Searching for a document can be a burden. Just ask an administrator who is desperately searching for one document to report back for an audit. It’s stressful, takes time, and ultimately could result in the dreaded “it’s lost” outcome. Though, this scenario does happen, it can be avoided through sound records management practices. What are those practices you ask? Well – it depends. Organizational records management needs are unique. They can vary according to priorities, governing regulations, locale, and even industry. Just know that whether you have just begun or have a full-fledged records management program in place, examining the 5 W’s and H questions around your policies can align/realign your plans.
What is Records Management?
We’ll start here. AIIM (Association for Intelligent Information Management) references ISO 15489 – which defines records management as “the field of management responsible for the efficient and systematic control of the creation, receipt, maintenance, use, and disposition of records, including the processes for capturing and maintaining evidence of and information about business activities and transactions in the form of records.” Simply said, it is the processes in which records are collected or created, classified and protected, maintained, and ultimately destroyed.
What about digital records in records management?
And within defining records management lies a common pitfall. Physical documents are often the “records” that are understood to be governed by records management. However, both electronic and physical records should be addressed in any policies and procedures outlined for an organization. Imagine only considering junk mail to exist in hard copy and not email. You’d find your inbox littered with messages that fill your inbox to its limit. This is the same with electronic records. Forgetting about them only creates an attitude and atmosphere of infinite storage and retention. This is perhaps even more concerning than doing so with physical records – so take the time to properly strategize both information sets when addressing records management procedures.
Evaluating records management with the five W’s and H
First up – Who?
Identifying who will be responsible for the review of records retention requirements and the coordination of policies to coincide with those timelines may be the first step to starting a records management program or the reevaluation of records management procedures. In a best-case scenario, a team of RIM (records and information management) experts is assembled to enable an organization to identify all requirements to meet specific industry and government regulations. Additionally, each department (finance, HR, marketing, legal, etc.) should have represented personnel who offer insight and awareness into the different types of information sets they utilize (- afterwards, these department heads will become the champions of communication to all employees within their specific departments). This way the policies and procedures are tailored to the specific needs and regulation of the organization. Can general guidelines be followed instead? Yes, to a degree. But an organization shouldn’t be in a habit of generalizing their policies. Should RIM experts not be a viable option, consulting with trusted advisors from legal teams or outside counsel can be another avenue before records and information governance plans are implemented.
Maybe the most important question – What?
Asking what types of information are created, processed, and managed within an organization holds a great deal of value. Social security numbers, birth dates, addresses, phone numbers – all potential information that a business could hold about their customers – and all extremely valuable information sets to thieves. Therefore, understanding what information is held is paramount to records management plans. A RIM team will take a complete inventory of all the records and data held and classify it into categories. These categories are commonly titled:
- Active records
- Vital records
- Archival records
With information classified into these four categories, organizations can plot the course for which records hold more importance, how long to keep them for, and when to destroy – not to mention, make them easier to locate and access.
Managing the information lifecycle may seem difficult as so much data is collected and stored day to day. With the right team in place, gathering the necessary answers to the key questions about the information that you are collecting becomes second nature. As you chart a plan to tackle the policies and procedures that are put in place answering the who, what, where, where, when, why, and how questions will help determine the best course of action. These policies will then reflect the exact needs for your business to maintain compliance.
Align your records management goals with assessing the gaps that may exist from answering these questions. Need help? Our information professionals can help tailor programs to the needs of your business. Reach out and see how offsite document storage, document imaging and scanning, document and hard drive shredding, and data protection services play a role in your plans.
Look for part two of this blog coming soon.