1 / 26

Long Term Storage Paper versus Electronic

This article explores the common characteristics of information management programs, the concept of "Unified Records Management," and provides guidelines for making long-term storage decisions.

dhutson
Download Presentation

Long Term Storage Paper versus Electronic

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Long Term Storage Paper versus Electronic INFORMATION MANAGEMENT Alan Wheelock Iron Mountain Consulting Services October 17, 2012

  2. What do these words have in common? • Glamorous • Romantic • Captivating

  3. None of them pertain to our industry!

  4. Despite that sobering truth . . .

  5. Common Characteristics of Information Management Programs these Days …… • 72% of organizations stated that they are ‘very committed’ to RIM improvement • But 72% have no strategic plan • 80% now have Formal RIM Policies • But 63% are inconsistent in their application of the Policies!

  6. … and • Only 43% of companies believe that they have a legally credible retention schedule in place • Only 37% of companies say that their P&P’s are consistently applied • Only 15% of companies have a formal , consistent audit and review of their RIM policies and procedures

  7. The Cart Can’t Come Before the Horse INFORMATION MANAGEMENT

  8. Prior to Making Long Term Storage Decisions Prerequisites • Form and consistently convene an Information Governance Steering Committee • Bring your program to the appropriate ‘maturity’ level • Consider the concept of “Unified Records Management” as the basis for your “go forward” strategy

  9. So, What’s “Unified Records Management”??

  10. Unified Records Management Establish a foundation Unify physical records Unify electronic records • 77% have formal, policy-driven processes to protect private information from unauthorized or inadvertent access • 83% report that they are unable to locate hardcopy records when needed, due in large part to the fact that not all records, across all locations, are indexed • Only 35% say they can classify and index user-created electronic records at time of creation or later in their lifecycle

  11. Unified Records Management Unified Records Management

  12. XYZ Corp Records Data Analysis IM Connect Usage: 33%

  13. What does Good Look Like? IM Connect Usage: 87% This is a real IM client

  14. Records Aging Analysis Records More than 10 years old XYZ Corp: 36% Sample Customer: 18.3%

  15. Policy and Procedures • Include electronic records management based on: • ISO Standard 15489 – Records Management • NARA Policy/Guidelines • ARMA’s Generally Accepted Recordkeeping Principles (GARP) • Model Requirements for the Management of Electronic Records (MoReq2) • Include social network usage • Facebook • Twitter • Blogs • Wikis • Reconcile with Info Sec and Info Privacy policies • Personally Identifiable Information (PII) • Payment Card Industry (PCI) • Personal Health Information (PHI)

  16. Assess your Schedule • Age • Legal research date • Mergers/acquisitions/divestitures • Construction • Size: trend is bigger “buckets” • Orientation (function is best practice) • eRecords inclusion • 90% business records are electronic • Global requirements • Enterprise-wide is best practice • Adoption and compliance • Consistency leads to defensibility Consider development of “e-version” to facilitate management of electronic records

  17. Apply retention to paper records • On-site: active/inactive • Conduct periodic “clean-up” or “compliance” days • Institute a “System of Record” to manage active records • Establish a process to transition records from active to inactive • Off-site • Classify cartons according to Retention Schedule • Calculate destruction eligibility • Institute formal destruction authorization/certification process • Use ROI to fund other Records and Information Management projects • Imaged originals • Determine which need to be kept in paper format to satisfy state or federal authorities • Consider long-term retention requirements for imaged records (explore alternative media) • Institute consistent destruction of originals, when permissible

  18. Apply retention to structured records • Use risk-based approach • Determine risk categories based on litigation, investigation, FOIA requests, and audit profile • Prioritize based on potential for fines, sanctions, damage to brand , growth • Assess applications • Identify high-risk business processes / work flows • Compare records management functionality to best practice • Develop plan for filling gaps • Apply macro rules for destruction • Apply “haystack” rules based on function to determine destruction eligibility • Protect preservation of “held” data Collaborate with Legal, IT, Compliance, and Records Management

  19. Apply retention to unstructured records • SharePoint 2010 • Enforce governance for site creation/provisioning • Establish rules in Retention Center • Use Schedule terms in Content Hub • Provide pre-tagged templates • File Shares • Provide alternative (SharePoint, ecrm) • Establish department level foldering consistent with Schedule • Desktops/laptops • Protect content (PII, IP) using technology Consider auto-classification tools for legacy “clean-up” Provide employee training and awareness

  20. Apply retention to e-mail • Use archive (on premises or in cloud) • Move off active email server • Enhance search capabilities for early case assessment, FOIA, etc. • De-dupe • Terminate use of PST and NSF files • Filter and classify • Identify non-record formats • Use role-based classification • Leverage Active Directory • Accommodate filers and pilers • Use auto-classification • Destroy • Calculate destruction eligibility of archived e-mail 80% of responsive data for discovery is email Archive

  21. Long Term Storage Considerations Electronic Signatures in Global and National Commerce Act (‘E-SIGN’ Act) • In place since 2000 • Has a host of rules related to retention • Must be an accurate representation of the record • Remains accessible to all persons entitled to access it • In a form that is capable of being accurately reproduced. Uniform Electronic Transactions Act (“UETA”) • In place since 1999 • Adopted by 47 states

  22. Long Term Storage Considerations (cont) • E-Sign excludes several significant categories of transactions/records; • Laws governing wills, codicils, or testamentary trusts • Laws governing adoption, divorce, or other matters of family law • Cancellations of utility services, health or life insurance benefits • Recall notices on a product that effects health or safety • Notices regarding evictions, foreclosures, repossessions, etc. • Court proceedings documents

  23. Additional Decision Considerations Paper is a very cost effective media for long term storage • Format remains universally accessible and readable. • Long term storage of paper is far cheaper that digitizing. • Can be quickly digitized if the need arises. • Can be digitized (imaged) on demand if records periodically become active Vital records are typically retained in paper and microfilm versus electronic When planning for Long Term archival storage of electronic records, consider: • Accuracy and integrity of the e-version • Future accessibility particularly as it pertains to discovery and regulation. • The impact of technological change

  24. IMPLEMENTATION FAILURETHE most common cause for a failed program, and undoubtedly the biggest barrier to making sound Long Term Storage Decisions • Failure typically traced to: • Lack of a permanent steering committee • Lack of a dedicated RIM management person or team • Lack of senior management commitment • Lack of accountability + audit • Lack of maintenance and continuous improvement

  25. Questions & Answers INFORMATION MANAGEMENT

More Related