The chief executive officer of an organization with multiple divisions and tens of thousands of employees across the United States wants to minimize the risk of lost records, reduce costs and enhance the ability of the organization’s employees and customers to use the information and knowledge it collects. The CEO asks each operating unit to update and enhance its records management policies and practices.
Proper Management of Electronic Records
In most companies today, 90 percent or more of the records being created are electronic. The overwhelming growth of electronic messages—email, instant messaging, texts and tweets—and the likelihood that messages are stored multiple times on various media make the management of electronic records a critical business issue. How that information is managed has significant business, legal and technology ramifications. However, from a records management perspective, the medium used to create, deliver or store information is irrelevant; it is the content of a record that mandates how the document should be managed. Yet, in many organizations, the realm of records management still focuses on paper folders, physical file rooms and dusty warehouses. As the amount of electronic information grows, the ability to manage that information, which is often very valuable to an organization, can diminish rapidly.
Presidential Memorandum on Managing Government Records
On November 28, 2011, President Obama issued a presidential memorandum directing all executive agencies to begin reforming records management policies and practices. Although the requirements of the memorandum apply only to federal agencies, this marked the beginning of an executive branch-wide effort to develop a 21st century framework for managing government records. According to a 2012 memorandum from the Office of Management and Budget, the expected benefits of this effort include:
- Improved performance, transparency and accountability due to better documentation of actions and decisions;
- Better identification and transfer of permanently valuable historical records to the National Archives; and
- More efficient operation and minimized costs.
As of 2015, 24 federal agencies had taken actions toward implementing the directive on managing government records. On June 28, 2019, the Office of Management and Budget issued an updated government-wide memorandum for Heads of Executive Departments and Agencies Number M-19-21 (archives.gov) consolidating prior records management guidance and establishing goals for electronic recordkeeping to support efforts to transition to a fully electronic (that is, paperless) system. The goals announced include:
- By 2022, federal agencies will manage all permanent records in an electronic format and with appropriate metadata.
- Federal agencies will continue to maintain robust records managements programs, supported by updated records management regulations and guidance developed by the National Archives and Records Administration.
Lessons for the Private Sector and Non-Government Organizations
Federal agencies are not the only entities that need to follow good information governance practices. State agencies, non-governmental organizations and private companies should also take note of the importance of efficient, modern and legally sound records management policies and practices and:
- Designate an official who is knowledgeable in records management practices. Whomever is tasked with analyzing, updating and improving the management of records should be familiar with the entity’s current records management protocol as well as more recent developments in the field, especially practices for electronic records (including email and social media), data protection and cloud-based services.
- Allocate sufficient resources. Although a principal benefit of records management reform is long-term cost savings, entities will likely need to allocate resources in order to enact these money-saving procedures.
- Familiarize senior management with records management requirements and benefits. Records managers in private companies and non-governmental organizations can work to educate senior management on records management legal obligations, including data privacy and regulatory obligations, and the benefits of information governance to business efficiency and, ultimately, the bottom line.
- Make information governance a priority for the entire organization. The successful implementation of improved records management policies can cut costs, streamline the organization’s information management system and facilitate a more efficient and effective response to the demands of litigation. Also, knowing what, and where, records are maintained will be invaluable when responding to a data breach or in the case of a disaster recovery.
- Implement information and records management policies and procedures that are realistic, practical and tailored to the organization’s circumstances. No single standard or model can fully meet every organization’s unique needs. Each organization should consider its own particular business needs, operations, IT infrastructure and regulatory and legal responsibilities and aim to put in place a practical, flexible and scalable records management policy.
- Do not retain all electronic information ever generated or received. This is especially important in today’s world of email, instant messaging, text messaging and multiple duplication of data for disaster recovery and other purposes. Absent a legal requirement to the contrary, an efficient records management policy will include programs that routinely dispose of redundant records and other data.
- Suspend ordinary disposition practices as necessary to comply with preservation obligations related to actual or reasonably anticipated litigation, government investigations or audits. Legal holds should be tailored to the legal requirements of the situation and informed by legal judgment. Moreover, effectively communicating and ensuring implementation of notice of a legal hold is an important component of an organization’s records management policy.
In an era when even a portable device—a single smartphone, laptop or tablet—can hold substantial and highly confidential information, it is important that entities have effective and workable records management programs and policies. Knowing what electronic records are kept, where and how to access them and when to discard them is a good way to start the process of developing and implementing an information governance program for the digital age.