Key digital recordkeeping enquiries June 2012 July 3, 2012
In May 2012 we posted a summary of what key digital recordkeeping enquiries we had received from NSW agencies in the month and what responses we gave. We thought that perhaps it might be helpful to others pondering the same issues.
A number of people viewed this post, so we have decided to do a similar post each month. This month we give advice on SharePoint, social media, digitisation and metadata.
Note: Advice is relevant to the NSW public sector.
SharePoint
An organisation with an EDRMS and SharePoint enquired about when to use SharePoint and when to use their EDRMS for records capture (the two are not integrated). This would depend on the types of records created in SharePoint, the version (Server, Online or Foundation) and how the SharePoint implementation is configured.
The Checklist for assessing business systems can be a useful tool when determining whether SharePoint will meet the requirements of a digital recordkeeping system in the Standard on digital recordkeeping. If it is determined that the organisation’s particular SharePoint implementation lacks the necessary features and functionality to adequately manage records, they should capture these into the EDRMS. Alternatively, the organisation may make a risk-based decision that some records can remain in SharePoint if they are low-risk and of short term value, but that high risk records and records of long-term or archival value should be captured into their EDRMS. Some organisation could choose to keep working papers in SharePoint but capture final versions into the EDRMS. Any decisions such as these must be made with a full understanding of the risks involved, and the decisions should be documented.
It is important to note that SharePoint 2007 and SharePoint 2010 out of the box will not keep and manage records in compliance with the Standard on digital recordkeeping. For example, SharePoint 2010 must be configured and/or enhanced with add-on software to: restrict or permit access to records by specified individuals or groups; capture and manage the minimum required recordkeeping metadata described in the Standard: capture metadata documenting a record’s disposal.
State Records is currently developing guidance for NSW public offices about the recordkeeping features and functionality in SharePoint 2010. The purpose of this guidance is to highlight features and functionality that are not provided with SharePoint ‘out of the box’, and to identify whether SharePoint can be configured or otherwise enhanced to provide these features and functionality. It is hoped that NSW public offices will refer to this guidance when planning and designing a new SharePoint implementation or when assessing how recordkeeping features and functionality can be incorporated into an existing implementation. We are hoping to publish an exposure draft of this guidance by the end of the month.
Social media
Another organisation enquired about the long term preservation of wikis. They were referred to the Records management and web 2.0 guidelines. An important thing to check with wikis is their capacity to export data out of the system and the range of choices for export.
We continue to receive enquiries about how to classify or sentence social media records. Like any format, they should be classified or sentenced according to the business being conducted.
If you are interested in social media and recordkeeping check out our other blog posts on this issue.
Digitisation
Further digitisation enquiries were received this month, most concerning the disposing of original records after digitisation. They were referred to the relevant information in General retention and disposal authority: imaged records and the Disposal of original paper records after digitisation section of the Managing digitisation programs and projects guidance. [UPDATE – January 2015: GA36 has been replaced by GA45]
Other enquiries were about whether our technical specifications for digitisation could be departed from. The technical specifications in the Managing digitisation programs and projects guidance are recommended only. If an organisation wishes to depart from these, they need to conduct a risk assessment where they analyse all relevant factors including the:
- nature of records involved in the program/project
- the essential characteristics of the records that need to be reproduced
- whether the original paper records are going to be destroyed
- which version of the records will be required as evidence of business
- the length of time for which the digital images need to be retained or are expected to be accessible (the longer they are required the more rigorous the specifications should be).
This assessment should be documented as it may be required to justify your choice of specifications in the future. If the records are required as State archives, then State Records should be contacted and can help the agency determine the most appropriate technical specifications.
Metadata
One organisation enquired about whether metadata about records should be able to be amended or deleted.
Metadata is effectively a record and therefore shouldn’t be destroyed or altered because it is evidence of how a record was created, managed and used. However, there will be occasions where metadata needs to be changed, e.g. if there are mistakes in manually entered metadata or business circumstances require changes to metadata to enable records to be retrieved. Such changes are necessary, though the ability to change metadata should be controlled and restricted to a few officers.
Where possible organisations should try to prevent changes to or removal of important metadata that is required for evidential purposes. For example, some systems give users the capacity to overwrite data. Where important evidential metadata like date or author or client or other key information can be altered, this is very problematic as it jeopardises the accuracy, authenticity and integrity of the information. Section 1.3 of the Standard on digital recordkeeping says that business systems must keep read-only versions of records. Metadata is a part of a record and so it is therefore should also be read-only.
The Standard on digital recordkeeping also indicates that ‘Recordkeeping metadata must be disposed of in accordance with the requirements of the State Records Act’. Some metadata can be destroyed in accordance with authorised disposal tools. However certain key metadata elements (principally the key elements defined in the Standard on digital recordkeeping and elements that the organisation specifically requires to continue to perform its operations and access its information) must be kept and kept in read-only form. They must be kept through system migration, and kept linked to the records to which they relate. A small metadata record must also be kept after a record has been destroyed.
If you are from the NSW public sector and have an enquiry about digital recordkeeping, please contact govrec@records.nsw.gov.au Note: As resources are limited there may be some delay in responding to your enquiry.
Thanks for sharing the link to “Recordkeeping In Brief 42”, the spreadsheet tool for documenting business systems on this list may prove very useful.