What is a record?
A record is “information created, received and maintained as evidence and as an asset by an organization or person, in pursuit of legal obligations or in the transaction of business”, according to the International Organization for Standardization (ISO).
This quote brings up an important distinction. While records are often considered synonymous with documents, they include one important characteristic that makes them unique: records, whether physical or digital, include evidence of a particular business activity, requiring them to be stored and retained over an extended period.
Records include any tangible object or digital information which have value to the organization.
Common records are:
- Documents created in the course of business (correspondence, agreements, studies).
- Items that require organizational action (FOIA requests, controlled correspondence).
- Documented organizational activities and actions (calendars, meeting minutes, project reports).
- Items mandated by statute or regulation (administrative records, legal/financial records, dockets).
- Items supporting financial obligations or legal claims (contracts, grants, litigation case files).
- Items needed to communicate organizational requirements (guidance documents, policies, procedures).
- In addition, some industries require organizations to treat items posted on social media sites as records.
Why is records management important?
The U.S. alone has more than ten federal records management laws and regulations that must be followed when managing government records. Then there are financial regulators like the Securities and Exchange Commission (SEC) or the Health Insurance Portability and Accountability Act (HIPAA) that have their own set of rules for the financial and health industries respectively.
Storing files on an organization’s shared drive is not enough to meet industry compliance standards. Beyond the legal mandates, a records management strategy is vital to the lifecycle of your organization’s information.
The record lifecycle encompasses the following phases: the creation, distribution, active storage, inactive storage and retention, disposition and archiving of an organization’s records.
An organization-wide strategy will govern how information is created, stored, shared, tracked and protected.
This ensures your organization’s information will never be in the wrong hands or the wrong place and can still be accessed by those who need it.
Is your organization compliant with GDPR?
The General Data Protection Regulation, known as GDPR, is a regulation on the processing and movement of personal data, implemented by the EU in 2018. Although GDPR was passed in the EU, its implications are global — any organization keeping or transferring data pertaining to individuals within the EU is subject to this regulation. In addition, other countries and even some individual states in the U.S. have created their own regulations in line with the requirements of GDPR.
Organizations need to remain steadfast in their dedication to proper records management if they want to comply. Reynold Leming, Chair of the Information and Records Management Society, encourages firms to establish a “information pedigree,” which combines a record of information assets held, with governance and audit trails of business events that results in a traceable and accountable “ancestral line” for any piece of information your company works with over time. Here’s a few additional considerations for records management that you might not think of right away:
- A records request can come from anywhere.Besides routine audits, requests may come from lawyers in a court case, insurers, law enforcement, the public or even the media. Having established best practices for storing and moving records can help make sure your organization’s time, or its reputation, isn’t squandered.
- Business processes are a part of records management.Make sure your processes are consistent and handle any records and personal information in compliance with any industry or government regulations. A process automation platform can help mitigate process inconsistencies and thus bolster your efforts to stay in compliance.
- You can keep audit trails of paper documents.Although paper documents are largely a thing of the past in terms of day-to-day processes, records management involves, and in many ways necessitates, looking back in the past. You should maintain digital audit trails and inventories of paper documents held in archive.
- When you exchange data with a third party, make sure they take your compliance needs seriously.Make sure vendors are aware of any necessary records management or data privacy regulations, and that they intend to follow them. Keep a record of any contracts signed with vendors of software, equipment and the like, as well as third parties who process personal data on your behalf. In addition, you’ll want to know their best practices and policies when it comes to records retention and information management.
- Maintain records of how you handle information.Policies, best practices and even laws evolve — you need to take note of when changes happen so you can show regulators, the public or whoever else asks, that you followed the rules when handling information.
What are the benefits of electronic records management systems?
Electronic (or digital) records management is the modern standard for how organizations control their information and records.
A quality records management system should provide:
- Improved efficiencyin the storage, retention and disposition of records and records series.
- Detailed reportsof which records are eligible for transfer, accession or destruction.
- Audit trailsto track all system activity and the entire lifecycle of records.
- Customizable and flexible capabilities — tailored to the needs of the organization.
A dependable, efficient records management system can help meet these challenges without drastically altering business operations. In the words of Justin Pava, Principal Technical Product Manager at Laserfiche, “The best records management solution is one you don’t need to think about.”
In summary, building a records management strategy should be a top priority for any organization that values efficiency, security and compliance with regulatory recordkeeping requirements.
Get the Ultimate Guide to Records Management to get started on or improve your records management strategy.