Kansas Electronic Records Management Guidelines
Acknowledgment: Developed with funding from the National Historical Publications and Records Commission.
- 1.1 Purpose
- 1.2 Scope
- 1.3 Revision History and Status
- 2.1 Ensuring Accountability
- 2.2 Meeting Legal Requirements
- 2.3 Preserving Informational Assets
- 2.4 Complying with Best Practices
- 3.1 Best Times to Address Electronic Records Management
- 3.2 Creating of Electronic Records
- 3.3 Capturing Electronic Records
- 3.4 Identifying Electronic Records
- 3.5 Managing Electronic Records
- 3.6 Recordkeeping Systems Defined
- 3.7 Building the Essential Characteristics into Recordkeeping Systems
- 3.8 The Problem of Legacy Records
- 3.9 Ensuring Legal Admissibility
- 5.1 The Agency's Role
- 5.2 The State Archives' Role
- 5.3 Shared Responsibilities
- 6.1 Preliminary Investigation
- 6.2 Analysis of Business Activity
- 6.3 Identification of Recordkeeping Requirements
- 6.4 Assessment of Existing Systems
- 6.5 Identification of a Recordkeeping Strategy
- 6.6 Design of Recordkeeping Systems
- 6.7 Implementation of Recordkeeping Systems
- 6.8 Ongoing Maintenance and Review
- 7.1 Determining the Value of Records
- 7.2 Appraisal Criteria
- 7.3 Appraisal Strategies
- 7.4 Records Retention and Disposition Schedules
- 8.1 Responsibilities of Agencies
- 8.2 The State Archives' Role
- 8.3 Access to Electronic Records in Agency Custody
- 8.4 Provision of Secure Access
- 9.1 Policy Overview
- 9.2 Criteria for Transfer
- 9.3 Transfer Requirements
- 9.4 Management of Electronic Records Taken into Custody
- 9.5 Contextual Information
- 10.1 Electronic Document Management Systems
- 10.2 Electronic Mail
During the past decade, the recordkeeping practices in public and private organizations have been revolutionized. New information technologies from mainframes, to PC's, to local area networks and the Internet have transformed the way state agencies create, use, disseminate, and store information. These new technologies offer a vastly enhanced means of collecting information for and about citizens, communicating within state government and between state agencies and the public, and documenting the business of government. Like other modern organizations, Kansas state agencies face challenges in managing and preserving their records because records are increasingly generated and stored in computer-based information systems.
The Kansas Historical Society serves as the official State Archives with responsibility to assist state and local agencies in the preservation of records with enduring value. A Records Management Section within the KSHS Archives Division provides advice to state agencies on the proper management and disposition of government records and oversees operation of the State Records Center. The State Records Board has statutory responsibility to set the retention period for state records, including those to be preserved permanently, and to authorize the orderly destruction of other records.
Out of concern over its ability to preserve electronic records with enduring value and properly advise agencies about electronic records management, the Kansas Historical Society, through the Kansas State Historical Records Advisory Board, requested a program development grant from the National Historical Publications and Records Commission to develop policies and guidelines for electronic records management in the state of Kansas. With grant funds, the KSHS hired a consultant, Dr. Margaret Hedstrom, an Associate Professor in the School of Information, University of Michigan and formerly Chief of State Records Advisory Services at the New York State Archives and Records Administration, to draft guidelines that could be tested, revised, and then implemented in Kansas state government.
These Kansas Electronic Records Management Guidelines are one product of the KSHS Electronic Records Management Project. The guidelines will be tested in several state agencies and then revised for adoption and use in guiding the management and preservation of electronic records in Kansas state and local agencies. The recommendations in these guidelines are based on policies and practices that have been developed and implemented in government and private sector organizations to improve the management and long-term preservation of electronic records.
1.0 About the Guidelines
This publication is about maintaining accountability and preserving important historical records in the electronic age. It is designed to provide guidance to users and managers of computer systems in Kansas government about:
- the problems associated with managing electronic records, special recordkeeping and accountability concerns that arise in the context of electronic government,
- archival strategies for the identification, management and preservation of electronic records with enduring value,
- identification and appropriate disposition of electronic records with short-term value, and
- improving access to state government records.
These guidelines apply to all public records in Kansas state and local government agencies that come under the jurisdiction of the State Records Board. Policies and procedures for traditional formats of records are well-established and discussed in detail in the Kansas State Records Management Manual. These guidelines apply and extend the policies and practices for records management to problems resulting from the transition from paper-based to electronic recordkeeping.
1.2.1 Definition of Records
Kansas agencies routinely create and accumulate records as they undertake government business. These records are vital to the process of managing and monitoring the use of state resources, and they provide a historical record of decisions, changes, and outcomes. Records have a significant role in the democratic process in that they
- provide evidence to support the rule of law,
- support the accountability of government administration,
- are evidence of the interactions between the people of Kansas and their government, and
- have value in documenting the history and culture of Kansas.
Records have traditionally been equated with physical objects, even though Kansas statutes define records without regard to their physical characteristics. The Government Records Preservation Act, for example, defines records in terms of their function and their relationship to the transaction of official business. According to K.S.A. 45-402(d) (emphasis added):
Records can be created and stored using many different media and formats, including paper-based files or computer systems, on a single medium or as multimedia. Records can also be transferred from one medium to another and from one context to another through copying, imaging or digital transfer. Electronic records are easily updated, deleted, altered and manipulated. If appropriate measures are not taken, the essential characteristics of records -- content, structure, context (see Section 3.5.3) -- can be altered or lost in the process. Careful planning and system design are required to ensure that these characteristics of records are both captured and maintained.
1.2.2 Jurisdictions Covered
The principles outlined in the Electronic Records Management Guidelines are applicable to all Kansas state agencies, and they will need to be considered in any situation where information is managed. Not all data in electronic information systems constitute records. Records have a distinct legal and administrative status that not all information and documents have. It is vital that state agencies understand the role of records within their business and manage their records as important resources with special requirements that may be distinct from other information resources. Electronic records management principles are relevant whenever computer systems are used not only to process information but also to provide reliable and authentic evidence that given activities or transactions have occurred.
These guidelines apply to all agencies of Kansas state government. The legal recordkeeping requirements of Kansas agencies are covered by the Public Records Act (K.S.A. 75-3502 through 75-3504), Government Records and Preservation Act (K.S.A. 45-401 through 45-413), and other statutes governing access to and protection of records. These guidelines are intended to provide guidance to agencies on the management of electronic records throughout their entire lifecycle, from initial system design to the final disposal or permanent preservation of state records. This "records lifecycle" view is critical in an electronic environment because, by the disposition stage (when actions are taken regarding records no longer needed for current Government business), records may be unretrievable if not properly managed while they are in active use. The guidelines cover records created using all types of computerize environments, including such diverse elements as personal computers, distributed networks, mainframes, spatial data systems, and multimedia systems.
1.3 Revision History and Status
These guidelines are part of the KSHS's ongoing effort to address the electronic records management needs of Kansas state government. As a result, this document continues to undergo changes. The first draft, written by Dr. Margaret Hedstrom, was completed in November of 1997. The version you are currently reading -- reorganized and updated to reflect recent changes in the focus and structure of the Kansas information technology environment - was completed on August 17, 1999 and posted to the KSHS Web site on August 18, 1999. The most current version of the guidelines can always be found at: www.kshs.org/government/records/electronic/electronicrecordsguidelines.htm
2.0 Reasons for Managing Electronic Records
2.1 Ensuring Accountability
Public acceptance of Kansas state government and the roles of its employees depends on trust and confidence. This trust is founded on all of Kansas state government being accountable for its actions. Access to full and accurate records is at the heart of the accountability process. Records are the means by which the evidence of past and current action, decisions, procedures and policy are preserved for future analysis and access. Records are fundamental tools in the business of government and their absence can lead to inefficiencies or failure in operational procedures. The absence of records can open agency employees to accusations of fraud and impropriety, political embarrassment and an inability to defend the state of Kansas in cases of legal action or claims against the government.
Inadequate records and recordkeeping can result in:
- failure of individuals or systems to make records in the first place;
- failure to make records that adequately meet accountability and other organizational requirements;
- failure to capture records into recordkeeping systems so that they are subject to arbitrary destruction or cannot be found when required;
- failure to identify and retrieve the authoritative version of a record when multiple versions exist;
- failure to maintain records for the period of time necessary to meet specific accountability requirements; and
- failure to assign responsibility for different aspects of recordkeeping at appropriate levels in the organization, so that no one takes responsibility.
Electronic government provides both new opportunities and new hurdles to ensuring accountability. As government transactions are increasingly conducted through electronic media, the state of Kansas has the potential to provide more open and efficient access to records than ever before. The items listed above, however, can prevent this opportunity from becoming a reality.
Electronic government also allows agencies to share resources in order to fulfill functions that they have in common. This "virtual government" model can provides a more convenient and consistent interface to Kansas state government, often at a lower cost to taxpayers. When agencies collaborate with each other or outside contractors to provide services, however, it is essential that proper provisions are made for ongoing documentation of those services. Electronic government can only be effective if the government can still be held accountable for its activities.
2.2 Meeting Legal Requirements
According to Kansas state law:
- Government records are public property and cannot be destroyed without authorization from the State Records Board or through an approved retention and disposition schedule (K.S.A 45-403).
- Unless specifically exempted, government records are to be kept open for public inspection. (K.S.A. 75-215 through 75-223)
Taken together, these two requirements provide a powerful incentive for agencies to actively engage in electronic records management. Unless a retention and disposition schedule (defined below) approved by the State Records Board is used to identify those electronic records that are appropriate to destroy - either through their inclusion in an existing records series reference or the approval of a new series to describe the electronic records - state agencies are legally obligated not only to retain all of the electronic records they create but also to provide public access to them (unless specifically identified as exceptions in the Open Records Act and other specific legislation). The ongoing maintenance of systems to store and retrieve such large amounts of data would place an unnecessary burden on agencies. Through effective management and scheduling of their records, however, agencies can focus their resources on preserving only those records that have enduring value.
K.S.A. 45-404 grants the State Records Board the authority to "approve or modify retention and disposition schedules." A records retention and disposition schedule is a timetable that identifies the minimum length of time that every record series created and maintained by an agency must be retained. A record series is a group of records normally used or filed as a unit that relate to a particular subject or result from the same activity.
There are two types of retention and disposition schedules that may apply to an agency's records. The General Records Retention and Disposition Schedule includes guidelines for common record series maintained by most state agencies, e.g. travel vouchers, meeting minutes, and employee personnel records. To address records not listed in the General Schedule, each agency also should have a specific Agency Records Retention and Disposition Schedule approved by the State Records Board, which contains requirements for record series that are unique to the organization.
When submitting agency records retention and disposition schedules to the State Records Board, agencies are required to provide, at a minimum, the following information:
- records series titles and descriptions,
- minimum retention periods,
- final disposition requirements (i.e. what must be done with the records once they are no longer in active use), and
- access requirements.
2.3 Preserving Informational Assets
Agency records represent valuable state assets. Agencies should consider the value of records when attempting to determine the return on investment of new information technology projects and systems. The resources spent on adding records management functionality to an information management system should not be regarded as an unrecoverable cost. Instead, the potential value of information technology will often go unrealized without proper electronic records management. Computer systems that were implemented to facilitate the work of agencies can quickly become a liability if they do not allow access to reliable and authentic records of agency activities.
The return on this investment in electronic records management will take various forms:
- Improved staff management, training and workflow due to better documentation of past activities.
- Decreased technological and human resource burden of staff developing their own record keeping systems because they do not trust or have easy access to agency record keeping systems.
- Increased ability to gain funding for new programs based on thorough documentation of past outcomes.
- Decreased technological and human resource burden of preserving records that no longer have retention value.
- Lower resource burden when migrating records to new technology, due to the appropriate capture and maintenance of metadata.
- Increased efficiency in meeting Open Records Act requests.
- Avoidance of lawsuits based on the unwarranted destruction of or inability to provide access to records.
2.4 Complying with Best Practices
Whenever possible, state agencies should follow best practices for electronic records management. This is done by identifying and then adopting the best available policies, methods, procedures, tools, and processes that others are already using to address the particular organizational problem or need confronting an agency. Since both the technologies used to generate records and the methods designed to deal with record keeping issues continue to evolve, adoption of current best practices enables agencies to benefit from the best advice available from both the public and private sectors, while providing flexibility for improvements as methods and technologies evolve.
One major purpose of these guidelines is to serve as a source of best practice information on electronic records management for Kansas state agencies. These guidelines were developed by adapting current best practices for electronic recordkeeping from other organizations and jurisdictions to the particular needs of Kansas state agencies.
3.0 Introduction to Electronic Records Management
3.1 Best Times to Address Electronic Records Management
For the reasons stated in the previous section, it is in the best interest of agencies to address electronic records management issues as soon possible. Since effective management of electronic records depends so heavily on the information systems involved, however, agencies will have the most options for managing their electronic records effectively if they identify recordkeeping requirements when new systems are designed or when existing systems are upgraded.
3.1.1 Business Process Redesign
Business process analysis and reengineering are powerful tools that organizations are using to streamline their processes, eliminate redundant tasks and improve efficiency. Process analysis and redesign are excellent opportunities to also reconsider recordkeeping practices, since they often identify problems which could be alleviated through new workflow procedures and/or information systems. For example, process analysis may identify areas where electronic records are printed and filed unnecessarily because there were no provisions in the system to capture records electronically and transfer them to an electronic recordkeeeping system. If recordkeeping requirements are identified during process analysis, effective procedures and automated routines can be built into the revised processes to handle records more effectively.
3.1.2 System Design and Procurement
Another opportunity to consider recordkeeping requirements is during the process of system design and procurement. While business process analysis often precedes the design of new systems, sometimes modern information systems are acquired and designed to automate well-established manual procedures or to support the information handling and reporting requirements for new functions or programs. Several aspects of recordkeeping should be considered during the system design and procurement process. Does the agency require the system to support electronic recordkeeping, or does it plan to produce and file in hard copy all of the records that the system generates? If the system is expected to support electronic recordkeeping, then some customization of commonly available software may be needed. It may be necessary, for example, to establish special permissions which give different individuals authority to create, alter, and view records based on their authority and responsibility within a business or administrative process.
Special measures may be needed for routing documents from the active information processing environment to a recordkeeping system where records can be stored but not altered after they have been filed electronically. Since electronic records are easy to update and copy, they tend to exist in many versions and in multiple copies. Processes need to identify the official copy and handle version control. If the retention requirements are identified when the system is designed, routines can be designed for automatic purging of obsolete documents. If the system will store records with enduring value, a method will be needed for migration or export of the records to the next generation of technology.
3.1.3 Replacement and Upgrading of Information Systems
Recordkeeping requirements should be considered when information systems are being replaced or upgraded. In addition to the issues discussed when designing new systems, analysts can review the recordkeeping aspects of the system that is being phased out and use that analysis to identify opportunities for improvement. If users had difficulty identifying and retrieving the most current version of a document in the old system, for example, some form of version control may be needed in the new system. If users were reluctant to rely on the electronic records and instead printed and filed large volumes of paper records, the new system could incorporate better organization of records and better retrieval capabilities. If the old system was cluttered with obsolete files, the new system could be designed to automatically delete or transfer to offline storage specific types of files after a given time period. If users were not willing to trust the electronic versions of records, more effective authentication and system security measures could be implemented.
One important consideration when systems are replaced or upgraded is whether any of the electronic records stored in the old system need to be retained and migrated into the new system. This process can be routine if the records are stored in a simple structure or in a format that is compatible with the new system and if they are readily identifiable and well described. Often little thought has been given to the questions of retention or migration, however, so detailed analysis may be necessary to identify which records need to be retained and to determine how to transfer them to the new system.
3.2 Creating Electronic Records
The creation of records is a fundamental aspect of the management of any business operation, government or private. Kansas government agencies create records in order to:
- produce evidence of individual and corporate performance,
- account for the use of public resources,
- document decision making processes in accordance with the law,
- comply with statutes, regulations, instructions, guidelines and other rules that require Kansas agencies to create records,
- preserve the corporate memory of the state enterprise and track business transactions over time,
- enable the government to protect its interests and to substantiate the rights and entitlements of individual citizens,
- ensure that records of significant government policies and activities are kept for posterity, and
- provide a record of communications within and between agencies and between the government and its citizens.
It is important that agencies determine how and why electronic records are being created. Many of the considerations laid out in these guidelines - capture of appropriate content, creation of metadata, declaration of record type - are best addressed at the point of record creation. Electronic records management procedures are most effective when carried out at the point of creation or very shortly thereafter.
3.3 Capturing Electronic Records
Strategies for capturing electronic records will differ, depending on the opportunities presented by an agency's hardware and software environment. Locations at which records can be captured include software layers (especially suited to open systems environments) and at every interface between hardware components through which the relevant data passes. The technological environment will influence the decisions as to whether records are captured through:
- the user interface layer,
- modification of the application software,
- the operating system,
- the application program interface (API), or
- the front end to a corporate filing system.
The organizational environment will also influence the point at which records are captured. This will include perceptions about what constitutes a record, assignment of responsibility, agency requirements to create records, and staff understanding of the technology involved.
Regardless of the approach an agency takes, it must be able to identify specific information objects (e.g. documents, email messages, database entries) as records and somehow distinguish between the types of records to which different business and retention requirements must be applied. Possible approaches include:
- Business transaction information is identified in an "envelope" or file header, so the file does not need to be opened to be identified.
- The record creator is responsible for capturing his or her own records and assigning management practices to them at the point of creation. This could be implemented as a screen the user fills in before documents can be saved or messages can be sent.
- A user interface is designed so that users can choose between a number of icons representing business tasks or style templates, e.g., "send policy" or "make appointments." The choice of icon can engage the appropriate application, distribution lists, style sheets and records disposal authorities. The sender thus affects scheduling but need not make conscious decisions about assigning retention periods to records.
3.4 Identifying Electronic Records
Agencies have traditionally used records surveys and inventories to identify which records they maintain and to decide what to do with those records. In an electronic context, surveys of physical storage media (e.g. tape libraries or workstation hard drives) do not provide much useful information for determining which records exist or for deciding what to do with them. In order to enhance performance and convenience, most information systems make use of redundant data, through such practices as caching, disk duplexing, mirroring, clustering, client-side processing, desktop information management, disaster recovery measures, and routine system backups. Instead of attempting to inventory all of this data that exists at any one time, electronic records management requires the identification of agency functions, processes, transactions and activities to be documented. Once these have been identified, it will be possible to determine which data and associated metadata must be retained to serve as an official record.
3.5 Managing Electronic Records
Agencies need ready access to the right information at the right time to provide services and make informed decisions. An important part of that process is gathering information together to form the basis for decision making. Another part of the process is internal and external communication using various technologies. This communication process invariably involves conducting some form of business transaction (development of policy, delivery of benefit, ordering or paying for a product or service) which needs to be documented. The means by which agencies choose to conduct these business transactions invariably involve oral, written and/or electronic communication methods. In all cases, the objective is to conduct the business transaction satisfactorily and to maintain a record of what transpired for future reference.
When conducting transactions electronically, the first challenge is to maintain records in a way which will enable retrieval of all documents relevant to a transaction when they are needed. The second challenge is to ensure that the records are not retained for any longer than necessary, in order to avoid both overloading systems and to avoid indiscriminate dumping. A special problem with electronic records is that they lack familiar physical and visual clues about their origins, such as official letterhead, or their authenticity, such as written signatures. Special measures must be taken to ensure that they are also reliable and authentic.
Paper recordkeeping systems have traditionally been employed to file letters, minutes, reports, spreadsheets, invoices, notes, etc. These systems employ classified and indexed files at a subject or transaction level to consolidate and co-locate the documents generated or received in the course of a business activity. Separate folders provide a business context and link the individual documents to a particular transaction and into the wider agency recordkeeping system. In recent years, agencies have adopted records management, document management, workflow and imaging software. Regardless of the technology, however, the objective remains the same: capture records so that they can be easily retrieved at a later date, understood, and interpreted as evidence of what transpired in an agency.
"Virtual" records exist independently of their physical format. By reducing records to their essential characteristics, we can allow for the existence of records, regardless of the current technology. Systems must link the content of a record to its administrative or business context. In electronic environments, the essential characteristics mentioned in Section 3.5.3 rarely sit neatly together in a single, format-based package. Though all of the elements of a virtual record may exist within a single computer file, they may also be distributed across the entire state network. The integrity of these elements and the links between them are much more important than where they physical reside. If one is not able to place records in their appropriate administrative context, then they have seriously diminished value as evidence.
In a court of law the evidence may be in documentary, oral, audio-visual, electronic or object form. It must satisfy the tests of evidence and be admissible in that legal context. Evidence as a concept, however, is not confined to legal contexts. Within business and public sector environments, the evidence from previous actions and decisions is used as a basis for the formulation of new decisions and actions. Organizations keep records as evidence or proof that an activity or transaction did or did not occur. Beyond this more immediate use, researchers also use records as historical evidence on which to base their conclusions.
3.5.2 Full and Accurate Records
Records should be full and accurate to the extent necessary to:
- facilitate action by current and future employees, at all levels;
- allow for proper scrutiny of the conduct of business by anyone authorized to undertake such scrutiny; and
- protect the financial, legal and other rights of the agency, its clients and anyone else affected by its actions and decisions.
3.5.3 Essential Characteristics of Records
Full and accurate records must posses the following three essential characteristics:
- Content -- that which conveys information (e.g. text, data, symbols, numerals, images, and sound).
- Structure - appearance and arrangement of the content (e.g. relationships between fields, entities, language, style, fonts, page and paragraph breaks, links and other editorial devices).
- Context - background information that enhances understanding of technical and business environments to which the records relate (e.g. metadata, application software, logical business models) and the origin (e.g. address, title, link to function or activity, agency, program or section).
In order for records to serve as evidence, these three essential characteristics must be maintained. Whenever one of the characteristics is altered, the ability of records to accurately reflect the activities of an agency is diminished. This means that records must:
- have information content that is (and continues to be) an accurate reflection of what actually occurred at a particular time in the function, activity or transaction in question;
- be able to be reconstructed electronically when required, so that each component is brought together as a whole and presented in an intelligible way;
- be able to be placed in context so that the circumstances of its creation and subsequent use by an agency or person can be understood in conjunction with its information content; and
- have been officially incorporated (either actively or passively) into an agency's or person's recordkeeping system.
One of the major differences between electronic records and those on traditional media is that electronic records are not human-readable, thus their physical appearance alone does not provide sufficient information to determine their origin, purpose, uses or other aspects of the context in which they were created and maintained. Maintaining content, structure and context of electronic records is, therefore, both more vital and difficult than with traditional records. Meeting these conditions requires high quality records management and a sustained commitment, on the part of state agencies and the State Archives.
3.6 Recordkeeping Systems Defined
Recordkeeping systems are those systems that capture, manage and provide access to records over time. Records are often accessed just for their informational content, in which case they function the same as any other document or information source. Records are kept, however, to provide evidence of functions, activities and transactions, i.e., the business process. Recordkeeping systems are different from generic information systems in that they maintain linkages to the activities they document and preserve the content, structure and context of the records.
Unlike most other computer information systems, recordkeeping systems must often accommodate records that exist in more than one format (e.g. parallel paper case files and electronic case management systems). Recordkeeping systems should be able to identify all records, active and inactive, and the version of the computer software that supports access. They should be able to identify records stored off-line and off-site and on all media.
3.7 Building the Essential Characteristics into Recordkeeping Systems
The realities of modern administrative practice can often be impediments to effective recordkeeping. The pressure of the moment and the thought that documentation can wait have increasingly become a standard feature of modern organizations. The introduction of a greater commercial and service orientation in the public sector has created a culture which is focused on outcomes, sometimes to the detriment of documentation.
Effective electronic records management is not a goal to be attained at the expense of agency outcomes but is instead a necessary component of those outcomes. When successful outcomes are well documented, they can be sustained within an agency over time, accurately reported to the citizens of Kansas, and potentially reapplied across the state enterprise. When outcomes are not well documented, however, the state of Kansas can neither leverage its past successes nor avoid repeating its past failures.
The systematic creation and keeping of records have been undermined by the move away from centralized filing systems, the introduction of risk management, outsourcing, and the increasing use of technology in the administrative process. This is not to suggest that agencies return to the centralized and resource-intensive practices of the past. Rather, agencies should put systems in place which meet their accountability requirements without detracting from the benefits provided by modern technology and organizational change. When the system will support or provide services for several agencies, those agencies involved should work together to ensure that all of their respective recordkeeping requirements will be met.
The longer records are maintained, the more difficult it becomes to fully maintain their content, structure and context. In the process of upgrading, converting or migrating data to accommodate new systems, one or all of the essential characteristics of records may be compromised in some way. If the practices recommended in these guidelines are applied to the design, implementation and management of information systems, however, this loss of essential characteristics can be minimized and agencies can make better decisions about which characteristics warrant the resource commitment to maintain.
3.7.1 The Importance of Open Standards
Data management, interchange, interoperability, migration and ongoing accessibility all depend on the adoption of open standards. Though some components of agency computer information systems will inevitably be proprietary, electronic records management should not be dependent upon the software or hardware of one particular vendor. Whenever feasible, file formats, protocols and other system specifications adopted by state agencies should be those developed and adopted by recognized standards bodies. Since the requirements for fulfilling these standards are both publicly documented and generally supported by more than one vendor, agencies that adopt them will be much less likely to find themselves stuck with valuable but inaccessible records than will agencies that adopt more closed systems. The appropriate standards body will depend upon the nature of the technology involved, but three particularly important sources of standards relevant to electronic records management are the International Organization for Standardization (ISO), Internet Engineering Task Force (IETF) and World Wide Web Consortium (W3C).
The Kansas Information Technical Architecture contains more extensive guidance on standards to which agency systems should conform.
In order to maintain record content, agencies should follow best practices in the information technology profession for data integrity. Systems should be in place to ensure that:
- the identity of a record's creator is verified (through the use of a password and possibly encryption),
- permission to read and write files is appropriately restricted,
- periodic system audits are conducted,
- data transmission includes data error checking and correction,
- data are regularly backed up, and
- data on offline media such as magnetic tape are regularly refreshed to avoid catastrophic loss of data due to medium degradation.
Data should also be encoded in such a way that the bits will continue to be readable over time. Records that contain American Standard Code for Information Interchange (ASCII) text provide an easy migration path with respect to content as long as ASCII remains an accepted base standard. Open Systems Interconnection (OSI) standards for other forms of content, e.g. Tag Image File Format (TIFF) for images, should also be considered for long-term retention of records. For nontextual materials, it is often important to distinguish between record copies and convenience copies. If a paper document has been digitized, for example, an agency may store a master copy of the document as a high-resolution TIFF image for preservation purposes but provide online access to a lower resolution Joint Photographic Experts Group (JPEG) or Graphics Interchange Format (GIF) image that serves only as convenience copy for easy reference.
As previously stated, the management of records should not be restricted to records that reside on just certain media types. The records of business processes may span different media and multiple systems. Business decisions to restrict record creation to certain media should be clearly articulated and communicated to staff. Recordkeeping systems should be designed to enable access to the complete record without hindrance. Where multiple recordkeeping systems are in place, links should be provided for records that span these multiple systems.
Recordkeeping systems need to capture and maintain information about the structure of records either as an integral part of the metadata associated with the records or in separate formal documentation. In many ways, structure is more difficult to maintain than content and is often neglected.
The simpler the record structure, the easier it is to preserve the record over time. As with the other characteristics of records, it is also best for record structure to be based on open standards. Standard Generalized Markup Language (SGML) and eXtensible Markup Language (XML) are both examples of open standards for document structure.
If the content of a record becomes separated from key information about the agency and person(s) who made it, the time, place and reasons for its creation, and its relationship to other records, its value as a record is severely diminished or lost. Its contents may still be of interest, but the record will have no value as evidence unless it can be placed in context. Contextual information, therefore, is information about the records and the administrative environment in which they were created and maintained. It can range from high-level information such as the name and location of the agency that created the record to more detailed information such as the date the record was made.
The depth of contextual information required will vary depending on the expected users and their level of knowledge. In the case of permanent records, more details will be necessary to enable future audiences to make sense of the records and place them in context. What is commonly known and assumed by today's records creators may not be readily evident to future users.
The ideal in the electronic environment is to link to records the metadata and contextual information necessary to read and understand them. A document indexed by sender, recipient, date, or purposes and organized in a standard filing system along with other documents from the same business function or administrative procedure is an example of this in the paper world.
Recordkeeping systems need to maintain and provide access to information about the business and administrative context in which records were created and used. For computer systems developed by information technology professionals, system design documentation, data dictionaries and related business documentation are fundamental to providing context for records that are held in those systems. Active data dictionaries - lists of all files in a database management system, the number of records in each file, and the names and types of each field - and computer-aided software engineering (CASE) tools - software that provides a common development environment for programming teams - automate much of the process of keeping metadata authentic.
Maintaining the context of records created and managed outside of systems developed by information technology professionals is more difficult. The ubiquity of personal computers allows records to be created, modified, copied, transmitted and deleted, often with little regard for business and legal records management requirements. Even if records are managed appropriately on an individual workstation, their existence may not be known to other users, and the contextual information may be inadequate for future retrieval. Consideration needs to be given to assigning and preserving meaningful document names, author, work group and organizational identifiers, designating whether records are draft or final versions and linking them to other documents or information objects. Off-the-shelf software exists to address these problems. Alternatively, if records cannot be supported in an electronic environment, they will need to be printed out and incorporated into a recordkeeping system based on paper, microfilm or some other analog medium.
Contextual Information Provided by Agencies
Contextual information needs to be collected, structured, and maintained from the time records are created. This involves identifying and labeling (or tagging) records and linking them to contextual information (i.e., keeping records about records). In some cases this can be achieved by embedding key contextual information into the metadata or electronic records themselves. The more that electronic records can be made self-describing the less need there is for maintaining separate information.
As described in Section 6.7, agencies can use some combination of the following methods to incorporate records management activities into their information systems:
- Purchase and implement specific records management software.
- Configure existing software to include records management functions.
- User-based management. The users of information systems can manually engage in electronic records management functions.
Regardless of which of the above methods agencies adopt, the Archives encourages agencies to maintain contextual information relating to the:
- agency or agencies that recorded or maintained the records,
- other agencies that are, or have been, associated with the records,
- purpose of the records in fulfilling agency functions;
- age of the records,
- time period to which the records relate,
- frequency with which the records are, or will be, used,
- value or significance of the records in relation to the functions of the agency,
- recordkeeping system used in relation to the records,
- relationship (if any) between the records and other records or materials, and
- existence of any law, agreement, practice, procedure, arrangement or understanding affecting the records.
Such contextual information, while desirable for all records, is especially important for higher value records. While such contextual information is absolutely necessary for long-term retention of electronic records, it can also improve the quality of records in active use, support information sharing, and enhance their quality as evidence.
Contextual Information for Interagency Transfer
When electronic records are transferred from one agency to another following changes in government administrative arrangements or are transferred to the Archives, it is essential that they are transferred with sufficient metadata and contextual information. Agencies that take on the care and preservation of electronic records under such circumstances need to insist that the relinquishing agency supply adequate contextual information, system documentation and metadata at the time of transfer. Because of the risks involved, agencies transferring electronic records between themselves, either directly or through a contracted service provider, should follow verification procedures. This process is increasingly happening in real time. Systems for interchange must ensure not only the transfer of data but also sufficient metadata.
Contextual Information Gathered by the Archives
To manage records and determine their appropriate retention and disposition, information will be gathered about records and maintained in a database by the Archives Division of the KSHS. As explained in Section 2.2, records will be classified according to their record series, which is a group of records normally used or filed as a unit that relate to a particular subject or result from the same activity.
For an individual record or a series of related records we gather information about:
- title of the agency (or agencies) which created the records,
- dates between which the agency operated,
- purpose of the agency and the functions and legislation it administered at the time,
- location of the agency, and
- outline of the agency's development, history, internal structure and relationship to other agencies.
- title of series (e.g., business process or function) to which the record belongs,
- date range of the series
- content and purpose of the series,
- system of arrangement or control of the series (e.g., retrieval system, indexing system),
- quantity of records in the series,
- previous and subsequent series (if any) that document the same or similar functions,
- controlling, controlled and related series (e.g., indexes, data dictionaries),
- identity of other agencies or persons that have had custody of the records,
- relevant disposition schedules and actions taken, and
- statutes, regulations, and policies governing access.
Archives staff obtain this contextual information from a range of sources, including records disposition schedules, transfer documentation, direct physical examination of record items, and research through published and agency sources. The vulnerability of electronic records is such that agency staff responsible for their creation and management must now take an active role in ensuring that sufficient contextual information is gathered so it can be provided to the Kansas State Archives in the event of a transfer of permanent records to the Archives.
3.8 The Problem of Legacy Records
The Kansas Information Technology Architecture (KITA) divides the lifecycle of information technology into three phases: twilight, current, and emerging. The KITA recommends agencies wishing to select proven, stable and supported technologies look to items in this category for near-term implementation. Regardless of what phase a system is in at the time of implementation, however, it will eventually enter the twilight phase. In order to maintain access to the records on these older systems, agencies must take measures to either continuously support those systems or migrate the records to newer systems. The record lifecycle is thus tightly connected to the technology lifecycle. In short, electronic records live and die with the systems that support them.
This dependency becomes a major problem in the case of legacy records, which are records that rely on legacy systems. Legacy systems are those systems that were designed using hardware and software systems that are rapidly becoming obsolete or are no longer supported by their vendors. Two leading experts on migrating legacy systems define a legacy information system (IS) as "any IS that resists modification and change" (Brodie and Stonebreaker, p. xv.). Legacy systems are a significant problem for organizations that rely on older, proprietary systems and technology because it is difficult to migrate either the functionality or the data to new generations of systems.
From a records management and archival perspective, legacy systems create problems when they are being used to store and retrieve records that need to be kept beyond the useful life of the system itself. There are a variety of methods that can be used to extract records from legacy systems, ranging from simply printing records to paper or microforms to using sophisticated extraction tools. Because migration is expensive, regardless of the approach used, it is important to thoroughly analyze the records and their retention requirements so that only those records that are needed for future use or required to be kept by law are migrated.
The most effective way to address the long-term retention of electronic records is to ensure that they never become legacy records. If agencies follow the recommendations in these guidelines about the capture of system metadata and thorough documentation of information systems, then electronic records will be much easier and cheaper to maintain over time. Of course, metadata that identifies the system requirements for accessing electronic records will be of no use if future users do not also have the tools needed to satisfy those requirements. This is why agencies should adopt open standards whenever possible. This will increase the chances that records can survive the transition to a new system without the need to significantly alter them in the process.
Even if agencies adopt open standards, however, cases will arise in which agencies no longer have access to software or hardware that can support a given standard or set of standards. In these cases, a factor that can greatly facilitate support for and/or migration from twilight systems is access to their source code, the sequence of statements that are written by and understandable to a human programmer. Without access to source code, agencies are more dependent on software vendors -- who may go out of business or require the purchase of a prohibitively expensive new release of their product -- to maintain the means to access their electronic records. Having access to the source code allows the agency using the software to contribute to its further development and more easily develop other software that interacts with it. There are several ways that agencies can ensure access to source code:
- Develop software internally, then maintain and document the source code.
- Make use of open-source software (OSS). OSS is software for which the source code is freely and publicly available, though the specific licensing agreements vary as to what one is allowed to do with that code. When using OSS, it is important to ensure that the software has been sufficiently documented by its developers.
- Specify in contracts with vendors that they must provide source code along with the binary code of their software and any upgrades. Restrictions may be placed on how the agency can manipulate, reuse or distribute the source code.
- Make arrangements with a trusted third party to hold the source code in escrow. There are a number of companies that provide such services, and escrow agreements can specify that agency access to the source code only be allowed under specific conditions.
3.9 Ensuring Legal Admissibility
Government agencies use a variety of systems and technologies to create, maintain and reproduce records. Many documents are created and many records are maintained in electronic form. While information technologies enable government agencies to streamline recordkeeping practices and reduce records creation and storage costs, they also present new problems in relation to establishing the authenticity of records. Information systems and records management policies need to ensure that agencies produce and maintain full and accurate records that are acceptable for legal, audit, and other purposes.
Meeting legal admissibility requirements in a complex, changing environment is a challenging undertaking that requires cooperation and coordination within and, increasingly, between agencies. An agency's business managers, records staff, legal counsel, and information technology personnel must all be involved in ensuring the legal acceptance and authenticity of records. Advice may also be required from the Kansas Attorney General and Kansas State Archives.
Evidence that is introduced in legal proceedings is subject to Federal Rules of Evidence, specific Kansas legislation, and precedents established through case law. Agencies may also be required by administrative tribunals or regulatory authorities to provide records as evidence. Sometimes enabling legislation will state what rules of evidence will be applied by the tribunal. It is important to keep in mind that most administrative rulings can be challenged by the courts, making it advisable to follow legal rules of evidence if they apply a stricter standard for recordkeeping.
Courts readily accept records produced by common information processing methods and technologies, such as writing, typing, photocopying, and microfilming. Records produced or reproduced using newer technologies, such as digital imaging, workflow and document management systems, groupware, electronic data interchange (EDI), and electronic commerce may be subject to greater scrutiny, however, since recognized standards for the implementation and use of these technologies are not yet in place. Agencies need to take special precautions when implementing electronic systems to ensure that these systems are reliable and that they produce records which will be legally acceptable.
Agencies should follow good recordkeeping practices for records in any format. Courts are generally more likely to admit electronic records as evidence if agencies have taken the following precautions in the design and management of their recordkeeping systems:
- use the recordkeeping system consistently and in the normal course of business,
- develop and follow written policies and procedures,
- provide training and support,
- develop an adequate system of controls,
- develop and implement system audit trails,
- conduct routine tests of system performance,
- test and document the reliability of hardware and software,
- provide adequate security,
- establish controls for accuracy and timeliness of input and output, and
- create, maintain, and retain comprehensive system documentation.
Many of the measures recommended for good systems design, system maintenance, and electronic recordkeeping also enhance the quality of electronic records as legal evidence.
4.0 Current Kansas Policy
Policy can serve as an effective guide to the management of electronic records by establishing common goals and principles for all state agencies, assigning responsibility for carrying out and monitoring the policy to specific government officials and administrative units, and providing a framework for more specific procedures and practices. In an environment where increasing numbers of records are created and maintained in computer-based systems, records management policies and information technology policies have to be reconciled to accomplish a common goal of managing state information resources effectively, including the official records of state government. The policy goals for records management and information technology management will be difficult to achieve without a mutual understanding of both the requirements and most appropriate methods for satisfying them.
4.1 Records Management Policy
Kansas public policy concerning records is defined in K.S.A. 45-401 as follows:
The legislature declares that state and local government records with enduring value should be stored in conditions which are not adverse to their permanent preservation and should be properly arranged so that appropriate public access to such records is possible. Disposition of noncurrent records which do not merit preservation will promote economy and efficiency in the day-to-day operations of government. Cooperation among agencies at all levels of government is necessary in order to achieve proper preservation of records with enduring value.
This basic policy goal applies to all government records. Significant changes in recordkeeping practices and records management methods are needed, however, to achieve these objectives for electronic records.
4.2 Information Technology Resources Policy
Responsibility for providing direction and coordination for the application of the state's information technology resources is vested in the Information Technology Executive Council (ITEC). The seventeen member Council has the authority to approve policies for the management of state information resources, including:
- Information technology resource policies, procedures and project management methodologies for all state agencies.
- An information technology architecture, including telecommunications systems, networks and equipment, that covers all state agencies.
- Standards for data management for all state agencies.
- A strategic information technology management plan for the state.
- Providing direction and coordination for the application of information resources,
- Designating ownership of information resource processes and the lead agency for implementation of new technologies and networks shared by multiple agencies in different branches of state government.
The chief information technology architect and the Information Technology Advisory Board (ITAB) assist ITEC with information technology policy development. The executive branch Chief Information Technology Officer (CITO) monitors state agency compliance with ITEC approved policies.
The guidelines, standards, policies, and procedures developed for overall management of information resources and technology have significant implications for electronic records management, both within state and local agencies and at the State Archives. Decisions made during the acquisition and design stage of new systems, for example, often impact the ease with which records can be identified, accessed, disposed of, or transferred to new systems should their required retention extend beyond the life of the system in which they were originally created or stored. Hardware and software standards have the potential to either facilitate or hinder the exchange of records among agencies and between government and private citizens. These guidelines encourage addressing recordkeeping requirements when new systems are acquired, designed, or redesigned.
5.0 Responsibility for Recordkeeping
The Public Records Act (K.S.A. 75-3501 through 75-3518) and the Government Records Preservation Act (K.S.A. 45-401 through 45-413) define the responsibilities of state and local government agencies to organize, protect, provide access to, and properly dispose of their records, including the transfer of noncurrent records with enduring value to the Kansas Historical Society. Cooperation between the agencies and the KSHS is even more important with electronic records, because they are more susceptible to loss, inadvertent destruction, mismanagement, and obsolescence. Within agencies, cooperation between management, staff who create and handle electronic records, specialists in information system design, and agency records officers is also essential for the management of electronic records. For these reasons, the KSHS considers the management of electronic records a shared responsibility demanding new partnerships with state agencies.
5.1 The Agency's Role
The ability to maintain electronic records and ensure their accessibility over time is highly contingent on how records are created, organized, and maintained in the agencies that create or manage them. Individual agencies are most likely to understand their electronic systems and the specific applications required to maintain the records they contain. As technology changes over time, agencies are also best placed to ensure that records of enduring value are successfully transferred or migrated as systems evolve. In contrast, the KSHS is positioned to provide advice on electronic recordkeeping but does not have the capacity to manage and maintain a wide range of electronic systems and records applications nor to manage the migration of records to other media and standards over time. Maintenance of most electronic records of long-term value will depend on cooperation between state agencies and the State Archives. In order to ensure that records are properly managed, agencies must also cooperate with any other public or private entities with whom they share data for the provision of services.
5.1.1 Creation and Maintenance of Electronic Records
Creation and maintenance of reliable and accurate electronic records is the responsibility of agency program managers, users of computer systems, agency records officers, and information technology staff who provide technical support and training. End users need to be informed of the policies governing recordkeeping and trained in the use of tools and systems that support electronic records management.
5.1.2 Implementation of Records Management Policies
The agency records officer has responsibility for overseeing the disposition of agency records, for protecting records with enduring value, and for ensuring that records are not destroyed without authorization of the State Records Board. In extending these responsibilities to include electronic records, it will be necessary for the records officer to participate in studies and analysis of agency business processes and systems and to participate in the design, monitoring and refining of records storage and retrieval systems. The records officer will also have primary responsibility for applying existing records retention and disposition schedules to electronic records and for submitting new schedules for electronic records that do not have an approved schedule to the State Records Board.
5.2 The State Archives' Role
The Kansas Historical Society is the official State Archives with responsibility to assist state and local agencies in the preservation of government records with enduring value (K.S.A. 45-405). While in the past, preservation of such records has been achieved through their physical transfer to the State Archives, preservation of electronic records will depend on closer cooperation with agencies. The State Archives has developed these guidelines to help agencies manage electronic records efficiently and effectively. We will help you to identify appropriate maintenance procedures and determine the length of time different types of electronic records should be kept. Our aim is to ensure that you are not using your resources to maintain records that are no longer needed.
The Archives can help agencies to:
- identify the electronic records in agency custody that are of enduring value,
- identify and obtain authorization to dispose of the electronic records in agency custody that are not of enduring value,
- identify the metadata that needs to be captured and maintained with electronic records of enduring value if they are to remain identifiable and accessible over time,
- determine the length of time electronic records should be maintained and made accessible in order to meet administrative or archival requirements, and
- develop a means for ensuring the public's right to access to archival electronic records so that you can meet the access provisions of the Kansas Open Records Act (K.S.A. 45-213 through 45-223) while protecting the confidentiality of records exempted from the Open Records Act and other legislation restricting access to records.
In the following limited cases, the State Archives will accept physical custody of electronic records of enduring value:
- It has been demonstrated that the administrative function which the records document has been discontinued by the Kansas legislature and
- there is no successor agency for the function or activity;
- there is no other agency or institution which could take custody of the records; or
- the records have a security classification which would preclude them from being stored by another agency or institution.
- The Archives enters into an agreement with an agency to take custody of the electronic records because the alternative arrangements would result in loss of valuable records or represent an uneconomical solution to long-term preservation.
We recognize, however, that there may be equivalent situations where identified temporary value electronic records have to be taken into custody. Each proposed transfer of enduring or temporary value records will be considered on a case-by-case basis (see Section 9.2). Given the wide range of potential formats, volumes, standards of preservation which could be involved and that technology as well as formats and media are subject to constant and rapid change, it is not possible to draw up prescriptive rules governing standards for all proposed transfers of electronic records.
When the Archives has agreed to accept custody of electronic records from an agency, the Archives and the agency must work together to ensure that the records are transferred to the Archives in an acceptable format and accompanied by the metadata necessary for maintaining access to the records (see Sections 9.3, 9.4 and 9.5).
5.3 Shared Responsibilities
Because electronic records management is a shared responsibility, several different organizations in Kansas state government bear some responsibility for implementation, oversight and monitoring. For some activities, this is a logical extension of responsibilities for traditional records management. In some cases, however, this will require new partnerships between administrators, program managers, records officers, and information technology staff in agencies as well as between the agencies and the State Archives.
5.3.1 System Procurement and Design Standards
The Information Technology Executive Council (ITEC) is responsible for approval of information technology policies, project management procedures, the Kansas Information Technology Architecture (KSTA), and the strategic information management plan. The KITA describes the information systems infrastructure that supports the applications used by the State and guides the development of the information systems infrastructure. The Information Technology Architecture Review Board is responsible for keeping the architecture up to date. It evaluates agency requests for waivers, analyzes projects referred to it to determine architectural compliance, and makes recommendations to ITEC on changes and extensions to the KSTA. To achieve effective integration of recordkeeping requirements and capabilities into new systems, an ongoing partnership between these entities and the State Archives is essential.
The Department of Administration, Division of Purchases assists state agencies in acquiring goods and services. In order for them to make purchasing decisions that support state electronic recordkeeping needs and for these guidelines to reflect practices that are reasonable from a procurement perspective, the Division of Purchases and State Archives will need to coordinate their activities.
5.3.2 Monitoring Records Preservation and Disposal
The State Records Board has primary responsibility for ensuring that important state records are preserved and that other records are disposed of when no longer needed. This includes records in electronic form. Staff of the Records Management Section of the Archives Division, Kansas Historical Society work with state agency personnel to prepare a retention and disposition schedule, secure agency approval, and present the schedule to the State Records Board for approval. It is the goal of the Records Management Section to develop retention and disposition schedules for electronic records in conjunction with the design and implementation of new systems whenever possible. ITEC could require that agencies have an approved retention and disposition schedule for electronic records before proceeding with the implementation of new systems. Once a schedule has been approved, the agency records officer is responsible for monitoring its implementation and for recommending revisions to the schedule if requirements or technologies change.
6.0 Developing and Maintaining a Recordkeeping System
Experience with electronic records management in other jurisdictions has shown that the following steps should be undertaken:
- preliminary investigation,
- analysis of business activity,
- identification of a recordkeeping requirements,
- assessment of existing systems,
- identification of a recordkeeping strategy,
- design of recordkeeping system(s),
- implementation of recordkeeping systems(s), and
- ongoing management and review.
When first addressing electronic records management requirements for an agency, it is advisable to follow the above steps in the order in which they are listed. Electronic records management is an ongoing process, however, and agencies will often need to revisit one or more of these steps over time. This process should also be integrated with other agency operations. Many of the steps we list are already being undertaken by agencies in order to develop business rules for information systems, conduct business process reengineering, write annual reports and administer agency services. Effective electronic records management draws from and facilitates these existing operations. It is not simply an extra set of tasks that an agency must conduct in isolation from the rest of its workflow.
6.1 Preliminary Investigation
Through the examination of documentary sources and interviews with staff, develop a profile of the role and purpose of the organization, the organizational structure, the organization's legal, regulatory, business and political environment and any critical factors affecting or associated with recordkeeping. Some useful questions to pose at this point could be:
- What is the business purpose of your agency? What outcomes was it established to bring about?
- Which legislation or other administrative arrangements establish its role and functions?
- Which additional legislation or other administrative arrangements govern its operations (e.g., federal regulations, audit requirements, state laws and regulations, contracts, agreements)?
- As a consequence, is the agency subject to any mandatory recordkeeping requirements in the legislation or administrative arrangements (specific state regulations, Public Records Act, Open Records Act)?
- For what and to whom is the agency accountable?
6.2 Analysis of Business Activity
Following a similar process to the first step, identify and document each business function, activity, and/or transaction undertaken. Establish a hierarchy of business functions, activities and transactions and identify and document the flow of business processes and the transactions which comprise them.
- Which business processes give rise to, or should give rise to, records that document policies, procedures and transactions?
6.3 Identification of Recordkeeping Requirements
Electronic records are best managed if recordkeeping requirements are identified when new systems are designed. Recordkeeping requirements derive from both the internal business needs of an agency and from external regulations imposed by federal and state laws and regulations, guidelines for professional practice, and other authorities. Agency personnel responsible for process analysis, systems design, administrative procedures, and internal controls are best able to identify the internal requirements for creating and maintaining records. Identifying external requirements can be a complex and time-consuming process that involves research and analysis. These guidelines recommend that agencies follow a systematic procedure to identify recordkeeping requirements, usually in conjunction with a system design or redesign.
Identify the requirements for evidence affecting each business function, activity, and transaction which must be satisfied through recordkeeping. These requirements for evidence can be derived from an analysis of the regulatory environment to which your organization belongs and from an assessment of risk of failure. Determine how each requirement for evidence may be satisfied through recordkeeping and then document the recordkeeping requirements. Questions to ask include:
- What records does your agency need to keep to meet its business and accountability requirements?
- At which points in a given business process or transaction should a record be created or captured?
- What content is required to produce full and accurate accounting of a decision, transaction, or event?
- How can we assure that an electronic record was created by the person responsible for an action and that it has not been altered?
- Who may have access to records and for what purposes?
- For which records should the access history be captured and maintained along with the record?
- With approval from the State Records Board, how long do these records need to be kept and where?
- How can records with long-term value be preserved?
- How can business processes be redesigned to incorporate recordkeeping requirements for business and accountability purposes?
- What are the agency's vital records, i.e. those records which, if destroyed or otherwise inaccessible, would immediately hinder the agency's ability to provide basic services and fulfill its mission?
- What are the best practices in recordkeeping of government agencies and businesses that conduct similar activities?
6.4 Assessment of Existing Systems
Identify and analyze existing recordkeeping and other information systems and measure their performance against recordkeeping requirements. Some questions to ask:
- What records does the agency currently maintain and do these meet the agency's accountability requirements?
- In which areas is recordkeeping deficient or nonexistent, i.e. what agency activities can you identify as being insufficiently documented?
- Do the recordkeeping systems conform with existing quality standards?
- Where are the records that currently exist and how do you get and/or maintain access to them?
6.5 Identifying a Recordkeeping Strategy
The appropriate strategy should be determined by weighing the degree of risk involved in the failure to satisfy recordkeeping requirements (see Section 2.3 for a list of factors) against the cost of satisfying the requirements. Considerations should include the business function, systems environment, legal requirements and corporate culture within which the strategy must succeed.
6.6 Design of Recordkeeping Systems
Design a recordkeeping system that captures and maintains access to those records which have been identified in the earlier processes. Ensure that the system supports, and does not hinder, business processes. Assess and, if necessary, redesign business processes to incorporate recordkeeping requirements. The metadata required for the maintenance and accessibility of the records that need to be created and captured in the recordkeeping system should be identified.
6.7 Implementation of Recordkeeping Systems
Agencies should use some combination of the following methods to incorporate records management activities into their information systems. Regardless of what method is used, agencies should attempt to integrate the operation of their recordkeeping systems with business processes and related systems.
6.7.1 Records Management Software
Agencies can develop, or arrange to have developed, records management software that meets their particular needs. They can also purchase existing products known as records management applications (RMAs). Either solution should be integrated with existing agency applications to facilitate the management of records created within those applications. Functions performed by records management software can include:
- Declaration of appropriate documents as records at the point of creation.
- Classification of records into record series or types at the point of creation. These classifications are ideally based on the business functions to which the records are related, so that record retention can be based on the nature of the functions.
- Application of retention and disposition schedules to records, based on that classification.
- Documentation of the usage history of records.
- Association of sufficient metadata with records to ensure their refresh, conversion and possible migration over time without losing their content, context and structure.
- Integration of systems used to manage electronic and traditional records.
- Tracking of the physical location and access to paper and microform records.
6.7.2 Configuring Existing Systems
The operating systems and applications used by agencies already create a great deal of metadata related to the data they process, e.g. file and folder names, created and modified dates, creator names, application-specific file name extensions, usage history, formatting templates. The capture, retention and association of the appropriate elements of this metadata can greatly facilitate electronic records management.
6.7.3 User-Based Management
The users of information systems can manually engage in electronic records management functions. Though this approach tends to require the least amount of technological investment, it still requires a significant human resource investment for training, implementation and audit of the policy. The more employees personally recognize and derive the value of good records in their own work, the more incentive they will have to create and manage records effectively. When implementing a system that makes extensive use of user-based management, agencies must be particularly attentive to the principles and methods of user-centered design.
6.8 Ongoing Management and Review
An agency should monitor the performance of the recordkeeping system and carry out random checks of the quality of records and control information, assess the performance of the system and initiate and monitor corrective action. While this methodology was originally designed for electronic records management, it is equally applicable to records and recordkeeping systems in any environment.
When incorporating recordkeeping requirements into new or existing information systems, an agency should assign responsibility to specific units or individuals for their development, maintenance, assessment, and upgrade. This process should involve teams drawn principally from agency management, information technology and records management.
Information managers, administrative support staff, and data processing professionals can take the following measures to ensure that records produced by automated information systems are accurate, reliable and accessible.
- Produce written policies and procedures to define normal operations for development, maintenance, and use of information systems.
- Provide training and support to help ensure that policies and procedures are understood and implemented by staff.
- Capture records, which document business transactions, into recordkeeping systems as close as possible to the time of creation or receipt.
- Develop adequate system controls to ensure the quality and reliability of the records the system produces.
- Develop and implement system audit trails to detect who had access to the system, whether staff followed established procedures, or whether fraud or unauthorized acts occurred or might be suspected in the system.
- Conduct routine tests of system performance. Automated information systems rely on system audits and routine testing to verify the accuracy and validity of data. System audits define the parameters of on-line system processing.
- Test and document the reliability of hardware and software by:
- routinely testing hardware and software according to a plan developed with the advice of the manufacturer;
- retaining all documentation related to hardware and software procurement, installation, and maintenance for at least as long as any records that depend upon those systems for access are retained; and
- maintaining operation logs and running schedules to document the reliability of system operation and performance.
- Provide adequate security by developing routines that limit access and update privileges to the appropriate people and prevent unauthorized modification of data.
- Establish controls for accuracy and timeliness of input and output through systematic procedures for data entry.
- Create and maintain comprehensive system documentation on all aspects of system design, implementation, maintenance, and oversight.
- Retain documentation describing how a system operated and describing the purpose, structure and origins of data for at least as long as any records that depend upon that system for access are retained.
It is essential that retention of records (as determined in records disposition schedules) is designed to facilitate future access as well as ensuring that records with only short-term value are systematically destroyed. The records designated for long-term retention must be periodically refreshed onto new media and migrated across software and hardware platforms in order to remain accessible and authentic over time. The software to access the records must also be maintained and associated with the appropriate records. This is particularly important in environments making use of storage area networks (SANs), Network-attached storage (NAS) or other means to separate data processing from storage management.
7.0 Deciding How Long to Retain Records
A key step in the process of managing electronic records, after we know what records we have now or should have, is to determine the length of time they need to be kept. A systematic process for determining the value of records will ensure that you only keep the minimum number of records necessary to meet your business and legal obligations. Failure to do this will increase the costs of doing business by clogging systems and hindering accessibility. It also increases the risk that valuable records could be lost or disposed of illegally in unsystematic 'spring cleaning' operations.
Not all records are valuable forever and, in fact, most records only have value for a relatively short time. This might seem like an obvious statement, but it is extremely important to remember when confronted with large volumes of records. How then do we decide what should be kept and for how long? The Archives' primary concern is to establish what is of enduring or archival value -- and, by implication, what is not -- through the appraisal process.
7.1 Determining the Value of Records
The Government Records Preservation Act defines records with enduring value as "all government records which merit preservation for historical, legal, fiscal, or administrative reasons, or for research," (K.S.A. 45-402 (e)). Although the State Records Board has ultimate authority to determine which records have enduring value, these guidelines are designed to help agencies identify records with enduring value. It is in agencies' interest for these determinations to be made as accurately as possible.
7.2 Appraisal Criteria
The long-term or archival value of records is determined through a systematic assessment of the value of a body of records against a set of appraisal criteria. Archival value is defined as:
These are criteria against which agency personnel and staff of the State Archives can assess the values of particular groups of records and the functions to which they are connected. The Kansas State Archives uses these criteria to determine records value and balances that determination against the cost of maintaining access to them over time.
When appraising electronic records, in addition to the criteria already mentioned, there are some additional factors which need to be considered: accessibility, manipulability, and quality as evidence.
Accessibility of electronic records has two components:
- It is possible to locate and retrieve records.
- It is feasible to access the desired records, given the quality of the retrieval tools and volume of records.
If the records are not accessible and their value does not warrant the cost of rendering them accessible, then they have no value. This may occur when electronic records have been stored in a format or by a system that is not compatible with the current system. It also occurs in situations where we can read the contents of the storage media are readable, but there is not enough associated metadata or contextual information to understand the meaning of the records.
These technological dependencies for access pose one of the most fundamental differences between traditional and electronic records. With paper records, the primary expense for long-term storage is the physical storage itself. A paper document that is left untouched in offsite storage will still be readable in 50 years, assuming the environmental conditions of storage are adequate. A digital document, however, requires a great deal of ongoing attention in order to remain readable for even 10 years, much less 50. Costs can be reduced significantly by moving records that require only occasional access onto cheaper and slower media (e.g. off of hard drives and onto tape) and supported with lower bandwidth, but the cost of keeping the records themselves accessible will remain. In the electronic context, appraisal and access are intimately connected. There is no value in retaining records that are no longer accessible, and the failure to destroy records that no longer have retention value makes access to the valuable records much more difficult. Anyone who has conducted research on the World Wide Web realizes that the more extraneous material one must search through, the more difficult it becomes to find what one is looking for.
If electronic records do remain accessible, however, their digital format offers distinct advantages over paper-based records. Access to electronic records and documents can be provided to multiple users at multiple sites, thereby overcoming one of the problems associated with traditional physical systems. This is one of the major reasons for keeping records and documents electronically.
A major characteristic which sets electronic records apart from other records is that they are manipulable as a group of records, as individual documents, and as the elements within individual records. The contents of a database can be manipulated much more readily and in ways traditional recordkeeping systems cannot. Specific documents can be retrieved from electronic document management systems and "repurposed" much more easily than records in manual filing systems. If there are no safeguards, however, individual records can be altered or deleted without leaving a trace. The advantage of manipulability can undermine the accuracy and authenticity of electronic records unless good security and system management are in place.
7.2.3 Quality as Evidence
As explained in Section 3.6, many information systems are not recordkeeping systems. When approaching the appraisal of electronic systems, it is important to establish whether any records are present or should be present before going any further. If information is stored in a system that lacks the means to determine when, how, and by whom its contents were created, then the value of the contents of the system as evidence is jeopardized. From an archival point of view, the lack of contextual information reduces the value of the records, even if the contents of the system might be useful for some types of analysis or reuse. If a system is used to create and store records, but it does not fully satisfy all recordkeeping requirements, one must decide whether the information contents are worth keeping and whether it will be possible to find or add documentation that will make the contents understandable and usable.
7.3 Appraisal Strategies
The appraisal strategy we propose is based on the process of functional analysis and the need to specify which records should be kept, rather than just the values of those that are being kept. In the electronic environment, because the content, context, and structure are not self-evident, experience has led us to the conclusion that we need to specify which records should be captured and kept accessible. This process enables designers to build recordkeeping requirements in at the systems development or upgrade stage.
We recommend applying the appraisal strategy to an entire function within the agency or, when appropriate, across agencies. This approach should take into account the variety of systems used to document activities, recognizing a mix of paper-based and electronic systems in some cases. It also allows for an assessment of what and where the most valuable records are so that you can be sure that they have priority for coverage and capture.
7.3.1 Advantages of Agency Involvement
Access to and management of records and information is vital to the success of any organization. Without effective strategies for records and information management state agencies run the risk of losing corporate memory and not meeting their legal obligations for accountability.
The appraisal of electronic records should not be carried out in isolation from the other records agencies produce. It is very important that representation from across the agency is involved in the appraisal process. Senior management commitment to the project is essential, because strategic decisions about policy, resource management, records and information management need to be taken corporately. Records management personnel will be required to provide expertise on recordkeeping requirements and the appraisal process. Information technology personnel will be required to identify and retain appropriate metadata, provide technical expertise, and undertake the capture and maintenance of electronic records.
Representatives from all areas of the agency should be consulted about the value of records and the way those records are created and used. As stated above, a functional analysis of an agency, involving all aspects of an agency's activities, is the first vital step in achieving comprehensive management of information.
7.3.2 Involvement of the State Archives
The State Archives, in conjunction with the State Records Board, is involved in the appraisal of records through its review of requests from agencies to dispose of records and as a means to fulfill its statutory obligation to identify and protect records with enduring value. Because of the complexities and special vulnerabilities of electronic records, involvement of the State Archives from the beginning of any electronic records project is highly recommended.
We can assist in the process of determining recordkeeping requirements by providing a legal basis (the records retention and disposition schedule) for the disposal of records. A comprehensive appraisal of agency records backed by an active disposal program will greatly improve the chances of finding what is needed as well as preserving valuable records for the future. It will also ensure that resources are not wasted on managing and attempting to provide access to records of limited value.
7.4 Records Retention and Disposition Schedules
It is illegal for agencies to dispose of records without the authorization, either directly or through the approval of a retention schedule, of the State Records Board. Kansas state agencies are thus encouraged to develop records disposition schedules for approval by the State Records Board (see Section 2.2). The schedules should be the result of an appraisal process.
Information technology and records management staff should ensure that all records including electronic records are being created and kept for the time specified in the schedule. The schedule can be used as a basis for implementing record retention periods in electronic information systems, although many Kansas electronic records have not yet been analyzed or scheduled for disposal.
The statutes, regulations, and guidelines which mandate that certain records be created also often specify how long they must be retained. If records are created and kept primarily to satisfy internal needs, then careful analysis is needed of the internal uses and potential external values for the records to determine appropriate retention periods.
8.0 Providing Access to Electronic Records
Access to Kansas State records is primarily governed by the Open Records Act of 1983 and subsequent amendments in 1995 (K.S.A. 45-215 through K.S.A. 45-223). Government records are available to the public unless they contain information that is exempt under Section 45-221 or other specific legislation. The Act provides for access to records by the public regardless of their physical format or location. A member of the public is entitled to access if the record is in the custody of the Archives, an agency or a service provider.
In the electronic environment, Kansas State agencies will retain and maintain many of the electronic records they have created. This means the provisions of the Open Records Act governing access are of particular consequence to agencies. Now, more than ever, the responsibility for reference and access is a shared responsibility between the Archives and agencies.
8.1 Responsibilities of Agencies
To operate effectively in an electronic environment, agencies need to:
- understand the access provisions of the Open Records Act,
- be able to make decisions about access to classes of records,
- implement a records access system for their own business purposes (including compliance with legislation),
- provide access to records, either electronically or by producing printed copies, and
- keep a record of access decisions and processes.
The Kansas State Archives expects that agencies may make electronic records available to researchers in electronic form. In making records available in electronic form, the Archives expects that sufficient systems functionality will be available for the researcher to both access and comprehend the records.
8.2 The State Archives' Role
At a broader level, the State Archives' role will be to:
- advise government on matters related to access to records with enduring value,
- set standards for their preservation and accessibility, and
- work with agencies to identify the access status of classes of records during system design, major modification or appraisal.
8.3 Access to Electronic Records in Agency Custody
The State Archives envisages that researchers pursuing a line of inquiry for the first time may approach the Archives to gain access to electronic records in the custody of agencies. The Archives will assist the researcher to:
- define and refine the inquiry,
- identify the appropriate agency, recordkeeping system and series (by using metadata and contextual information maintained by the Archives), and
- facilitate contact with the agency -- either by logging into an agency online system or identifying an agency contact from whom the researcher can receive assistance.
8.4 Provision of Secure Access
As mentioned above, the Archives expects that agencies will make electronic records available to researchers in electronic form and with the necessary functionality of the system.
To avoid any compromise of the security, integrity and functioning of an agency's electronic recordkeeping system, the Archives recommends that public access not be given to the live system but rather to a mirror site or parallel system. Any sensitive or classified records should be appropriately encrypted to prevent unauthorized access. This comment applies to all records regardless of their archival or access status.
9.0 Transfer of Electronic Records into Archives Custody
9.1 Policy Overview
In some exceptional cases (see Section 5.2), the Kansas State Archives will accept physical custody of electronic records of enduring value. The Archives and the agency must work together to ensure that the records are transferred to the Archives in an acceptable format and accompanied by sufficient metadata.
9.2 Criteria for Transfer
A decision by the Archives to accept custody of electronic records will be on a case-by-case basis. The following matters (among others) will be taken into consideration for any transfer proposal:
- The records have been appraised and have enduring value.
- The records have sufficient metadata and contextual information to meet the Archives descriptive standards for electronic records, including system documentation.
- It has been demonstrated that the administrative function which the records document has been discontinued by the Kansas legislature and
- there is no successor agency for the function or activity;
- there is no other agency or institution which could take custody of the records; or
- the records have a security classification which would preclude them from being stored by another agency or institution.
- The resource impact is assessed and is manageable.
- The records proposed for transfer conform with media and formats which the Archives can support at the time.
- The transferring agency will meet all processing requirements (including duplication) necessary for the records to meet the Archives' standards for transfer and access.
9.3 Transfer Requirements
A decision by the Archives concerning a proposed transfer be based on criteria set out in the guidelines developed by the Archives to assist its decision-making process. Such a decision will be conditional on a signed agreement being negotiated between the Archives and the agency responsible for the transfer. The agreement will set out the terms and conditions for the transfer and subsequent management of the records by the Archives including how they will be controlled, accessed, stored, and preserved.
The terms and conditions of any agreement must conform with general requirements of the Archives concerning:
- technical requirements for hardware, software, and media and
- requirements for metadata and contextual information.
The agreement may include provision for an agency to guarantee the undertaking of future specified action relating to the records.
9.4 Management of Electronic Records Taken into Custody
The basic principle for management of electronic records in the Archives' custody is that the records must conform with standards and media which the Archives can accommodate. This is so the records can continue to be accessed and preserved for the period required.
A transfer of custody may involve or result in a modification or reduction in the functionality of the records. Similarly, the structure of the records may have to be modified to facilitate management and access. Any such change will occur prior to transfer and will be specified in the Agreement with the transferring agency.
The transferring agency will meet all costs associated with any conversion action necessary to convert the records to an acceptable format and will provide any necessary new media or duplication required.
9.5 Contextual Information
In cases where the Archives accepts custody of electronic records, all relevant contextual information maintained by the agency should also be transferred at that time. The contextual information to be supplied will encompass both administrative and recordkeeping elements and will be used by the Archives to prepare public finding aids for the records. It will also be used for monitoring purposes. Supplying of information to the Archives should not be taken as a reason for agencies to cease maintaining contextual information for their records. Periodic updates of the information supplied to the Archives may be necessary, e.g. following an administrative change or a change in the purpose or content of the records over time.
10.0 Specific Application Types
10.1 Electronic Document Management Systems
Document management, as a process, is not restricted to records and indeed may not manage records at all. A document management system, for example, can control the distribution and access to electronic publications such as manuals and guidelines, library material and other information sources. Documents that may need to be managed may include personal material, notes, calculations, and rough drafts that have yet to be introduced into the business process. Documents may also include copies of records that have been taken out of their business context, yet have value as information sources and research material.
If a system does not support the preservation and access to evidence of business processes then the system is not a recordkeeping system - it is a document management or information system. It is the contextual aspect of records, including the relationship to other records and their value as evidence of functions, events, activities and decisions that most easily distinguish a recordkeeping system from a document management or information system.
Document management systems, however, will often be called upon to manage records. In these cases, the systems should have all the attributes of a recordkeeping system as discussed in Section 3.7. To achieve effective document management, agency librarians, records managers, archivists and information managers must be involved when considering new systems or reviewing existing procedures and processes. These professionals have the skills and experience to support effective document management.
10.2 Electronic Mail
Electronic mail (e-mail) can be captured and kept as evidence of business functions, activities or transactions. When e-mail systems are used to conduct, support or document official business, the requirements to create and keep records in relation those business processes need to be carefully evaluated for existing systems and prior to the implementation of new systems.
All information stores, including those used with e-mail, are potential sources of evidence and may contain documents and information that could be targets of Open Records Act requests. For these information sources to have value as records, however, they need to be incorporated into a recordkeeping system along with their content, structure and context. Records need to be created in relation to these forms of communication when there is the need to preserve the evidence of business functions, activities and transactions.
With e-mail, as with other forms of communication, a decision needs to be made as to what records are to be created and in what form. To have value as records, the captured information must reflect the business context of the message, preserve the content of the message and provide a structure for the record that reflects the structure of the original message that was of an evidential nature. Records need to have links to other evidence of the business process. In satisfying these requirements, the capture of contextual information and the transfer of records to recordkeeping systems should be automated where possible or at least made as simple as possible.
10.2.1 Advantages and Disadvantages of E-Mail Systems
E-mail has an image problem. In many organizations it has been introduced as an informal or even personal form of communication, with no regard to alerting staff of the implications of its use in the business environment (the creation of business records). Electronic mail users need to be informed and educated to understand that electronic messaging systems are provided at work to support official business, and that messages created in the course of duty are not the user's property any more than are business memoranda or letters. Use of messaging facilities for personal use is a matter for agencies to determine. Both business and personal use should be articulated in agency policy, guidelines and training.
E-mail is recognized as a legitimate source of evidence and can be the subject of subpoenas, discovery orders, and access requests under the Open Records Act, in the same way as any other records. There are advantages and disadvantages in using e-mail, as there are with maintaining traditional paper-based recordkeeping systems. Awareness of the pros and cons will assist in the promulgation of systematic rules to ensure appropriate records management practices.
Advantages of e-mail
- Transactions result in written documentation that would often not have been captured otherwise.
- Asynchronous communication (not requiring both parties to be engaged in communication at the same time) alleviates many of the problems associated with schedule conflicts.
- Composing messages is quick and easy.
- Transfer rates make receipt of messages almost immediate.
- Cost of transmission is lower than that of telephone or postal service.
- The time (although not always the correct time) and date of message exchange is logged.
- One person can send the same message to a number of people simultaneously (one-to-many communication).
- E-mail messages are not as intrusive as telephone calls.
Disadvantages of e-mail
- The same message is often filed in multiple locations, in both printed and electronic form, leading to storage problems and wasted resources.
- Informal or inappropriate use can become an agency liability.
- Without appropriate system controls, messages are easy to alter.
- There is usually a lack of systematic management, other than deletion for space requirements;.
- Deletion does not mean destruction (deleted messages can be retrieved).
- Multiple copies of messages or attached documents are often printed and filed, which is expensive in both time and paper.
10.2.2 E-mail Rules
Agencies should establish and operate within a set of e-mail rules. The following are examples of what to include:
- E-mail systems are provided primarily for business communications, and important transactions should be captured into an electronic recordkeeping system or printed out and filed appropriately.
- All e-mail is the property of the organization.
- Keep copies only for ongoing business reasons and delete material only in accordance with agency guidelines and approved retention schedules.
- Do not use the paper filing system as a dumping ground for electronic communications; only file on paper the important documents you have initiated or received.
- Avoid printing out documents that were sent solely to provide information.
- Avoid making hard copies of reference material such as articles or long documents that have been published elsewhere and can be cited.
- Avoid putting matters into e-mail messages that would not be put into office memos, and use sarcasm and humor with care; they can be very easily misunderstood without the benefit of accompanying body language.
- Provide a subject line that clearly and accurately reflects the contents of the message. This will greatly facilitate future retrieval of the message.
- E-mail systems must not be used to transmit any classified or confidential material, except where these systems have been established for such a purpose and have appropriate controls.
- Ensure that passwords are used in all e-mail systems. Scanned signatures should not be used in any circumstances, since they can be cut and pasted to give the appearance that a document was signed by someone who did not actually sign it.
- E-mail communication is not private. Administrators and other authorized personnel (and sometimes unauthorized personnel) have access to the system.
- You can use e-mail for private messages, bearing in mind the rules for e-mail management and exercising caution. Any opinions you express via external e-mail, where they are not related to the conduct of business, should be noted as your opinions and not those of the organization.
- Ensure e-mail systems, like all other electronic systems, are backed-up and maintained in accordance with systems management standards.
11 Resources for Additional Guidance and Advice
Legal issues of state records creation, retention and access:
Communications and computer security:
- Kansas Office of Information Technology Ser
- Kansas Information Technology Office (KITO)
- Exectuive Branch, Chief Information Technology Officer (CITO)
Records management and archival services:
- Records Officer in your agency
Kansas Historical Society, Records Management Section
Archives Authority of New South Wales, Documenting the Future: Policy and Strategies for Electronic Recordkeeping in the New South Wales Public Sector, Sydney: Archives Authority of New South Wales, July 1995.
Australian Archives, Keeping Electronic Records: Policy for Electronic Recordkeeping in the Commonwealth Government, Commonwealth of Australia, 1995.
Brodie, Michael L. and Michael Stonebraker, Migrating Legacy Systems: Gateways, Interfaces and the Incremental Approach, San Francisco: Morgan Kaufman, 1995.
International Council on Archives, Electronic Records Committee, Guide for Managing Electronic Records from an Archival Perspective, Consultation Draft, June 1996.
Kansas Historical Society, Kansas State Records Management Manual , June 1996.
New York State Archives and Records Administration, Center for Electronic Records, Building Partnerships Project, Final Report and Working Papers, Albany, 1995.
State University of New York, Office of Archives and Records Management, "Guidelines for Management and Preservation of Electronic Text Documents," SUNY Systems Administration, OARM, November 1995.
United Nations, Administrative Committee for the Co-ordination of Information Systems, Management of Electronic Records: Issues and Guidelines , New York: United Nations, 1990.
United States, National Archives and Records Administration, "Records Management Requirements for Electronic Recordkeeping," College Park, MD.: NARA, Office of Records Administration, 1996 (Draft).
University at Albany, Center for Technology in Government, "Models for Action, Project Concept Paper," Albany, NY, May 1996.
University of Pittsburgh, School of Library and Information Sciences, Functional Requirements for Recordkeeping .