Best
Practices for Document Management in an Emerging Digital Environment
Richard E. Barry, Barry Associates
[This paper was originally published in the Records
Management Bulletin, the journal of the Great Britain Records Management
Society (RMS),Issue No. 63, August 1994, p.11, and is republished here
with the kind permission of the publisher.]
Introduction
British
Common Law did not require or allow the use of written forms as evidence until
sometime after the Middle Ages. After
all, documents couldn't talk. Nor could
they take oaths. People who could talk,
and talk under oath, were seen to offer the most trustworthy evidence. That all changed, of course, with the dramatic increases in
commerce, changes in the use of documentation to reflect business transactions
following the Middle Ages, printing methods and corresponding changes in
literacy. Initially, records were
regarded as "hearsay" evidence or statements from sources other than
live people. Only in more modern times
have exceptions to the hearsay laws been adopted which permit records to be
used in evidence under specific conditions. There are two obvious but important messages
emanating from the original Common Law story that are as current and important
today as they were in early times -- the importance of jurisdiction and of trustworthiness
of documents, records and recordkeeping systems.
Jurisdiction
First decisions about electronic document and records, and their management
systems, must be taken in the context of the legal and administrative jurisdictions under which the public or
private enterprise must operate and the laws or rules governing that
jurisdiction. Simply stated, this
means that the management of electronic documents and records must comply with
applicable international, national and local legal codes, regulations,
treaties, agreements, established practices of the records and archives
professions (which vary among European, North American and other traditions)
and other applicable administrative rules which are not otherwise superseded by
legal requirements. For example, in the
U.S., the Federal Uniform Rules of Evidence provide that "any printout or
other output readable by sight, shown to reflect the data accurately, is an
'original.'" Similarly, Section 3 the Swedish Archives
Act of 1990 provides that "computer records which are available to several
authorities, thus constituting official records, shall only form archives at
one of these authorities, in the first instance the authority which is responsible
for the major part of such records."
Swedish National Archives orders concerning technical requirements on materials and methods for long term
preservation of records have been adapted to the corresponding rules within the
European Community.
For
purposes of this paper, jurisdiction is meant to embrace legal or
administrative governance boundaries in political or organizational terms and
the form of rules imposed by political or organizational entities. The former may include one or more of the following: international, religious, regional,
national, state or provincial, local (county, city, parish, town) or
organizational entities. The rules they
imposed may be in many forms: laws;
treaties or agreements; executive or religious orders; national archives
requirements; local codes and ordinances; organizational policies, directives
and procedures; commonly held professional standards, etc.
The
requirement to comply with established records laws and other rules is well
known and understood by most records managers and archivists. It is less well known or appreciated by
professionals in the information management and technology (IMT) field, because
this group traditionally has not had jurisdiction over, or interest in,
organizational paper records, and because the IMT tradition is one which
focuses more on media than on content, whereas the archivist and records
manager must worry about both. Too
frequently, both professions fail to understand the most important borderline
area between their professions:
designing good records management and archival practices into electronic
systems, in whatever form -- data, text, image, audio or video -- and in
whatever medium -- paper, microform, analog or digital.
If an
electronic document management system is being introduced by either the IMT or
records and archives management organizations in an enterprise, it is essential
that this be done with the consultation and involvement of the other, as well
as key users of enterprise records assets.
This is important for two reasons:
it may happen that certain documents which are copies of official
records will find their ways into a "vanilla" electronic document
management system (EDMS) that is not intended to meet the organization's
electronic records management (ERM) needs and, depending on jurisdiction, may
constitute an original and have to meet the same disposition requirements as
the original records; and because the common sense thing to do may be to use
the EDMS as the vehicle for managing electronic records. Either way, the IMT or records professional,
trying to do it alone, is walking down the slippery slope of legal requirements
which may be imposed by the legal jurisdiction under which the organization is
required to operate. This paper will
not deal further with the specifics of legal requirements for admissibility or
discovery of evidence under any particular jurisdiction. It will, however, address how jurisdiction
and rules fit into the shopping basket of "best practices" for
developing a trustworthy electronic records system.
Trustworthiness
Second, the early Common Law testifies to the
central importance of trustworthiness in the use of
information. In modern information
management terms, this refers to the capture, maintenance, preservation and
presentation of information. This is
important from a legal perspective, because trustworthiness is an essential
characteristic before information can be considered admissible in a court of
law as evidence. Moreover, the human
impact of the use of information in a court is potentially very far reaching in
both positive and negative senses of the terms. Trustworthiness is important from an administrative perspective
because of its implications for management accountability operational
continuity, and historical legacy and research. Records are kept for both legal and administrative purposes. The term "information" is used,
because documents (in the usual sense of the word) and records (in the records
management sense of the word) constitute subsets or instances of
information. This is important not just
from a theoretical perspective but because, as we enter the realm of electronic
documents, including records, the broader information management and technology
architecture of an organization must take fully into account the organization's
legal and operational needs for managing these assets. Often, they do not. Thus, the "best practices" needed
to create a defensible digital document and records management program
(including organization, policies, procedures, practices and human elements)
and system are in the aggregate all centered around one thing: being trustworthy, being seen to be trustworthy and, together,
being able to produce, or reproduce, information which can be trusted to be
used in the day-to-day operations of the organization, by the courts of the
land, and by future researchers and historians.
There
is a tendency to focus on how to make information systems rigorous enough to
withstand the scrutiny of the courts, which is what the remaining discussion of
"best practices" centers upon.
However, to ensure that information is trustworthy means that the
entirety of the information management program is credible. That goes well beyond the characteristics of
the information system(s) and not all of it is under the direct control of the
IMT manager, archivist or records manager.
It includes aspects of organizational culture; formal organizational
arrangements for the management of documents; the clarity of responsibilities;
policies, procedures and practices that are in place; and the number, quality,
skills mix and proficiency of the people responsible for husbanding an
organization's information assets. It
is not enough to have the above areas able to demonstrate trustworthiness. In the end, the issue boils down to the
quality of implementation of the whole program. The policies, organizational structures, procedures and people
are all in place, and they are
"walking the talk."
"Best Practices"
The
following sections outline some of the more important practices which an
organization can follow to help achieve trustworthiness in its electronic
records and related electronic records management systems. There is no recipe for total success in demonstrating
the trustworthiness of an electronic records system. Neither is there for paper records systems. In fact, it may be
argued that, depending on the jurisdiction's laws, electronic records may be
dealt with under current regulations without any special problems arising. Even in such cases, there may be the
perception that electronic records are less trustworthy. Therefore more rigorous minimal steps may be
needed to provide necessary assurances to officers of the court that reasonable
and prudent steps are being taken which assure trustworthiness at levels at
least as good as what they have become accustomed to in the paper world. Indeed a persuasive case has been made in a
technical report of the U.S. Association for Information and Image Management
that it is possible to achieve much improved trustworthiness with electronic
systems than is feasible in paper-based systems. Paper records typically exist over the long term in original form
only and are more easily subject to theft without timely detection, destruction
by natural causes, etc. They often use
paper or ink which has a relatively short life expectancy, are not part of a
clearly defined process or life-cycle system, and are rarely subject to
rigorous security measures or audits.
By contrast, it is feasible to develop electronic systems which overcome
most of these shortcomings in paper-based systems. The AIIM report concludes:
"In sum, properly designed, implemented and maintained information
technology systems are capable of producing records that are more reliable and
accurate than paper-based systems." What is necessary, and what is the trick, is
to develop the electronic records system in such a manner as to overcome paper
system shortcomings through the incorporation of some best-practices design
approaches. Unfortunately, as few if
any fully functional electronic records systems have been implemented, it is
possible only to provide our best understandings of what constitutes best
practices today which might be feasible to automate or assist through
computer-based systems.
Provide
for Efficient Management of Documents, Rules and Applications
The
architecture of the EDMS should provide for data independence in the actual
Document Data Base (DDB) where the documents are stored. Stated another way, the electronic representations
of documents should be separate from any Applications Programs (AP) or
associated Applications Program Interfaces (APIs) which may operate on the
documents or any Rules Data Base (RDB) against which documents may be tested. Similarly the AP and RDB should be separate
entities. This approach permits the use
of different future systems (APs and APIs) and changes in the RDB with the same
DDB.
Document and Maintain
Governing Laws, Regulations,
Standards and Systems for Electronic
Records Management
A complete
inventory of laws and regulations and other agreements which govern the
definition, creation, capture, use, preservation and disposition of records
should be maintained. Apart from legal
admissibility, some of the most difficult and controversial issues concerning
electronic records have to do with the balancing of legal, organizational and
personal interests. These are
epitomized in some of the principal emerging issues:
·
addressing “best practices” as a systems issue
·
ensuring the integrity (authenticity, security and validity) of
electronic records
·
privacy vs. organizational ownership and access to information
·
legal requirements governing public access to records
·
corporate awareness and due diligence
·
intellectual property rights
·
preservation of and future access to records in electronic form
· organizational
location of archives and records management functions. While no general
guidance can be provided to meet the needs of every public and private sector
organization, a cardinal rule here is to make sure that the employees of the
organization are well informed concerning these issues and the organization's
policies and procedures for dealing with them.
For
purposes of electronic records, governing rules should be maintained both in a
human-readable document and in machine-readable form. The former represents the governance system in a way that anyone
can easily read. The latter provides a
basis for automated use of the rules, where appropriate, and can be achieved
through various information engineering methods and tables which may be
embedded in the RDB.
Consider
Future Forms of Records and Recordkeeping
Think
about the possible impact of emerging technologies such as electronic mail
(e-mail), voice mail (v-mail), electronic forms, groupware, workflow systems,
roomware, pen-based technologies, "video documents",
location-independent computing, etc.
Will these technologies be in response to changing work patterns or are
they emerging in response to the need for better and more efficient work
patterns? For example, large commercial
organizations are beginning to use the "Arizona-Room" type conference
room and software system to conduct business decision meetings in an attempt to
make meeting results more effective and meetings more efficiently run. The software associated with these rooms
maintains a record of the proceedings of decision meetings, thus obviating the
necessity for traditional "memos to file" containing minutes of such
meetings. E-mail began as a substitute
for telephone tag. Today it is commonly
used to carry on substantive business.
V-mail, presently in its early days, is now commonly used to substitute
for telephone tag, much as was the case in the early days of e-mail. Will vmail go the same way and become a
potent medium for conveying substantive business communications? Will these changes require a different definition
of the Document? Will different
recordkeeping rules, practices or systems be needed? How will trustworthiness of information and future admissibility
of records as legal evidence be assured with changing work patterns and
technologies? The prudent information
manager will think about these things today and try to assure that system
design doors are not unnecessarily closed today that may need to be opened
tomorrow.
Link
Records to Organizational Business Processes
For
records to be records, and to be admissible in most judicial systems, they must
be produced and managed as part of the normal course of business. It is not acceptable, for example, for
records to be destroyed according to some retention schedule which was created
when an organization has been sued for negligence. The most trustworthy records are those which are produced as part
of essential organizational business processes. Traditional records and archives systems maintain records by
series and provenance. While automated
systems may be programmed to do this, they may also be used to provide even
closer links to the core business of the organization, thus further reinforcing
the trustworthiness of the records assets. This can be done by linking record series to
major business processes. Business
processes are more stable platforms than organizations or provenance; however,
in electronic systems the two approaches need not be mutually exclusive.
Minimize and
Provide Discovery Mechanisms for the Occurrence of Malicious or Unintentional
Alteration or Destruction of Records
Both procedural and computer-based approaches may
be applied to minimize accidental or malicious alteration or destruction of
records. From a policy perspective, the
organization must decide who is responsible for the maintenance of electronic
records. Will they be maintained in the
APs which produce them as has been suggested by some David Bearman
and others in the field? Or does it make more sense to provide for a
central electronic records system, either logically, physically (in a separate
computer under control of the archivist or records manager), or both? Or is some combination of centralized and
distributed approaches more desirable?
From a systems perspective, key-stroke monitoring or more rigorous computer
auditing approaches can be employed to document alterations and destruction
actions and authorizations.
Write-Once-Read-Many (WORM) technology that prevents alteration can be
used for storing records. Separate dual
storage of all records (or perhaps only archival records) can both protect
against loss due to natural disaster or malicious destruction, and can provide
a basis for comparison of documents to establish authenticity and absence of
alteration. While dual systems are
expensive, they may be desirable for compelling disaster recovery reasons. Few who lost vital records in the bombed
World Trade Center, or the flooded Chicago Board of Trade Building have
problems with the cost-justification of dual systems.
Apply
Appropriate Retention Schedules
Electronic
records, like any other, must be keyed to an appropriate retention schedule,
and that schedule must be consistently implemented. Both functions may be automated.
This means that steps have to be taken to ensure that electronic records
are migratable over time and through changes in technological environments.
Provide
for Equal Treatment of All Copies of Records
In most jurisdictions, it is essential to treat
all copies of the same document in the same manner when it comes to disposition
management. If disposition management
functions are part of the automated system -- the most efficient approach --
then all copies of the electronic documents must be destroyed when the
retention schedule calls for it. How
this is managed is dependent upon the system architecture. In some electronic mail systems, for
example, each recipient of a document has a literal copy of the document in his
or her storage space (e.g., in the distributed, PC-based, The Coordinator
System). In other systems, there is
only one copy of the document which is maintained in a shared space in a
centralized host computer, and "copies" are virtual, i.e., simply a
group of pointers associated with the document which represent users with a
copy or "view" of the document (e.g., DEC's All-in-1 system). This also highlights the need to link
electronic records to paper records through a file schema equivalency table or
other such mechanism.
Capture
Context and Content of Records
Records
have both content (information) and context (meta-information about the
document). Both are needed to determine
the authenticity of the record and the competency of the source. Much of the latter information may be
captured in the document profile which may contain information which is
supplied by the creator or the system and includes such information as:
·
author and date of creation
·
unique identifier
·
parent business process
·
provenance or office of primary responsibility
·
title
·
document type
·
version
·
language (both linguistic and software)
·
revision dates
·
retention schedule or projected/actual dates of conversion to other
media or storage levels (on-line/off-line) and destruction
·
security classification and projected/actual dates of downgrading
The
Document Profile and Document Content together constitute the Document. Having clearly spelled out and programmed
systems for managing document components provides strong evidence of the
trustworthiness of documents being managed in any electronic document
management system -- probably much better than is possible (or affordable) in
most paper-based systems. While it is
possible to retrofit information systems to provide the functionality suggested
above, one of the best ways to assure system and information credibility is to
design new systems from the beginning to take account of electronic records and
archival needs.,
Document and
Permanently Retain Records of Records Disposition Actions Taken
As with
paper records systems, it is essential that the records of disposition actions
taken on electronic records be themselves treated as permanent records. This can be facilitated in electronic
systems. One approach is to keep the
Document Profile when the Document Contents are destroyed, with an appropriate
notation in the profile of the date of destruction, which can also be provided
automatically. The profile of such
documents can then be maintained permanently in the electronic archives as
evidence that the disposition action was taken in accordance with applicable
retention schedules and rules.
Provide
Measures to Guard Against Common Assaults on Electronic Records Systems
One of
the best insurance policy for electronic records systems is to have bulletproof
methods for defending an organization's electronic recordkeeping practices
against the likely attacks of litigants whose aim it is to demonstrate the
untrustworthiness of a system. The AIIM
Technical Report states: "Common
assaults on the integrity of computer-based technologies include challenges
to: a) the source of the input data and
the processes for transcribing it to machine-readable form; b) the process that
creates, edits and updates the files; c) the process that produces the output
or retrieves the records; and d) the reliability of the equipment and vendor
supplied software that systematically manages the internal system
processes...Of particular importance in fending off these assaults is to assure
the existence of up-to-date documentation that fully and accurately describes
the procedural controls employed in producing the records. Additionally, records managers or custodians
must be prepared to describe these controls in laymen's terms, showing how they
count for every link involved in producing the records."
Henry H. Perritt, Jr., Professor of Law at Villanova University sums it up this
way:
There is no reason to be concerned that
well-designed electronic records systems present any new problems with
admissibility of electronic records under the rules of evidence....A major
difficulty in appropriate records management strategies is a lack of
familiarity by the government's lawyers with the technology, and conclusions
reached about legal treatment of the technology.