Making Sense of SharePoint and Digital Records Management…
Hi all
One of the conversation areas in SharePoint life that is inevitably complex is that of records management since there are just as many differing opinions on records management as there are legal jurisdictions and different standards to choose from. Accordingly, a lot of confusion abounds as we move into a world dominated by cloud computing, inter-agency collaboration, changes in attitudes to information assets via the open data/government 2.0 movements, and of course, the increasing usage of enterprise collaboration systems like SharePoint. As a result, I feel for record managers because generally they are an unloved lot and it is not really their fault. They have to meet legal compliance requirements governed by various acts of legislation, but their job is made all the harder by the paradox that the more one tries to enforce compliance, the less likely one is to be compliant. This is because more compliance generally equates to more effort on the part of users for little perceived benefit. This results in direct avoidance of using record management systems or the plain misuse of those systems (both which in turn results in a lack of compliance).
As it happens, my company works with many government agencies primarily in the state of Western Australia, both at a state agency and local government level. We have seen most enterprise document management systems out there such as HP Trim, Objective, Hummingbird/OpenText and have to field questions on how SharePoint should integrate and interact with them (little known fact – I started my career with Hummingbird in 1998 when it was called PCDOCS Open and before SharePoint existed).
Now while I am sympathetic to the plight of your average records management professional, I have also seen the other side of the coin, where records management is used to create fear, uncertainty and doubt. “You can’t do that, because of the records act” is a refrain that is oft-levelled at initiatives like SharePoint or cloud based solutions to try and shut them down or curtail their scope. What makes it hard to argue against such statements is that few ever read such acts (including those who make these sort of statements). So being a sucker for punishment, I decided to read the Western Australian State Records Act 2000 and the associated standard on digital recordkeeping, published by the State Records Office. My goal was to understand the intent of these standards and the minimum compliance requirements they mandate, so I could better help clients integrate potentially disruptive tools into their compliance strategies.
I did this by starting out with the core standard in Western Australia – SRC Standard 8: Digital Recordkeeping. I created an IBIS Issue Map of this standard using Compendium software. What I soon discovered was that Standard 8 refers to other standards, such as Standard 2: Recordkeeping Plans and Standard 3: Appraisal of Records. That meant that I had to add these to the map, as well as any other documents they referred to. In the end, I followed every standard, policy or guideline in a recursive fashion, until I was back at the digital recordkeeping standard where I started. This took a while, but I eventually got there. You can click the image below to examine the standards in all of their detail and watch the video to see more about how I created it.
Now I need to make it clear that my map is not endorsed by the State Records Office, so it is provided as-is with a disclaimer that it is not intended to drive policy or be used as anything more than an example of the mapping approaches I use. I felt that by putting the standards into a IBIS based issue map, I feel I was able to reduce some of the complexity of understanding them, because now one can visually see how the standards relate to each other. Additionally, by taking advantage of Compendiums ability to have the same node in multiple maps, it allowed me to create a single ‘meta map’ that pulled in all of the compliance requirements into a single integrated place. One can look at the compliance requirements of all the standards in one place and ask themselves “Am I meeting the intent of these standards?”
Reflections…
In terms of my conclusions undertaking this work, there are a few. For a start, everything is a record, so people should just get over the whole debate of “is it or isn’t it”. In short, if you work for a government agency and are doing actual work, then your work outputs are records. The issue is not what is and is not a record, but how you control and manage them. Secondly, the notion that there has to be “one RMS system to rule them all” to ensure compliance is plain rubbish and does not stand up to any form of serious scrutiny. While it is highly desirable to have a single management point for digital recordkeeping, it is often not practical and insistence in doing this often makes agencies less compliant because of the aforementioned difficulties of use, resulting in passive resistance and outright subversion of such systems. It additionally causes all sorts of unnecessary stress in the areas of new initiatives or inter-agency collaboration efforts. In fact, to meet the intent of the standards I mapped, one by definition, has to take a portfolio approach to the management of records as data will reside in multiple repositories. It was Andrew Jolly who first suggested the portfolio idea to me and provided this excellent example: There is nothing stopping records management departments designating MS Exchange 2013 Site mailboxes as part of the records management portfolio and at the same time having a much better integrated email and document management story for users.
For me, the real crux of the digital records management challenge is hidden away in SRC Standard 8, Principle 5 (preservation). One of the statements of compliance in relation to preservation is that “digital records and their metadata remain accessible and usable for as long as they are required in accordance with an approved disposal authority.” In my opinion, the key challenge for agencies and consultancies alike is being able to meet the requirements of Disposal Authorities (DA’s) without over burdening users. DA’s are the legal documents published by the State Records Commission that specify how data is handled in terms of whether it is archived or deleted and when this should happen. They are also quite prescriptive (some are mandated), and their classification of content from a retention and disposal point of view poses many challenges, both technically and organisationally. While for the sake of size, this article is not going to get into this topic in detail, I would advise any SharePoint practitioner to understand the relevant disposal authorities that their organisation has to adhere to. You will come away with a new respect for the challenges that record managers face, an understanding on why they use the classification schemes that they do, why records management systems are not popular among users of the systems and why the paradox around “chasing compliance only to become non-compliant” happens.
Maybe you might come away with some insights on how to better integrate SharePoint into the story? Then you can tell the rest of us
Thanks for reading
Paul Culmsee
Paul,
Thanks for the video explaining how you made the maps, I found it useful to see how you pull apart something like these standards documents.
Ken
So great work for informing us of the possibilities and following a certain path.
I really appreciate your hard work an giving us some information and inspiring others to follow.
Thanks so much.