Just to start the week off on the right foot...
I guess all the news stories in RAIN and the
discussion about Electronic Records here (again) has
gotten me to thinking about this.
As the Records Manager, Records and Information
Manager, Information Assurance Officer or whatever
your titles are (and/or the person/s you report to
are) SOMEONE in your organization is ultimately
responsible for ensuring your organization is meeting
it's contractual obligations and/or is in compliance
with all the governing rules and regulations regarding
"We" are typically responsible for day-to-day
management of the program, keeping up with all of the
trends and legal dealings that may affect how we
manage our functions, but SOMEONE in our organizations
are the person who will be called upon to answer the
subpoena when (if) one is issued if there are concerns
regarding how the organization interpreted the
requirements regarding adequacy of the operation.
Do most of us report directly to that person, or are
they a few levels above you, or are they possibly in a
COMPLETELY DIFFERENT part of the organization than you
and you never have any direct contact with them?
Are they familiar with the organization's retention
schedule (or do they even know there is one) and are
they able to periodically evaluate (or have someone
evaluate) how well the organization is complying with
Do they understand there may be a concern that while
your organization is doing an adequate (or better) job
of managing it's physical information assets, it may
not have ANY CONTROL WHATSOEVER over it's electronic
Do they have responsibility for the part of the
organization that extracts data from servers and
manages the backup tape library, which is a "mirrored
collection" of information that exists on desktops and
elsewhere throughout the organization?
Are they aware that they should be concerned the
organization may be viewed at some time during an
investigation of "selective destruction" because
although they have a retention schedule, it isn't
applied to the electronic records in the same manner
it's applied to their paper records counterparts?
Are they aware that during a "discovery process" the
organization may have to spend a considerable amount
of money producing records that exist in electronic
format on desktops, servers and/or in serially
created backup tapes, simply because they have written
policies and procedures that ensure these backups are
generated and there is no procedure to keep
information of "like retention periods" isolated from
Do they know that having a records management policy
means that it applies to ALL RECORDS, regardless of
media, form or format and that efforts should be made
to ensure ALL RECORDS are being managed in accordance
with stated policies?
List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance