Email woes

A lot of ink, bytes, or whatever other method of inscribing text onto a medium have been spent in the last couple weeks on the Jeb Bush emails. There are a number of angles to take on the disclosure, takedown, redaction, and mea culpas without even getting into the content the email messages contain. From a purely archival/state records perspective, L’Archivista’s two posts on the affair are (as usual) better than most anything else. As such, I won’t try to top her here.

As it happened, I’ve been thinking (wrangling? despairing?) about email recently at work. My institution acquired a large cache of email and other electronic records (not to mention, the paper kind) from an administrator in the latter part of 2014. The recent events with Jeb Bush highlight what  I had thought were particular to my case but are potentially universal.

Continue reading “Email woes” →

Advertisement

SAA Annual Meeting: Unconference Discussion (better late than never)

The RMRT meeting at 2014’s Archives*Records: Ensuring Access (aka SAA Annual Meeting) started with a lively discussion of some proposed bylaws changes for the roundtable (read more about them on this blog’s previous post). After the business portion of the meeting, we shifted formats small group discussions around a few topics. Unable to make the meeting? Were you there, but want to relive the excitement? Were you there, but so engaged in one conversation that you couldn’t sample the others? Fear not, full notes (taken by participants) are compiled into this document.

Thanks to everyone who participated! Special thanks to the notetakers!

Compliance makes a poor, if obvious, cudgel

Information Week published an article at the end of May on the federal government’s efforts to meet the 2012 Managing Government Records Directive regarding the management of records in electronic form. One quotation, from the Nuclear Regulatory Commission’s Deborah Armentrout discussing calls to justify the expense of an electronic records management program caught my eye.

Continue reading “Compliance makes a poor, if obvious, cudgel” →

Anecdotally, assessment is really hard.

Since moving back to my home state, I tend to see a bit more of my father than I had over the previous couple years (shocking, right? It’s almost as if there was a causal relationship between the distance I was from my parents’ house and the frequency with which I visited my parents’ house). My dad runs a chiropractic practice and, like many healthcare providers across the country, has been moving toward electronic recordkeeping for his patient files.
Continue reading “Anecdotally, assessment is really hard.” →

Two items on authenticity

Two items had me thinking about authenticity of digital records this week. Both exist in that somewhat nebulous region between (consisting of both?) records management and digital preservation. They are both unrelated to one another, so here’s a head’s up about the coming rough transition.

Over the past couple years the institution that employs me has been working with an organization to preserve their records (big surprise, eh?). Last week we started discussing their electronic records. Without getting specific, the organization operates in multiple, geographically disparate locations and has demonstrated itself to be highly organized and with a grasp on records/information/knowledge management. When it came, however, to discussing their electronic records, they had little perception of the issues attendant in making minor changes to clean up files that were created ca. 1996. Leaving aside the (in)ability of modern software to render files from that time period, losing the creation and modification dates associated with the files calls into question, on some level, the authenticity of the records. If we’re unable to acquire the original media, the issue immediately becomes one of how well they have documented their custody of the digital material, including when files were migrated, edited, or otherwise changed. And my role becomes one of counseling the organization on what to document about their electronic records and how to organize them so that users not familiar with the contents can attempt to navigate to the desired information without viewing each and every file. While this sort of pre-custodial intervention is demonstrably different from past practice with many physical record groupings, it is not, I believe all that different from the consulting work records managers perform with record creators and their active records.

Okay, so the abrupt tonal shift happens here. A doctoral student at the University of British Columbia has sent out a call for participation in a survey on digital records and authenticity. If you’re on the E-Recs Listserv, you have likely seen this request already. So while it’s not specifically a records management issue, I think it’s worth your participation if you do any management of electronic records. Information about her study, and a confidentiality statement are included after the jump.

Continue reading “Two items on authenticity” →

A few thoughts on Franklin County

If you pay attention to the archives and records management world on Twitter, you may have seen a news item make the rounds over the past few days. The story concerns the discovery and disposition of a cache of documents dating back to the mid-19^th century in Franklin County, North Carolina. In lieu of retelling the entire story, I will offer this bulleted list:

Continue reading “A few thoughts on Franklin County” →

Social Media Content as Records: 2 recent documents from NARA

Piggy-backing off Meg’s post from a couple weeks ago (read it! You won’t be sorry!), a brief discussion of social media as records may be of use. A recent discussion on the always useful Recmgmt-L list pointed to two documents from NARA on social media as records. Both take the form of practical guidance(!), always welcome in the LIS world, particularly when it comes to electronic records or digital preservation.

The first is NARA Bulletin 2014-02 (October 2013), which serves as a springboard for a major concern I have with some discussion of social media and the archives. Much of the conversation, at least in the archives world, starts from a place where an institution has already decided that output on social media is something worthy of longterm (if not permanent) retention. And while that may be the right choice for one institution, larger institutions may end up with a lot content that is merely recycling content better suited for capture in a different format. Bulletin 2014-02 does not start with this assumption: “Some social media records may be temporary; with a transitory, short, or long term retention. Some may even be permanent…” By applying traditional records management concepts to the social media output and outlining the challenges to records management posed by social media the bulletin insists that agencies confront Twitter, Facebook, and the like instead of adopting a blanket capture (or worse, blanket ignore) strategy.

Continue reading “Social Media Content as Records: 2 recent documents from NARA” →

Third party records services: two cautionary tales

In recent months, two worst-case scenarios got me thinking about outsourcing duties associated with records management. The first was the settlement of a Qui Tam complaint in the Pennsylvania area. In it, Iron Mountain and Shred-It agreed to damages payable to the federal government for failing to shred documents to the specification required by their contracts. For me, the crux of the scenario does not pertain to the particulars–the General Services Administration (GSA) has more stringent destruction requirements than do most other organizations–rather, that the breach of contract wouldn’t have been discovered if not for the complainant. The complainant owns a smaller document shredding company and, familiar with the shredding equipment and procedures employed by the larger vendors, surmised they were unable to dispose of records to the specifications required by the GSA.*

The other scenario was the discovery, via internal audit by the Office of Inspector General of the Environmental Protection Agency (EPA), that an off-site storage facility managed by a third party fell victim to a startling lack of agency oversight. The most salacious discovery is that the contractor’s employees had set up (and hidden from cameras with boxes) television sets, refrigerators, and exercise equipment. The employees had even used EPA paper stock to document exercise routines. Apart from the headline-grabbing recreation centers, the other serious issue at the facility was the existence of “old archived files located in the warehouse dated back to 1992” (p.4). As expected the EPA reacted responsibly: they conducted an inventory of the records to identify any instances where personally identifiable information (PII) had been disclosed, developed security plans, and cut off ties with the contractor.

Both events are directly related to the work we do with records management, regardless of our institutional context. Most obviously, the scenarios reinforce the necessity for close examination of potential contractors. In the first scenario, the GSA awarded contracts to companies that used equipment that did not meet the GSA’s own requirement. Second, it reinforces the need for records managers to either have the authority (or have a close relationship with authorized personnel) to negotiate contracts with third parties. Finally, it highlights the need for records managers to have clear lines of communication with any internal audit unit within their organization. In the first scenario, there is little to indicate that internal measures would have discovered the inadequate shredding. In the latter instance, an internal audit office of the EPA discovered the contractor’s practices, as well as highlighted the EPA’s own problems with respect to retention and storage of records with PII at the facility. Many records professionals have a relationship with their organization’s audit office, but I would hazard a guess that many do not. In any event, both instances make for good cautionary tales, and would make good campfire stories for your next records management-themed Halloween party.

* Caveat: the articles and blog posts I’ve read about the event are apparently based on the same press release, which was written by the law firm bringing the complaint. Understandably,