Presentation is loading. Please wait.

Presentation is loading. Please wait.

State Government Recordkeeping in Cloud Computing Environments Lori Richards, SILS, UNC – Chapel Hill | AERI 2012 | July 10, 2012.

Published byMoshe Meekins Modified over 10 years ago

Similar presentations

Presentation on theme: "State Government Recordkeeping in Cloud Computing Environments Lori Richards, SILS, UNC – Chapel Hill | AERI 2012 | July 10, 2012."— Presentation transcript:

1 State Government Recordkeeping in Cloud Computing Environments Lori Richards, SILS, UNC – Chapel Hill | AERI 2012 | July 10, 2012

2 To understand how emerging technologies affect the theory and practice of archives and records management in complex organizational settings o This motivation is not entirely new to the field of archives and records management

3 In the past 40 years, ARM researchers have examined the changing nature of the field as technology has advanced, asking questions about things like o Computerized index systems and automated retrieval mechanisms (1970s – 1980s) o How moving to electronic from paper-based records creation and storage impacts archival processes and user access patterns o How the notion of records lifecycle changes in electronic environments o Concerns about personal privacy and security in digital environments o Concerns about government and organization accountability in a world where erasure of documents is an ever-present risk o How concepts such as record, provenance, and document change in electronic environments

4 Studies do not yet exist that examine how digital curation roles and responsibilities within complex organizations change in the light of highly distributed electronic information processing infrastructures o The information processes are highly distributed, but o They are often managed in highly centralized and controlled ways, often using o combination of internal and external resources that manage the information through several layers of service provision

5

6 Examine how the functions of archives and records management are instantiated in state government cloud computing environments Gain a clearer understanding of how the various parties who play a role in the records continuum understand their roles and responsibilities, understand how operating in the cloud affects those roles and the risks to the resulting records, and impacts incentives to engage in accountability-sensitive and preservation-sensitive professional activities

7 Develop a digital curation governance model that could serve records managers in organizations moving into the cloud and that could provide clues as to the types of knowledge and skills these people will need to gain in educational programs or on the job

8 Multi-case study embedded in a wider study that includes semi- structured interviews with professionals from a variety of states that are performing recordkeeping (i.e., digital curation) activities in cloud environments o Minnesota – Statewide implementation of Microsoft 365 email and collaboration system, including SharePoint in the Cloud (externally hosted cloud, dedicated statewide environment) o Kentucky – Department of Education movement of their entire Instructional Technology environment into the Cloud (externally hosted cloud, dedicated educational institution environment) o North Carolina – Movement of syndromic surveillance healthcare data into a newly developed Cloud-based system managed by the CDC, which shares data with other state and local agencies nationwide Documentary analysis o Requirements documents, business case and/or TCO analysis, IT governance documents, organizational charts, retention schedules, and data practices legislation

9 We Keep Everything Forever (Except what IT destroys according to its contract-negotiated schedule)

10 *WHOSE job is this, anyway?*

11 Interviews: o Executive level management in state CIO offices o State Archivists o Archivists and collections managers o Records Managers o IT Management from central IT groups o Agency-level IT management o Agency directors o Product manager and systems engineers o Data Practices and Compliance liaisons o Experts from NASCIO and RTI International

12 Florida Kentucky Massachusetts Minnesota Nebraska New Jersey North Carolina South Carolina Wyoming

13 Of the risks that have been discussed in journals related to recordkeeping in the cloud, virtually no one seemed to be aware of them IT sees itself as an integrator rather than a builder. Hence, they dont really feel ownership of the information, although the program/agency personnel feel that they have LOST ownership of the information due to IT consolidation

14 Do we have the ability and right to audit written into our contracts with this vendor? Do we know who all the participants in the supply chain are, so that we can engage in our (legally mandated) contracts with every party that touches this information? What will happen to our data at the end of the contracting period? Can we move some or all of our data from one provider to another? Does the provider have the technical capabilities to destroy data according to our disposition schedules? If not, can they offer an acceptable proxy for destruction? Who owns our data and how does this impact our eDiscovery and other legal mandates? Can this vendor assure us that when a breach of privacy occurs we are immediately notified and that we can immediately notify those whose privacy was breached? How is our data segregated from other tenants of this provider? What security mechanisms do they use to ensure that the data is segregated? What encryption mechanisms do they use?

15 Cloud services are often layered o ALL service providers must meet your regulatory requirements Access-related issues o Ensuring that those who do not have permission to access records are barred from viewing them: what are your provider(s) security and data isolation techniques? o Ensuring that you continue to have access to records: data ownership must be contracted! Disposition schedules o You really cant destroy records in the cloud: encryption matters! eDiscovery o Ensure your SLAs specify how your provider will respond in the event of a subpoena or government request for information Provenance

16 Resource sharing can lead to new collaborative policy requirements o Records are shared, but the different partners have different retention requirements. The central repository has a 6 year retention policy – retention policies need to be negotiated during contracting, something that hasnt happened yet. o What if a partner picks up only a portion of a record? What is the status of the new information? o What happens to the data when the participant leaves the exchange or the cooperative goes out of business? No answer to this question yet; it remains an issue.

17 Lori Richards UNC Chapel Hill lorraine.richards@unc.edu

Download ppt "State Government Recordkeeping in Cloud Computing Environments Lori Richards, SILS, UNC – Chapel Hill | AERI 2012 | July 10, 2012."

Similar presentations

The Role of the IRB An Institutional Review Board (IRB) is a review committee established to help protect the rights and welfare of human research subjects.

The Role of the IRB An Institutional Review Board (IRB) is a review committee established to help protect the rights and welfare of human research subjects.
The Impact of Auditing on Records Management Risk and Compliance Susan B. Whitmire, CRM, FAI Manager, Enterprise Records and Information Management BlueCross.

The Impact of Auditing on Records Management Risk and Compliance Susan B. Whitmire, CRM, FAI Manager, Enterprise Records and Information Management BlueCross.
Introduction to Records Management Policy

Introduction to Records Management Policy
Presentation by Priyanka Sawarkar

Presentation by Priyanka Sawarkar
Doug Couto Information Systems and Technology Committee (ABJ50) Washington, DC January 25, 2011.

Doug Couto Information Systems and Technology Committee (ABJ50) Washington, DC January 25, 2011.
What is GARP®? GARP® is an Acronym for Generally Accepted Recordkeeping Principles ARMA understands that records must be.

What is GARP®? GARP® is an Acronym for Generally Accepted Recordkeeping Principles ARMA understands that records must be.
Records Management for UW-Madison Employees – An Introduction UW-Madison Records Management UW-Archives & Records Management 2012 Photo courtesy of University.

Records Management for UW-Madison Employees – An Introduction UW-Madison Records Management UW-Archives & Records Management 2012 Photo courtesy of University.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
Auditor General’s Office One key audit focus area – Compliance with Laws and Regulations.

Auditor General’s Office One key audit focus area – Compliance with Laws and Regulations.
On Privacy-aware Information Lifecycle Management (ILM) in Enterprises: Setting the Context Marco Casassa Mont Hewlett-Packard.

On Privacy-aware Information Lifecycle Management (ILM) in Enterprises: Setting the Context Marco Casassa Mont Hewlett-Packard.
Developing a Records & Information Retention & Disposition Program:

Developing a Records & Information Retention & Disposition Program:
Managing the Digital University Desktop: In the university environment, individual information management behaviors determine the level of success of records.

Managing the Digital University Desktop: In the university environment, individual information management behaviors determine the level of success of records.
Office of Inspector General (OIG) Internal Audit

Office of Inspector General (OIG) Internal Audit
Richard MARCIANO Chien-Yi HOU School of Information and Library Science (SILS) Sustainable Archives & Leveraging Technologies Group (SALT) University of.

Richard MARCIANO Chien-Yi HOU School of Information and Library Science (SILS) Sustainable Archives & Leveraging Technologies Group (SALT) University of.
Author(s): David A. Wallace and Margaret Hedstrom, 2009 License: Unless otherwise noted, this material is made available under the terms of the Creative.

Author(s): David A. Wallace and Margaret Hedstrom, 2009 License: Unless otherwise noted, this material is made available under the terms of the Creative.
RECORDS MANAGEMENT City of Oregon City “ That was then… this is now!”

RECORDS MANAGEMENT City of Oregon City “ That was then… this is now!”
Property of Common Sense Privacy - all rights reserved 01875340890 THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.

Property of Common Sense Privacy - all rights reserved THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.
ICPL Institute for Computer Policy & Law H. David Lambert Vice President for Information Services and Chief Information Officer Georgetown University e-Discovery:

ICPL Institute for Computer Policy & Law H. David Lambert Vice President for Information Services and Chief Information Officer Georgetown University e-Discovery:
C2- How Businesses Use Information Systems. BMW Oracle’s USA in the 2010 America’s Cup.

C2- How Businesses Use Information Systems. BMW Oracle’s USA in the 2010 America’s Cup.
Integrating Digital Curation in a Digital Library curriculum: the International Master DILL case study Anna Maria Tammaro University of Parma Florence,

Integrating Digital Curation in a Digital Library curriculum: the International Master DILL case study Anna Maria Tammaro University of Parma Florence,

Similar presentations

Ads by Google