Record Keeping

Electronic Record Keeping in the Government

Managing Electronic Records: the background

The Impact of Technological Change

The impact of technology on business and therefore records management is not a new phenomenon. For example the introduction of the telegraph, typewriter and the telephone altered forever the way business was done and the almost universal reliance on correspondence as the life-blood of the business process. For the clerk or the archivist or records manager, though, while technological change has been with us for some time our principal concern has been the creation and management of paper records. Even with the general introduction of computers into office environments our primary concern has still been the paper (whether input or output) generated in the process. The ‘paperless office’ was a concept well ahead of its time.

Even with advances in technology these ‘computers’ maintained a similar relationship to business as does the calculator today. They were essentially used to provide answers to complex mathematical or logistical questions. They did not, and were not designed to, keep ‘records’ although increasingly they had ‘memory’ and the ability to ‘recall’. There was a time when we thought computer records were actually those massive reams of printout or the tapes and other media used to store the data which the computer could ‘read’. The printouts were ‘records’ in a sense, even if they lacked the contextual information for any one outside the area that produced them to decipher them. But they weren’t electronic. Tapes and other media are capable of being read by electronic devices (as long as the software and hardware is available to read them) but they are merely carriers.

Things have changed. Computers are now not just for specially trained technicians. The vast majority of people have one on their desk at work and possibly one at home. Some people now do their work from home and communicate with the ‘office’ via a modem. Computers have become smaller, faster, cheaper, portable but probably more critically can now ‘communicate’ with each other. With the advent of networking, EDI, FAX software and the INTERNET communications, transactions, business activities occur at the speed of light, many without human intervention and many either not captured or maintained as records.

More specifically technological change impacts on the established electronic environments as hardware and software undergo evolutionary processes at an exponential rate. At the hardware level changes to both machinery and capability as well as to storage media are in some cases an almost annual event. On the software side development is even more rapid to the point where companies ‘market’ software which doesn’t even exist yet; i.e. vaporware.

Examples of these changes include:

• upgrades to newer versions of operating systems or application programs;
• upgrades of hardware platforms;
• the development of compound documents; and
• migration issues arising from the first three.

In the process of upgrading systems it is usually the practice for only the data which is ‘live’ to be migrated to the new platform to meet current business needs. The non-current data will often not be migrated at the same time. In addition to this the functionality of the system might change as part of the upgrade process. Why is this of concern?

The longer the non-current data awaits conversion the more difficult the process becomes as the time increases after the system upgrade. In certain cases the data may actually be written off because it has no immediate value or as a cost cutting measure. This can cause problems down the line if the process is not conducted systematically and valuable data is lost.

If the functionality of the system changes then the new or ‘improved’ system is different from its previous manifestation. Even if the function which is being managed is the same, improvements or alterations to any given system can affect user views via changes to the data, applications and access privileges. This process has implications for the production of evidence. For example if an appeal is lodged over the rejection of an application for benefits and part of the evidence is contained in the Benefits Case Management System it may be very difficult to reconstruct the user view if there have been modifications or upgrades to the system between the original application and the consideration of an appeal.

Decentralisation of Computing Power

In the last ten years of computing the power has literally gone to the people. With a computer on ‘every desk’ now and the development of inter and intra agency networks large amounts of computer power and much control now rests with individuals. The negative side of this equation has seen a shift in power without an accompanying systems administration or regulatory structure. A very similar result, in fact, to that which has occurred with the decentralisation of traditional registry systems. Individuals now have a great deal of control of the documentation process, whether it be in paper or electronic environments, without procedures and structures in place to enable them to exercise an informed choice. Many organisations have only recently awoken to the fact that their greatest asset (after people and dollars), information, is not adequately or systematically managed. As a consequence resources which could be more effectively utilised in the pursuit of organisational priorities are often wasted because of poor access to and control over this information.

Risks associated with uncontrolled environments

There are a number of risks associated with this type of environment, whether it be unregulated end users or deficient IT practices. They are:

• uncontrolled accumulation of records, documents and data;
• inadvertent destruction of records, documents and data;
• unauthorised tampering with records and documents; and
• lack of or absence of systems documentation and associated metadata.

If these characteristics are present in your system they can cause:

• system paralysis or at the very least hindrance in accessing information;
• additional costs associated with the purchase of additional storage;
• increased risk of wholesale, unsystematic and possibly illegal destruction;
• loss of valuable business and archival records;
• increased risk of security breaches;
• unauthorised alteration or deletion of records (loss of evidence);
• public embarrassment;
• unnecessary delays in or breakdowns in the business process; and
  lack of public accountability.

Electronic information systems not designed to keep records

With the increasing use of computer systems to document or undertake processes previously undertaken or documented manually we have assumed, until relatively recently, that ‘records’ were still being produced as they were in the manual systems. The realisation that records may not be created or kept by computer systems forces us re-evaluate our entire strategy for the management of records in the electronic age.

Many electronic information systems are designed to support current business needs for information but they are often not designed to keep records of transactions carried out using them. Where information systems do have some form of recordkeeping functionality built in the records usually lack sufficient business context to be used as evidence or they are not captured for the necessary periods of time5.

Consequently if electronic information systems are used to conduct business transactions, but do not function as recordkeeping systems, there will be no evidence of those transactions. Without this evidence your organisation will lose its corporate memory, will face increasing difficulty in meeting its accountability requirements and the nation as a whole will lose significant portions of its archival heritage.

Providing Access to Electronic Records

Access to Commonwealth records

Commonwealth records are available to the public when they reach thirty years of age unless they contain information that is exempt under section 31 of the Archives Act. It is important to remember that Commonwealth records ordinarily become available to the public after thirty years regardless of their location and regardless of their format. Consequently, a member of the public is entitled to access if the record is in the custody of the Archives, in agency custody or in the custody of a service provider. In certain cases access can be provided to records prior to this point if the records are in the public domain or a special access application is granted.

In the electronic environment Commonwealth agencies will retain and maintain the electronic records they have created. This means the provisions of the Archives Act governing access are of particular consequence to your agency. The responsibility for reference and access to electronic records now becomes a shared responsibility between the Archives and your agency.

Responsibilities of agencies

To operate effectively in the electronic environment agencies will need:

• to understand the access provisions of the Archives Act [and Freedom of Information Act]
  to become familiar with the framework of access and reference policies and services developed by Australian Archives
• to know what records are thirty years old and how to calculate the age of records (see below)
• to be able to apply the access decisions for classes of records or be able to refer the need for a decision to the Archives
• to implement a records access system both for their own business purposes (including compliance with legislation) that has regard for the technological, policy, procedural etc aspects
• to nominate staff able to liaise with the Archives as well as official and public researchers
• to provide copies of or electronic access to records
• to keep a record of the access process.

Australian Archives expects that agencies will make electronic records available to researchers in electronic form either via a network or directly. In making records available in electronic form the Archives expects that sufficient systems functionality will be available for the researcher to both access and comprehend the records .

What is Australian Archives’ role?

In the broader realm Australian Archives’ role will be to:

• advise Government on matters related to access in a policy and legal sense (eg should the open access period remain at thirty years)
• set standards of service
• advise agencies of their responsibilities under the access provisions of the Archives Act and how best to satisfy them
• monitor and report on progress or difficulties with compliance
• advise researchers of their rights under the access provisions of the Archives Act
• undertake internal reconsiderations and preparation for cases before the Administrative Appeals Tribunal.

More specifically the Archives will work with agencies to identify the access status of classes of records – at the system design and or major modification stage or at the appraisal stage

Under Section 28 of the Archives Act the Archives and its staff are entitled to have full and free access, at all reasonable times, to all Commonwealth records, regardless of format, in the custody of a Commonwealth agencies.

Access to electronic records in agency custody

Australian Archives envisages that researchers pursuing a line of enquiry for the first time will for the time being approach us first. The Archives will assist the researcher to:

• define and refine the enquiry
• identify the appropriate agency, recordkeeping system and series (by using metadata and contextual information maintained by the Archives)
• contact the agency – either by logging straight into the agency system (from the premises of the Archives or elsewhere) or by speaking to the agency contact who will assist to make the necessary arrangements.

Provision of secure access

The Archives expects that agencies will make electronic records available to researchers in electronic form and with the necessary functionality of the system.

To avoid any compromise of the security, integrity and functioning of an agency’s electronic record keeping system the Archives recommends that public access not be given to the live system but rather to a clone or parallel system. Any sensitive or classified records should be appropriately encrypted to prevent unauthorised access. This comment applies to all records regardless of their archival or access status.

Networked access

As the world became smaller, beginning in the late 1960s with the introduction of satellite communication, it is now becoming even smaller with the massive linkage of computer systems world wide. The INTERNET is but the most famous example. We are now moving rapidly from a physical world to a virtual world where access to information and services is available to anyone from anywhere if you have access to the appropriate technology. The recent Government report on broadbanding services entitled, “Networking Australia’s Future” is a major public recognition of this phenomenon and sets out strategies necessary to ensure this country is equipped to deal with and benefit from these emerging technologies.

In this environment, the concept that access to archival electronic records [and significantly images of other more traditional records formats] via networked systems starts to become perfectly logical. The electronic world in which virtual archives will exist as part of major information networks is now upon us. In this world researchers anywhere will be able to access records anywhere without having to know anything about:

• what agency, organisation or person created records of relevance to them
• how to understand the record keeping systems and the records themselves
  the technology and software needed to permit access.

We envisage that this information will be available to the user to ‘encounter’ as they do their network ‘surfing’

Now the Archives recognises that while the technology exists to allow the operation of virtual archives the standards and frameworks necessary have to be more fully articulated, developed and tested. However, the provision of access to government records, electronic or otherwise, is just one of many services provided by the Government to the community. The principles of access and equity ( as well as business sense and common sense) will dictate that access to not only archival information but Government information generally will be increasingly via electronic means.

Access outside scope of Archives Act

The Archives Act requires Commonwealth records to be made available to the public when they are thirty years old unless they contain exempt information. However, the Act also makes it clear that it is not intended to prevent the disclosure of information where agencies believe they can properly release it or are required by another law to do so. Section 58 of the Archives Act acknowledges formally that the release of information may occur in such circumstances.

It should be noted that officers releasing information or records outside the terms of the Archives Act are not protected from actions for defamation, breach of copyright etc as they are (by section 57 of the Archives Act) when release is under the conditions of the Archives Act.

What is a 30 year old electronic record?

The up-datable and manipulable nature of electronic records presents a challenge to the concept of public access .

The Archives will not accept that each act of up-dating is an act which triggers the countdown to thirty years, as this could effectively deny access to Commonwealth records forever in defiance of the law. The Archives is also seeks to ensure that the means for establishing the age of electronic records is preserved along with the records which need to be dated.

Further research will be required on this issue, but at present we would recommend that the date on which a transaction occurs or sequence of transactions is completed should be taken as the date against which to age the record. Some records, such as case management records, will build up over time. Generally, the date of completion of the case will suffice, although if the case is reactivated or the client applies for a different service from the same agency after a significant break then two or more groups of records with different completion dates will eventuate. These groups of records, if they have long term value, will therefore reach 30 years of age at different times.

In cases where the original transactions occurred on earlier electronic or manual systems the date of the original should be used not the date of transfer onto the current system. For example, the age of information about war veterans captured at the end of World War I but entered onto a Veteran’s Affairs case management system in 1985 would be determined from 1919 not 1985.

In many instances it will be difficult to tell precisely what the age of certain electronic records are because this type of metadata has not been kept. In those cases a judgement will need to be made based on the available information.

To avoid a continuation of this situation we recommend that as a minimum, for electronic records which have been earmarked for long term retention, the following attributes be assigned: date/time stamp for creation, addition, modification and migration

For those records created which derive data from previous recordkeeping systems, including manual systems we need to add the date original data was captured.

Those records which are complete should be ‘locked’ to prevent any subsequent alterations or inadvertent destruction.

Access Scenario

Naturalisation (or citizenship) records are some of the most heavily used records in the Archives’ custody. In the paper environment should records over thirty years of age which are sought for public access not be in Archives’ custody the Archives makes contact with the agency to identify the appropriate records and to have them transferred to the Archives so that they can be examined and made available.

In the electronic environment the Archives will not have physical custody of records documenting who received citizenship and when. The records will undoubtedly remain of high reference value and, when they are thirty years old, will be eligible for access by the public.

We envisage that researchers will still approach the Archives first. Archives will assist the researcher to:

• define and refine the enquiry
• identify the appropriate agency, recordkeeping system and series
• contact the agency (either by logging directly into the agency’s archival record system or by making arrangements with the agency for the researcher to get access to the records and relevant copies if needed).

In the example cited above the Department of Immigration and Ethnic Affairs (or its successor) with the assistance of the Archives will need to ensure that the records remain accessible and useable, and to provide the necessary infrastructure to meet public and official client requirements. In some cases this may be provided direct by the agency.

Source: Australian Archives, Keeping Electronic Records: Policy for Electronic Record keeping in the Commonwealth Government, 1995

Record Keeping and the Laws of International Trade

Record keeping

Customs Trade Law

In the United States

For information about Record keeping in the context of international trade, click here

Records and record keeping

Record-keeping requirements

Record-keeping penalties

Resources

See Also

Further Reading

• Information about Record Keeping in the Encyclopedia of World Trade: from Ancient Times to the Present (Cynthia Clark Northrup)