Electronic Records Management Guidance
The Records Management team provides guidance and support to faculty and staff to help ensure that College electronic records are created, maintained, disseminated and destroyed in a manner consistent with legal and regulatory requirements, industry standards, and College policies.
Electronic Records Management Best Practices
File Plan for Records
- Classification scheme that organizes records according to business function, across a department or division. It includes retention schedules and disposition methods, document descriptions, archival value of records, indexing keywords.
It answers the key questions
- How long do we need to keep these documents (retention)?
- What do we do with them when we don't need them anymore (disposition)?
- How will we handle eDiscovery?
- Are we in compliance with our policies and applicable laws?
A file plan also
- Helps reduce the amount of content, saving time and money in future migrations and ongoing storage costs.
- Identifies R.O.T. (Redundant, Obsolete, and Transitory data) is unstructured information scattered throughout the College that has no value and should not be retained.
- Ensures historical records are identified and transferred to the College Archives
File Plan Components
- Document Types (DocTypes):
- Name and description of documents
- Identifies the purpose and value of the document (historical, administrative, legal, fiscal)
- Individual words that indicate the content of a document.
- Enhances ability to search for DocTypes
- Retention and Disposition Schedules
Benefits of a file plan
- Standardized, transparent approach to classifying all College records regardless of department or office
- Applicable to all records regardless of format or medium
- Enables greater control through consistent analysis, oversight, and management of records across an office or department
Security of Electronic Records
Security should aim to minimize unauthorized addition, modification, alteration, erasure, or deletion of data, records, and documents. It should ensure that only authorized personnel have access to records.
In order to ensure compliance with the DISC policy control objectives, College departments and offices should:
- Ensure that only authorized personnel have access to electronic records
- Backup records to protect against information loss
- Train staff on how to safeguard sensitive or classified electronic records
- Comply with requirements of the Dartmouth Information Security Policy
Maintenance of Electronic Records Storage
In order to achieve compliance with the existing College policies, departments and offices need to ensure that College records throughout their lifecycle, meet the following requirements:
- Easy retrieval in a timely fashion
- Utilize a standard naming convention for folders and files
- Distinguish clearly between record and non-record material
- Include the label of archives to folders that contain historical or permanent records
- Retain the records in an accessible format until their authorized disposition date in accordance with the approved retention schedule
- Avoid the use of magnetic media not specifically designed for purposes of long- term storage for the exclusive long-term storage of permanent or unscheduled electronic records
- Ensure that information is not lost because of changing technology or deterioration by converting storage media to provide compatibility with the public entity’s current hardware and software. Before conversion to a different medium, College departments and offices must determine that the authorized disposition of the electronic records can be implemented after conversion
- Back up electronic records on a regular basis to safeguard against the loss of information due to equipment malfunctions or human error
Retention and Disposition of Electronic Records
In order to achieve compliance with existing College policies, departments and offices should establish procedures to ensure that electronic records and their documentation are retained as long as required by the applicable retention schedule. These retention procedures should include the following provisions:
- Scheduled disposition of all electronic records, as well as related documentation and indexes, by applying the retention schedule.
- Scheduled Transferring of permanent or historical electronic records and any related documentation and indexes to the College Archives.
- Established procedures for regular recopying, reformatting, and other necessary maintenance to ensure the retention and usability of electronic records throughout their authorized life cycle.
- No electronic record should be disposed of if it is subject to a dispute, audit, investigation, or litigation, or subject to other legal retention requirements.
Destruction of Electronic Records
Records, including those in electronic format may only be deleted or destroyed in accordance with Records Management Policy Committee-approved retention schedules and DISC Policy Control Objectives.
In order to achieve compliance with the existing College policies, departments and offices should establish procedures to ensure that electronic records and their documentation are destroyed only in accordance with a retention schedule approved by the RMPC. Each College department and office should ensure that:
- Electronic records scheduled for destruction are disposed of in a manner that ensures protection of any sensitive, proprietary, public safety or security information and makes it impossible to reconstruct the records.
- Ensure the trash folders and recycle bins on devices are emptied in compliance with approved retention schedules.
- Magnetic recording media previously used for electronic records containing sensitive, proprietary, public safety or security information are not reused if the previously recorded information cannot be properly destroyed or rendered unreadable.