Electronic Records Management

advertisement
Electronic Records Management
ERM 101
Dana D. Simpson, CRM
Vice President and Manager
Records and Information Management
BBVA Compass Bank
Dana.Simpson@BBVACompass.com
Today’s Presentation





It’s ERM - 101
Open discussion
Informal atmosphere
All questions are good questions
If I don’t know the answer I will get you an
answer
General Housekeeping

Categorize/Classify yourself
–
–
–
–
Technical
Records Managers
Legal
Non participants
Records Management Listserv


RECMGMT-L (Records Management and
related topics)
To subscribe to the RECMGMT listserv:
–
–
–
Send an e-mail message to: listserv@lists.ufl.edu
In subject line of your message, type Subscribe
In the body of the message, type sub RECMGMTL Your Name


e.g. sub RECMGMT-L John Smith would subscribe
someone named John Smith.
DO NOT type in your e-mail address.
Electronic Records Management
Listserv


ERECS-L, (Management and Preservation of
Electronic Records)
To subscribe to the Electronic Records
Management Listserv:
–
send mail to
LISTSERV@LISTSERV.ALBANY.EDU with the
command: SUBSCRIBE ERECS-L
RIM Advice for Success
…According to Dana
1.
2.
3.
4.
5.
6.
7.
8.
A Record is a Record is a Record
Good is Good Enough
Do your homework. Just because it has feathers
doesn’t mean it’s a duck
Never drink from a fire hose
Read! Now read some more
Credibility is everything
Document, Document, Document
Be consistent!
Records and Information Management
Administration
IT
Records and
Information Management
Risk
Compliance
Legal
Physical
Security
Electronic
What is Electronic Records
Management?


Records Management is the systematic
process of analyzing and controlling data in
all formats (paper, photographic, electronic)
See #1 A Record is a Record is a Record
Manage electronic records with or without an
EDRM system
See #2 Good is Good Enough
Does ERM include Email? Yes




Email creates an electronic document
Email is the most difficult data to manage
Email is the most prolific type of data
Email is the most sought after data in
litigation
What about Duplicate and Draft
Electronic Documents?
Duplicates


Replicates the content and functionality of the official
copy
May or may not be in same format or medium as the
official copy
Drafts


Preliminary version of a document. May contain
information that is omitted from or otherwise different
than information contained in the final version
When created in the preparation of company records,
the final version is considered the official copy for
retention purposes
What are the Benefits of ERM?




Financial
Compliance
Risk
Operational
Rewards
REDUCE RISK
INCREASE COMPLIANCE
1. Laws and
Regulations
2. Policies and
Procedures
INCREASE EFFICIENCIES
1. Data Discovery
2. Information Lifecycle
3. Forms and Reports
Management
1. Litigation
2. Reputation
REDUCE OPERATING
COST
1. Records Storage
2. Records Maintenance
3. Enterprise contracts
and centralized
management
Where to Begin
Build a Solid
Foundation
Foundation
With or Without EDRMS


Policies and Procedures
Define Responsibilities
–




IT, RIM, LOB/User (see example)
Define Your Approach
Categorization (see example)
Metadata
RIM Credibility
Policies and Procedures

Must be written and published
–
–
–
–
–
–
–
–
Company Ownership
Retention of Company Records
Duplicate Records and Drafts
Destruction of Company Records
Access to Company Records
Protection of Vital Records
Retention of Electronic Messages
Media Handling and Disposal Policy
See #7 Document, Document, Document
Define Responsibilities for Each
Policy and Procedure



Information Systems and Technology (IS&T)
Records and Information Management (RIM)
Employee/Manager/Line of Business (LOB)
See #7 Document, Document, Document
Define Your Approach

Example: Managing Email
–
–
–
–
–
Do nothing
Keep everything forever
Big Buckets – delete all messages older than 2
years
Use mailbox quotas – force users to delete
regardless of content
Declare it a record and manage accordingly

See #1 A Record is a Record is a Record
Classification/Categorization


SAM=Sales and Marketing
ADM=Administration\Facilities
Classifying products and standardizing
descriptors also helps in finding it later
Example of a classification “system”
–
Made up of codes (letters or numbers)

UPC – Universal Product Code
–
Food, Health, Automotive parts
Using Categories/Classification
To:
Dana Simpson
From:
Cindy Trinidad
Subject:
SAM
Attachment:SWRGiftCards.pdf
Dana,
Here is the latest product idea for the southwest region.
With your approval we will begin offering on Oct 1, 2010.
Controlled Vocabulary




A restricted list of words
Used to categorize or label
Ideal for Corporations where lots of people
use the list (for use in metadata fields like
“subject” of an email)
Controlled Vocabulary vs Free Tagging
See #8 Be consistent
Hooray for Consistency!
Taxonomy (Type of Controlled Vocabulary)


The word actually means “The science of
classifying/categorizing things”
Hierarchical structure that share similar
characteristics
–
Industry

Financial Services
–
–
–


Banking
Insurance
Wealth Management
Health Care
Manufacturing
Thesauri

Type of controlled vocabulary that is very
structured and provides relationships
between words
–
–
–
Hierarchical (broadens or narrows a term)
Associative (related but non-hierarchical)
Equivalence (use – synonyms and near
synonyms)
Hierarchical Thesauri

Shows how words relate as they broaden or
narrow (start with a broad class and use
narrow term - NT or broad term - BT to show
relation)
–
Automobiles

Cars
–

2 door
 Red
Trucks
Associative Thesauri

Related terms - shows relationships across
hierarchies
–
–
–
Category (group, class, type)
Class (category, group, rank)
Type (category, class, kind)
Equivalence Thesauri

Synonyms indicating the preferred term
–
Aged person

–
Bovine

–
Use: elderly person
Use: cow
Home loan

Use: mortgage
Metadata





Legal needs for
ediscovery
RIM needs for
disposition
IT needs for archiving
Proves authenticity and
ownership
Provides guidance to
consultants and system
designers



Provides a rich
description of
information (Who What
When Where Why)
Automate as much as
possible
Publish a controlled
vocabulary or thesauri
RIM Credibility


Credibility=Trustworthiness and Expertise
Program Credibility
–

Personal Credibility
–
–
–

Customized and comprehensive
Know your stuff
Know when to bring in experts
Never over-promise or over-commit
See # 1, 2, 3, 4, 5, 6, 7, 8
Standards
ERMS Standards

DOD 5015.2
–
–
–
–
Functional requirements for systems to manage
electronic records
This is the only standard we have
Use this standard to find potential vendors then
do your homework
See # 3, 5


Do your homework. Just because it has feathers…
Read! Now read some more
Data/Content
Management








Storage
Versioning
Metadata
Security
Indexing
Retrieval
Workflow
Collaboration
Records
Management








Creation
Maintenance
Use
Identifying
Categorizing
Archiving
Preserving
Disposition
ISO

ISO=International Organization for
Standardization
–
–
National Standards Institutes from 163 countries
Made up of member bodies (subject)

Technical committees are created
TR and TS


TR= Technical Report
TS= Technical Specifications
ISO 15489
ISO/TR 15489 -2


Part 1 General – specifies the fundamentals
of records management and defines the
results to be achieved
Part 2 Guidelines – Implementation guide to
Part 1. One methodology to accomplish ISO
15489-1
See #5 Read. Now read some more!
TR48-2004

Framework for Integration of Electronic
Document Management Systems and
Electronic Records Management Systems
–
EDMS plus ERMS equals EDRMS
ISO/TS 23081-1 (Metadata)

Part I Principles
–
–
–

Information and documentation
Records management processes
Metadata for records
Guide to:
–
–
–
–
Understanding metadata
Implementing metadata
Using metadata
All within the framework of ISO 15489
Narrow the Target
Need to know…

Determine data type within your organization
–
–

Structured
Unstructured
Determine the risk of NOT managing
Structured versus Unstructured
(type of data)

Databases

SQL
Oracle

–
–

XML format
(spreadsheet)
Email
Shared Drive
Decisions

Prioritize by Risk (review data map)
–


Big surprise here - usually turns out to be Email
Define your approach
To use ERMS or not
Data Map of Email
General Principles
With permission - Slide created by Jesse Wilkins, Access Sciences




Email management is part of time
management
Email is a medium, not an action
Email should not be used for everything
Email should be kept as long as needed –
and no longer
Who captures the message?
With permission - Slide created by Jesse Wilkins, Access Sciences

YOU have to capture an email:
–
–

You receive from outside the organization
You send, either internally or to someone outside
the organization
Designate someone to capture messages
sent to groups/lists
Emails that are not captured
With permission – Slide created by Jesse Wilkins, Access Sciences




Transitory messages that are not timely
Personal messages unrelated to business
“Me-too” messages
Messages already captured by someone
else
Non ERMS Repository




Mailbox
Userhome or shared drive
File drawer
Trash
ERMS Repository

User categorizes mail
–
If it’s a record - Mail moves to content repository

–
If it’s not a record - Mail remains on server


Mail is managed according to server rules
Legal can perform ediscovery
–

Mail is kept according to retention schedule
Place records on hold
RIM can run reports and assist with
managing
According to AIIM - Association for
Information and Image Management
“…removing emails from the server and
saving them to a repository isn’t enough.
Email must be classified, stored, and
destroyed consistent with business
standards-just as any other document or
record.”
Foundation
With or Without EDRMS






Policies and Procedures
Define Responsibilities
Define Your Approach
Categorization
Metadata
RIM Credibility
Download