Presentation on theme: "Applying the COSCA Principles of Records Management"— Presentation transcript:
1Applying the COSCA Principles of Records Management National Association for Court Management2014 Annual ConferenceGreg Linhares, Missouri State Courts AdministratorNial Raaen, CRM, NCSC Principal Consultant
2To Protect and Preserve: Standards for Maintaining and Policy PaperTo Protect and Preserve:Standards for Maintaining andManaging 21st Century Court Records
3Records Management An Essential Component Support for judicial decision makingDocumentation of legal status and rightsPublic access to court proceedingsEnforcement of court orders and judgmentsPreservation of record for appellate reviewPreservation of historical information
4Records Defined – (ISO 15489-1) Information created, received, and maintained as evidence and information by an organization or person, in pursuance of legal obligations or in the transaction of business.
5Court Records Defined – CCJ/COSCA Any document, information, or other thing that is collected, received, or maintained by a court or clerk of court in connection with a judicial proceeding; any index, calendar, docket, register of actions, official record of the proceedings, order, decree, judgment, minute, and any information in a case management system created by or prepared by the court or clerk of court that is related to a judicial proceeding; and Information maintained by the court or clerk of court pertaining to the administration of the court or clerk of court office and not associated with any particular case. (CCJ/COSCA guidelines, 2002)
6The Records LifecycleThe span of time of a records existence from its creation or receipt, through its useful life, to its final disposition, whether that disposition is destruction or retention as a historical record.-ARMA International
7The “Continuum of Care” The management of records requires a “continuum of care” throughout the life cycle, beginning with creation and continuing through disposition and destruction.
8The Challenges… Meeting the growing demand for access Maintaining both paper and electronic systemsManaging unstructured recordsCoordinating multi-media retention and dispositionManaging increasing amounts of informationRising to the challenge of information governance
9COSCA Principles of Judicial Records Management ACCESSGOVERNANCECOMPLIANCEINTEGRITYPRESERVATIONDISPOSITION
10Principle of Compliance The requirement that management practices are in line with applicable statutes, rules of court, administrative orders, and organizational policies.
11Records Practices Must Comply With: Statues and court rulesState financial and labor relations lawsApplicable federal regulationsFLSAEqual Pay ActFMLAImmigration laws… and others
12Compliance Fundamentals Oversight and assignment of staff responsibilityPolicies and proceduresAudits and reviewsClassification systemsRetention requirements
13“Unstructured” Records Office automation work productsDocumentsSpreadsheetsPresentationsSocial mediaWeb content
14Key Issue: Email Compliance is not a records seriesmust be managed and retained according to contentmust be classified and preserved accordinglyMessages created or received by employees in connection with official business are generally considered public records
15When is Email a Record? Is the message evidence of work? Is the message the completion of a message string?Are other records available about this issue/topic?Do confidentiality requirements apply to the content of certain messages?
16Principle of Integrity The principle of Integrity addresses the need for records to be created and preserved in a manner that guarantees their authenticity, reliability and accessibility.
17ISO 15489 – Characteristics of Records Authenticity – Proven to be what it purports to be, created or sent by the person purported to have created or sent it, and created or sent at the time purported. Reliability –Trusted as a full and accurate representation of the transactions, activities, or fact to which it attests. Integrity – Complete and unaltered. Usability – Can be located, retrieved, presented, and interpreted.
18Integrity Fundamentals Technical and InfrastructureBackup and redundancyUpdated security and virus checkingTracking and audits of changesReview of audit trails and system logsDocumentation record of chain of custodySampling of media for corruption or failure
19Processes and Procedures Control of physical security and user accessTraining and documentationQuality controlNecessary metadataInternal compliance auditsHazard mitigation and disaster planning
20Key Issue: E-record Integrity Techniques/processes to ensure integrity:EncryptionAccess control and securityCheck sums/hash algorithmsAudit trails and access logging
21Principle of AccessThe principle of Access addresses the ability of court staff, litigants, and the public to access information to which they are entitled.
22Access Fundamentals Metadata and indexing to facilitate retrieval by staff and the publicStorage and security appropriate to the type of record and storage media (preservation)Non-proprietary formats ensure long-term availability of electronic recordsSecurity and access controls appropriate to the record type and users/requestors
23Metadata MattersMetadata is data that describes or characterizes a digital object, whether internal or external to the object itself. It is essential to record retrieval and integrity. Types of metadata include descriptive, administrative, structural, and preservation.
24Metadata Standards & Guidelines Dublin Core – 15 metadata elements adopted as an ISO standard OAIS – Open Archival Information System Extensible Markup Language (XML) PREMIS - Preservation Metadata: Implementation Strategies METS – Metadata Encoding and Transmission Standard …and more
25Security and Access Control Critical for E-records Access controls that identify rights, (input, change, delete)User authentication, authorization, and audit trailsApplication and operating system protection from intrusion and attack
26Key Issue: Third Party Use of Court Information Should there be increased obligations for data collectors to “sunset” information?Should there be a “right to forget”?Who would have the duty to remove records to protect a “right to forget”? Should court record retention periods be revised?
27Digital Rights Management The use of encryption to allow the creator to control use of a document, such as:Who can accessHow long the document can be readPrevent printingRequire network loggingRestrict forwardingMay not be appropriate for recordsrequiring long-term preservation
28Principle of Disposition The principle of Disposition recognizes that all records reach a point in their lifecycle where they are committed to long-term archival storage and preservation, or are scheduled for destruction.
30Records AppraisalThe evaluation of a document’s worth or value for retention or archival purposes, based upon its current or predicted future use(s) for administrative, legal, fiscal, research, or historical purposes.~ARMA Glossary, 4th edition
32Disposition by Archiving Transferring records is the process of moving records from one storage system to another within the organization. Accession is the movement of records to the custody of another agency, such as a state archives.
33Disposition by Destruction Disposition methods should be appropriate to the type of record and mediaMethods for electronic records:DegaussingOverwrite, encryption, file deletionPhysical destruction of mediaDocumentation, audit trails and metadataStandards are available for reference
34Disposition Fundamentals Maintain records according to established state and local retention schedulesRemove non-essential, obsolete or duplicate recordsUse destruction methods appropriate to record content and mediaConduct a periodic records inventory and appraisal
35Key Issue: Multi-media Retention Management Are you a “digital hoarder”How long is too long?Coordinating paper and electronic retention schedulesManaging the deletion/retention of interrelated information
36Principle of Preservation The principle of Preservation addresses the need to maintain the integrity and accessibility of judicial records throughout their life cycle.
37Preservation Fundamentals Proper levels of protectionAudits and validationMonitoring, disaster preparation and recovery planningThird party compliance with requirementsSelection of appropriate media and storage systems to sustain access and usability
39The Technical Issues Media longevity and obsolescence Hardware lifespan and compatibilitySoftware and file format obsolescence
40Preservation Risk Factors Preservation risk increases with the following variables:Age of the record(s)Frequency of access to the record and mediaComplexity of the record and its featuresVolume of the record seriesStorage media
41Hardware ChallengesStorage medium may be superseded by newer versions or by new types of media—smaller, denser, faster, and easier to read.Computers are continually superseded by faster and more powerful machines that can store and process more content.Computer components and media physically fail due to human error, natural events, and normal aging.
42Remember When? 8 inch floppy: 1971-81 5.25 inch floppy: – mid 1980s12 inch optical: – 1992Jazz disk: – 2002source: Cornell University Chamber of Horrors
43Software and FormatsA file format may be superseded by new versions, no longer be supported by the current vendorSoftware used to create, manage, or access digital content may be superseded by newer versions or newer generations with more featuresCharacteristics as hidden text and change history, macros, and animations may be difficult to archiveVendors compete, merge, or go out of business leaving application software unsupported
44Methods of E-Preservation PASSIVEACTIVEEnsures the integrity of, and access to, digital objects and their associated metadata.Attempts to keep the original object intact without changing the storage or access technologies.Ensures continued accessibility by active intervention to move the digital object from legacy to current storage environments.May involve technologies not in existence when the record was created.
45Migration Migration is a strategy for avoiding obsolescence Cycle is approximately every years, or lessElectronic records should be periodically migrated to stable media and stable file typesMedia and file types must provide a reliable and stable repository for preservation and accessA migration strategy and schedule should be established for specific media and file types
46Other Preservation Approaches Emulation - Applications software that recreates the legacy technical environment required to run earlier programs Refreshing – moving records from one medium to another, primarily as a preventive measure Preservation – maintaining the original technical environment
49Have a Preservation Strategy Identify acceptable risk for record typesAssess current capabilities and capacitySurvey existing tools for adoptionApply standards and use open formatsConsider emerging technologies
50Trusted Digital Repositories Scheme developed by the National Archives and Records AdministrationAudit mechanism for assessing ability of repositories for secure and reliable long-term preservation of digital recordsIncludes technical requirements as well as organizational infrastructure and policiesProvides a set of assessment criteriam2.pdf
52OAIS ElementsIngest. The steps required to transfer items from their current location into the archive in a managed manner.Archival Storage: The storage of the bulk data using standard storage management tools.Data Management: Tools to manage the storage of the archive, including the metadataAdministration: A set of tools to administer the system and access to it.Access: Tools to search, browse and download the contents of the archivePreservation Planning: The module that manages the information for long term access.
53Principle of Governance The principle of Governance addresses the need for organizational authority and control over records, as well as accountability.
54Governance Fundamentals Features of a comprehensive records management program –Roles and responsibilities clearly definedStrategy to ensure preservation and accessDocumentation of systems and processesOversight and accountabilityGoals & performance measuresAuditing and reviewAdoption of standards
55Standards Organizations International Organization for Standardization (ISO)National Archives and Records Administration (NARA)Association for Information and Imaging Management (AIIM)ARMA InternationalAmerican National Standards Institute (ANSI)Department of Defense (DoD)European Commission (MoReq2)
57The Growth of Information Over the next 20 years there will be a 40% increase in information growth57% office documents65%75% attachments81% instant messages- John Mancini, AIIM President
58Gartner Forecast…The rise of big data, social networking and mobile interactions, coupled with an accelerating increase in the amount of structured and unstructured information enabled by cloud- based technologies, is creating an information crisis.
59The Need for Greater Collaboration Coordination among multiple record holdersMaintaining strategic alignmentAcquiring adequate resourcesAnticipating future needs
60Assessing Your Records Program The Records Management Maturity Model Original concept developed at Carnegie-MelonBased on ARMA RIM principles and modelFollows the COSCA principles frameworkFour levels of maturityKey elements under each principleSelf-assessment and scorecard available at:
61Other NCSC & COSCA Initiatives Joint Technology Committee – addressing the principles of disposition and preservationDevelopment of RIM training programsRefinement of maturity modelsIdentification of best practices and model programsEngagement with the records management community
62Resources ARMA International – www.arma.org Association for Information and Image Management – National Archives and Records Administration – Council of State Archivists -National Association of Government Archivists and Records Administrators –