LISTSERV mailing list manager LISTSERV 15.5

Help for RECMGMT-L Archives

RECMGMT-L Archives

RECMGMT-L Archives


View:

Next Message | Previous Message
Next in Topic | Previous in Topic
Next by Same Author | Previous by Same Author
Chronologically | Most Recent First
Proportional Font | Monospaced Font

Options:

Join or Leave RECMGMT-L
Reply | Post New Message
Search Archives


Subject: So, ULTIMATELY who is responsible for compliance with policy in your organization?
From: Lawrence Medina <[log in to unmask]>
Reply-To:Records Management Program <[log in to unmask]>
Date:Sun, 2 Mar 2003 15:10:07 -0800
Content-Type:text/plain
Parts/Attachments:
Parts/Attachments

text/plain (76 lines) 


Just to start the week off on the right foot...

I guess all the news stories in RAIN and the
discussion about Electronic Records here (again) has
gotten me to thinking about this.

As the Records Manager, Records and Information
Manager, Information Assurance Officer or whatever
your titles are (and/or the person/s you report to
are) SOMEONE in your organization is ultimately
responsible for ensuring your organization is meeting
it's contractual obligations and/or is in compliance
with all the governing rules and regulations regarding
records retention.

"We" are typically responsible for day-to-day
management of the program, keeping up with all of the
trends and legal dealings that may affect how we
manage our functions, but SOMEONE in our organizations
are the person who will be called upon to answer the
subpoena when (if) one is issued if there are concerns
regarding how the organization interpreted the
requirements  regarding adequacy of the operation.

Do most of us report directly to that person, or are
they a few levels above you, or are they possibly in a
COMPLETELY DIFFERENT part of the organization than you
and you never have any direct contact with them?

Are they familiar with the organization's retention
schedule (or do they even know there is one) and are
they able to periodically evaluate (or have someone
evaluate) how well the organization is complying with
the schedule?

Do they understand there may be a concern that while
your organization is doing an adequate (or better) job
of managing it's physical information assets, it may
not have ANY CONTROL WHATSOEVER over it's electronic
information assets?

Do they have responsibility for the part of the
organization that extracts data from servers and
manages the backup tape library, which is a "mirrored
collection" of information that exists on desktops and
elsewhere throughout the organization?

Are they aware that they should be concerned the
organization may be viewed at some time during an
investigation of "selective destruction" because
although they have a retention schedule, it isn't
applied to the electronic records in the same manner
it's applied to their paper records counterparts?

Are they aware that during a "discovery process" the
organization may have to spend a considerable amount
of money producing records that exist in electronic
format  on desktops, servers and/or in serially
created backup tapes, simply because they have written
policies and procedures that ensure these backups are
generated and there is no procedure to keep
information of "like retention periods" isolated from
one another?

Do they know that having a records management policy
means that it applies to ALL RECORDS, regardless of
media, form or format and that efforts should be made
to ensure ALL RECORDS are being managed in accordance
with stated policies?

Just wondering...

Larry

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance

Back to: Top of Message | Previous Page | Main RECMGMT-L Page

Permalink


LISTS.UFL.EDU

CataList Email List Search Powered by the LISTSERV Email List Manager