronic Records Practices Standards (Q-ERPS) are available from the Collaborative Electronic Notebook Systems Association (CENSA). The University of South Australia offers a Graduate Certificate, a Graduate Diploma, and an MSc in Business Information Management and Library and Information Management with a specialist stream in records management.

[edit] Electronic records management systems

An electronic records management system (ERM) is a computer program (or set of programs) used to track and store records. The term is distinguished from imaging and document management systems that specialize in paper capture and document management respectively. ERM systems commonly provide specialized security and auditing functionalities tailored to the needs of records managers.

The National Archives and Records Administration (NARA) has endorsed the U.S. Department of Defense standard 5015.2 as an "adequate and appropriate basis for addressing the basic challenges of managing records in the automated environment that increasingly characterizes the creation and use of records."[7][8] Records Management Vendors can be certified as compliant with the DoD 5015.2-STD after verification from the Joint Interoperability Test Command which builds test case procedures, writes detailed and summary final reports on 5015.2-certified products, and performs on-site inspection of software.[9]

The National Archives in the UK has published two sets of functional requirements to promote the development of the electronic records management software market (1999 and 2002).[10] It ran a program to evaluate products against the 2002 requirements. While these requirements were initially formulated in collaboration with central government, they have been taken up with enthusiasm by many parts of the wider public sector in the UK and in other parts of the world. The testing program has now closed; The National Archives is no longer accepting applications for testing. The National Archives 2002 requirements remain current.

The European Commission has published "MoReq," the Model Requirements for Electronic Records and Document Management in 2001.[11] Although not a formal standard, it is widely regarded and referred to as a standard[12][13][14][15][16]. This was funded by the Commission’s IDA program, and was developed at the instigation of the DLM Forum. A major update of MoReq, known as MoReq2, was published in February 2008.[17] This too was initiated by the DLM Forum and funded by the European Commission, on this occasion by its IDABC program (the successor to IDA).[18] A software testing framework and an XML schema accompany MoReq2; a software compliance testing regime was agreed at the DLM Forum conference in Toulouse in December 2008.

The National Archives of Australia (NAA) published the Functional Specifications for Electronic Records Management Systems Software (ERMS)[19], and the associated Guidelines for Implementing the Functional Specifications for Electronic Records Management Systems Software, as exposure drafts in February 2006.[20]

Archives New Zealand published a 'discretionary best practice' Electronic Recordkeeping Systems Standard (Standard 5) in June 2005,[21] issued under the authority of Section 27 of the Public Records Act 2005.[22]

[edit] Commercial records centers

Commercial records centers are facilities which specialize in the storage of paper and electronic records for organizations. Commercial records centers provide high density, secure storage for paper records and can provide climate controlled storage for sensitive non-paper media. The trade organization for commercial records centers is PRISM International.

[edit] See also

[edit] References

[edit] External links

Personal tools