RECORDS MANAGEMENT NOTES – MASOMO MSINGI PUBLISHERS

What is Records Management?

• A program designed to systematically control or monitor records during their entire lifecycle from creation or receipt to disposal.

How Does It Control Records?
• Promotes efficient administration and management of records. – Removes inactive or obsolete records from the offices. • Ensures that records are maintained as long as they meet administrative, fiscal, and legal requirements.
• Ensures the protection of vital and historical records.
• Ensures compliance with all internal, state, and federal policies.
Reduces the university’s liability.

What is a record?
• A record is any document created, received, and maintained that documents the university’s activities, transactions, and functions in the course of the its business or legal obligations, regardless of format.
• Examples:
Correspondence – Meeting Minutes
Invoices – Registers
Time Sheets – Maps
Travel vouchers – Photographs
Records Are Information Fixed On Any Media

• Electronic Records
Word documents
Spreadsheets
PDFs
JPEGs
DVDs
• Databases
• Videos and photographs
• Paper documents

Records Are Defined by…
• Federal and State legislation – FERPA, HIPAA, SOX (Arbanes-Oxley),
GrammLeach-Bliley, IRS
The courts – “ESI” (Electronically Stored Information)
Institutional Policy
Department Needs

University Records
• Records created or received by a department or an employee of the university become the property of the university.
• Records created or received by faculty in the conduct of student advising, committee work, administration, or university program, school and department administration are also university records.

Exceptions include faculty manuscripts, teaching and research notes. These items may be donated to the University Archives.
Records Have a Value

A records management program ensures that records are kept as long as they have value:
• Administrative/Operational
• Fiscal
• Legal/Regulatory
• Archival/Historical
• Research
What isn’t a record?
• Reference materials
• Surplus publications
• Personal files
• Duplicates
• Preliminary drafts
• Convenience copies
• Blank forms

Why do we do we need a Records Management Program?
• To minimize risk and lower liability
• To provide efficient and transparent business processes
• To preserve our institutional story

Minimizes Risk and Lower Liability
Significant legal liabilities and costs associated with poor or inadequate records management practices. • Ensures that vital records are not discarded, destroyed, or transferred outside the custody of the university.
• Records are kept as long as required and destroyed when retention requirements are met.

• Ensures records comply with state and federal regulatory requirements, legal and financial requirements, and best practices.

Provides Efficient and Transparent Business Processes

Provides guidance on maintenance, retention, and storage based on their legal, administrative, fiscal and historical value.

• Good records management practices reduce clutter and streamline workflow.
• Well organized and managed information is quickly and easily retrieved.
• University administrative, legal, audit, research and historical interests are served. Preserves Our Institutional Story
• University records are important information assets and may have historical and research value or lasting administrative significance:
• Core functions
• Organizational structure
• Major projects
• Publications explaining activities and programs
• Records of enduring value are transferred to the Archives on a regular basis to be preserved and made accessible.

Best Practices for Managing Records
• Create records that accurately document their core activities.
• Manage and store records in a manner that facilitates timely and accurate retrieval.
• Ensure that records are stored in secure locations and stable environments.
• Allow only those with proper authority to have access to the records.
• Carry out the proper disposition of records.

Compliance
• Know and comply with University policies regarding records management. • Know and comply with external laws and regulations that affect the records.

Who is responsible?
• An effective records management program requires the cooperation of all University colleges and departments.
• Each employee is responsible and accountable for keeping accurate and complete records of the business activities they conduct.
• Each employee is responsible for protecting the University by creating, using, retrieving and disposing of records in accordance with the University’s established policies and procedures.

Electronic Records Management

Introduction
Describes the legal framework guiding the development of an electronic records management strategy, and the purpose of the guidelines.

Electronic Records Management Strategy
Read this set of guidelines first for basic, key concepts in electronic records management.

Long-Term Preservation
Learn about the steps to developing a long-term electronic records preservation plan.

Metadata
Introduce yourself to metadata, its functions, and its importance in managing electronic records. Become familiar with specific metadata standards.

File Naming
Learn about the importance of including a file naming policy in your electronic records management strategy.

File Formats
Review descriptions of common file formats and a summary of the issues regarding converting or migrating files.

Storage Facilities and Procedures
Learn about physical storage space options and access procedures.

Digital Media
Review digital media storage options (e.g., magnetic tape, optical disk) for your electronic records.

Electronic Document Management Systems
Introduce yourself to electronic records issues that may arise as you seek to integrate and manage the records management process with an electronic document management system.

Digital Imaging
Introduce yourself to digital imaging, its uses, and legal considerations. Review recommendations for implementing digital imaging projects.

E-mail Management
Consider the issues involved in extending your electronic records management strategy to your e-mail messages.

Web Content Management
Learn how to develop a policy for managing your web content that meshes with your electronic records management strategy.

Electronic and Digital Signatures
Learn about the distinction between electronic and digital signatures, and the legal considerations surrounding their use.

Glossary
Look up key terms in the guidelines.

Introduction

Summary
You routinely create, use, and manage information electronically in your daily work as you use computers to send e-mail, create spreadsheets, publish web pages, manage databases, and create other electronic materials. Because you work for a government agency, Minnesota and federal laws mandate that you treat that information as official government records. You probably already have a strategy to manage your paper records. With the growing pervasiveness and importance of electronic records, you should also develop a strategy to manage electronic records.

Common Questions
As you begin the process of developing an electronic records management strategy, you will find yourself asking many questions, including:
• Which Minnesota laws apply to electronic records?
• How do we use electronic records to help ensure public accountability while ensuring that notpublic records are protected?
• Who is responsible for developing our electronic records management strategy?
• How do we dispose of electronic records?
• Should we manage our electronic records differently from our paper records?
• How do we know what information is an electronic record?
• Is an electronic copy of a record an acceptable substitute for the original?
• Does an electronic record have the same legal significance as a paper record?
Electronic Records Management Guidelines

Legal Framework
The Minnesota laws governing records management address these questions. Therefore, your understanding of existing Minnesota statutes is crucial as you begin to develop your electronic records management strategy.
Electronic records, just like paper records, are subject to specific Minnesota statutes that you must understand and comply with, including general records laws and electronic records laws.

General records laws include:

Introduction
• Official Records Act [Minnesota Statutes, Chapter 15.17] (available at: <http://www.revisor.leg.state.mn.us/stats/15/17.html>)
• Records Management Act [Minnesota Statutes, Chapter 138.17] (available at: <http://www.revisor.leg.state.mn.us/stats/138/17.html>)
• Minnesota Government Data Practices Act (MGDPA) [Minnesota Statutes, Chapter 13]
(available at: <http://www.revisor.leg.state.mn.us/stats/13/>)
Electronic records laws include:
• Uniform Electronic Transactions Act (UETA) [Minnesota Statutes, Chapter 325L] (available
at: <http://www.revisor.leg.state.mn.us/stats/325L>]
• Electronic Signatures in Global and National Commerce (E-Sign), a federal law (available at:
<http://thomas.loc.gov/cgi-bin/query/z?c106:S.761:>)

Official Records Act
The Official Records Act is a general records law that mandates that “all officers and agencies” at all levels of government “shall make and preserve all records necessary to a full and accurate knowledge of their activities.” This mandate reflects a concern for accountability: since government spends public money on public services, government agencies must be accountable to citizens, government administrators, courts, the legislature, financial auditors, and to history— that is, to future generations. Under the Official Records Act, your agency’s chief administrative officer is responsible for creating and preserving government records, including electronic records. This statute also allows you to copy records to another format or storage medium and still preserve the authenticity, reliability, and legal admissibility of the record, as long as the copies are made in a trustworthy process.

Records Management Act
The Records Management Act recognizes that creating comprehensive records and preserving them forever would be an impossibly expensive burden. Instead, the Act creates a mechanism for the orderly and accountable disposition of records in the form of the Records Disposition Panel. The Act also makes the state’s Department of Administration (the Information Policy Analysis
Division specifically) responsible for overseeing the records management process.

Records Disposition Panel Members
The Records Disposition Panel includes the:
• Attorney General, for expertise on the legal value of records

• Director of the Minnesota Historical Society, for expertise on the historical value of records

• Legislative Auditor (for state agencies) or State Auditor (for local agencies), for expertise on the accounting value of records

Records Disposition Panel Functions
The panel reviews, evaluates, and then approves or disapproves requests to dispose of records, to transfer records, and to establish records retention schedules. Fundamentally, the panel provides oversight, but does not initiate any actions. If your agency wants to keep records forever, then you never have to work with the panel. However, if your agency wants to do anything else legally with
your records, you must submit your proposal to the panel for approval.

Minnesota Government Data Practices Act

The MGDPA assumes that government records (including electronic records) should be accessible to the public. Citizens should know what the government is doing, because the government must be accountable to the public. However, government agencies create some records that are confidential or sensitive, such as child protection records and adoption records.

So, while in theory all records are presumed to be publicly accessible, many exceptions exist. Only the Minnesota state legislature defines these exceptions. Any organization, public or private, that improperly releases data covered by the act could suffer significant penalties. Uniform Electronic Transactions Act and Electronic Signatures in Global and National Commerce

UETA and E-Sign were both enacted in 2000. Both laws intend to facilitate the use of information technology in government and business by addressing the legal obstacles that exist in a system oriented towards paper records and signatures.

The primary message of the laws is that a court may not determine that an electronic record or signature is untrustworthy simply because it is in an electronic format. A court can, though, reject electronic records and signatures because a government agency is creating, using, or managing them in an untrustworthy system or manner. One indicator of untrustworthiness would be an
agency’s failure to respect the laws governing records.

Guidelines
Because these laws set forth general principles that do not always translate easily into specific technological terms, the State Archives Department of the Minnesota Historical Society has developed a series of guidelines on basic electronic records management topics within the context of these laws.

Purpose of the Guidelines
These guidelines should serve as a starting point and a guide as you review your electronic records management practices and develop an electronic records management strategy. Each set of guidelines provides an overview of key concepts within the applicable legal framework, a Introduction section containing questions to spark discussion, and an annotated list of resources to use for more
detailed research. We recommend that you begin by reading the Electronic Records Management Strategy guidelines for a general introduction to key concepts.

Guidelines in the Series
Guidelines in the series include:
• Electronic Records Management Strategy. Read this set of guidelines first for basic, key concepts in electronic records management.
• Long-Term Preservation. Learn about the steps to developing a long-term electronic records preservation plan.
• Metadata. Introduce yourself to metadata, its functions, and its importance in managing electronic records. Become familiar with specific metadata standards.
• File Naming. Learn about the importance of including a file naming policy in your electronic records management strategy.
• File Formats. Review descriptions of common file formats and a summary of the issues regarding converting or migrating files.
• Storage Facilities and Procedures. Learn about physical storage space options and access procedures.
• Digital Media. Review digital media storage options (e.g., magnetic tape, optical disk) for your electronic records.
• Electronic Document Management Systems. Introduce yourself to electronic records issues that may arise as you seek to integrate and manage the records management process with an electronic document management system.

• Digital Imaging. Introduce yourself to digital imaging, its uses, and legal considerations. Review recommendations for implementing digital imaging projects.
• E-mail Management. Consider the issues involved in extending your electronic records management strategy to your e-mail messages.
• Web Content Management. Learn how to develop a policy for managing your web content that meshes with your electronic records management strategy.
• Electronic and Digital Signatures. Learn about the distinction between electronic and digital signatures, and the legal considerations surrounding their use.
• Glossary. Look up key terms in the guidelines.

The arrival of the Information Age means that much of our history is now recorded in electronic format, including your agency’s activities. Because of that, you need to develop a strategy for managing electronic records. A government agency’s electronic records management strategy must conform to legal mandates, as well as reflect your preferred management practices and technological options.

Legal Framework
Your strategy must conform to the legal mandates in such areas as:
• Providing public accountability
• Distinguishing public from not-public records
• Creating records retention schedules and carrying out disposal actions
• Developing and sustaining a trustworthy process for electronic records management Refer to the Introduction for more information on legal mandates, including the:
• Official Records Act [Minnesota Statutes, Chapter 15.17] (available at:
<http://www.revisor.leg.state.mn.us/stats/15/17.html>), which mandates that government agencies must keep records to fulfill the obligations of accountability and specifies that the medium must enable the records to be permanent. It further stipulates that you can copy a record and that the copy will be legally admissible in court.
• Records Management Act [Minnesota Statutes, Chapter 138.17] (available at:
<http://www.revisor.leg.state.mn.us/stats/138/17.html>), which establishes the Records
Disposition Panel for an orderly disposition of records using approved records retention schedules.
• Minnesota Government Data Practices Act (MGDPA) [Minnesota Statutes, Chapter 13] (available at: <http://www.revisor.leg.state.mn.us/stats/13/>), which mandates that your records should be accessible to the public unless categorized as not-public by the state legislature.

• Uniform Electronic Transactions Act (UETA) [Minnesota Statutes, Chapter 325L] (available
at: <http://www.revisor.leg.state.mn.us/stats/325L>) and Electronic Signatures in Global and National Commerce (E-Sign), a federal law (available at:
<http://thomas.loc.gov/cgibin/query/z?c106:S.761:>). Both UETA and E-Sign address the issues of the legal admissibility of electronic records created in a trustworthy manner and the application of the paper-oriented legal system to electronic records. Because different stakeholders throughout an enterprise have different needs and roles in electronic records management, the development of your electronic records management strategy requires joint planning, communication, and training.

When you begin to develop your electronic records management strategy, you should aim for a policy that integrates:
• The legal framework as it applies to your agency
• All interested stakeholders (e.g., record creators, the public, information technology staff, records management staff)
• All relevant aspects of your electronic records
• Your preferred management procedures and technologies
• Long-term storage and access needs (both legal and operational)

A sound, integrated strategy reflects the relationship between records management and your operations, and ensures that you manage records in a way that supports your daily work, supports long-term operational needs, and meets your legal requirements.

Key Concepts
As you develop an electronic records management strategy, you will need to be familiar with the following key concepts:
• The State of Minnesota’s definition of a record
• Records series
• The components of an electronic record
• The records continuum
• Records management goals
• Long-term retention approaches
• General records retention schedules
• Storage options

Definition of a Record
The Records Management Act [Minnesota Statutes, Chapter 138.17] defines government records as:

Cards, correspondence, disks, maps, memoranda, microfilms, papers, photographs, recordings, reports, tapes, writings, optical disks, other data, information, or documentary material, regardless of physical form or characteristics, storage media or conditions of use,
made or received by an officer or agency of the state and an officer or agency of a county, city, town, school district, municipal subdivision or corporation or other public authority or political entity within the state pursuant to state law or in connection with the transaction of public business by an officer or agency.

In short, an official record includes all information, regardless of format, created or used in the course of a government business function or transaction.

The definition excludes:
• Library and museum material made or acquired and kept solely for reference or exhibit purposes
• Extra copies of documents maintained only for the convenience of reference
• Stock of publications and processed documents
• Bonds, coupons, or other obligation or evidence of indebtedness, the destruction or other disposition of which is governed by other laws

An electronic record is a record created, generated, sent, communicated, received, or stored by electronic means. Like paper records, electronic records require a long-term records management strategy.

For more information, refer to the Preserving and Disposing of Government Records booklet. (See the Annotated List of Resources at the end of these guidelines.)

Records Series
Your electronic records will be organized into records series. A records series is a set of records grouped together because they relate to a particular subject or function, or result from the same activity. All records fall into a records series, and each records series should be managed according to an appropriate records retention schedule.

By managing related records as a group, you can efficiently preserve and dispose of your records. For example, all records (regardless of format) relating to a particular committee’s activity on a single issue may constitute a records series that must be preserved for ten years before disposition. Your agency will need to organize its own records series based on its unique needs within the legal
framework.

Record Components
The components of any record include:
• Content. Factual information in the record that documents government business
• Context. Information that shows how the record is related to the business of the agency and other records
• Structure. Technical characteristics of the record (e.g., file format, data organization, page layout, hyperlinks, headers, footnotes)

Records Continuum
Aside from reflecting your legal requirements, a successful long-term records management strategy reflects the records management continuum. The records continuum concept reflects the idea that different stakeholders create, use, manage, and retain records, not in discrete stages, but at different points throughout the record’s existence.

The continuum concept recognizes that records pass through identifiable stages; however, these stages are reference points, not separate functions. In other words, a record is not simply created, passed to a records manager for short-term storage, and then passed to an archivist for long-term storage. Instead, each person’s activities will have an effect on all the others in the continuum.
Their roles and responsibilities should be coordinated, not organized autonomously.

The continuum concept outlines four actions that recur throughout the life of a record. These actions are:
• Identification. Determining what constitutes a record
• Intellectual control. Making decisions about the record
• Provision of access. Enabling users to access the records
• Physical control. Managing the physical location and format of the record

Each person who touches the record performs one or all of these activities. For example, the records creator, records manager, and archivist all manage the physical location of the record. Therefore, all these people should collaborate on a comprehensive and well-managed electronic records management strategy.

Although the specific strategy that your agency develops and implements will be unique, all strategies share common goals. No matter what your final strategy, the records that exist in your agency should be:

• Trustworthy. Trustworthy records contain information that is reliable and authentic. For more information on determining the trustworthiness of information, refer to the Trustworthy Information Systems Handbook. (Download information is included in the Annotated List of Resources at the end of these guidelines.) A key aspect to trustworthiness is legal admissibility,
i.e. whether your records will be accepted as evidence in court.

• Complete. Your records should have all the information necessary to ensure their long-term usefulness. You will also need to capture and maintain the necessary metadata about your records. Metadata is the “data about the data” that documents the relationship of the record to your agency’s activity and to other records. Metadata ensures that you can find your records. Metadata includes such elements as the record’s creator, the date of creation, and the record series to which the record belongs. (For more information on metadata, refer to the Metadata guidelines).

• Accessible. You should be able to access and locate your records in a way that meets your needs and the needs of all other concerned parties. Some records may need to be immediately accessible, while others may not. As outlined in the MGDPA, records are assumed to be accessible to the public, unless categorized as not-public by the state legislature.

• Durable. You also want to ensure that your records are durable. In other words, they must be accessible for the designated records retention period and stored, as appropriate, “on a physical medium of a quality to ensure permanent records,” as stated in the Official Records Act [Minnesota Statutes, Chapter 15.17]. For more information on records storage, refer to the following guidelines:
Digital Media for more information about digital media options available for electronic record storage
Storage Facilities and Procedures for information about the physical requirements for storing electronic records

Long-Term Retention Approaches
You have two viable, often compatible, approaches for the long-term retention of your records:
• Conversion. When you convert a record, you change its file format. Often, conversion takes place to make the record software independent and in a standard or open format. For example, you can convert a record created in WordPerfect by saving it as a Rich Text Format (RTF) file or to Microsoft Word. (For more information on file formats, refer to the File Formats guidelines.)

• Migration. When you migrate a record, you move it to another computer platform, storage medium, or physical format. For example, when you migrate records, you may need to migrate them to another storage medium to ensure continued accessibility. For example, if you migrate records from magnetic tapes that deteriorate, you may need to migrate the records to a compact disk to ensure continued accessibility. (For more information on storage media, refer to the Digital Media guidelines.)

As you consider conversion and migration, consider which media are appropriate for long-term retention. You may discover that another medium (e.g., paper or microfilm) is the best option. You may also determine that you want to combine approaches, such as converting all files to an open format and migrating them to a single platform and storage medium. (For more information
on migration and conversion, refer to the Long-Term Preservation guidelines),

General Records Retention Schedules
Your electronic records management strategy should include records retention schedules for electronic records. A records retention schedule is a plan for the management of records listing types of records and how long they should be kept. The purpose of a records retention schedule is to serve as an on-going authorization for the management and disposition of records.

Because they have similar responsibilities and organizations, many local government entities have developed general records retention schedules for all the records commonly created by their members. General records retention schedules exist for cities, townships, school districts, counties, and courts. These general records retention schedules meet the legal requirements for each type of
local agency. Your agency can adopt the general records retention schedules for your type of organization in whole, or in part, or change individual components to create a unique schedule.

You may also initially choose to develop a specific schedule for your agency. However, you must submit any proposed changes to the Records Disposition Panel for approval. (For more information on the Records Disposition Panel, refer to the Introduction.)

Storage Options
Your options for storage include:
• Online. Properly designed storage in your computer system may provide full access to appropriate users. Online access means that the record is accessible immediately through your network (e.g., on your network server or on your personal computer’s hard drive). This option maintains the greatest functionality.
• Nearline. Nearline storage includes storage in a system that is not a direct part of your network, but that can be accessed through your it (e.g., an optical media jukebox). This option maintains a moderate amount of functionality.
• Offline. Offline storage refers to storage that is not accessible through your network (e.g., removable media such as magnetic tape). This option retains the least amount of functionality, while still maintaining records in an electronic format.

Paper or microfilm. Printing records onto archival-quality paper or outputting them to microfilm for storage may be acceptable as long as the complete record, including all components and metadata, is included.

Key Issues to Consider

Now that you are familiar with some key concepts in electronic records management, you can use the questions below as you develop your own strategy. The careful consideration of these questions will help ensure that:

• All relevant stakeholders agree to the process and are ready to use the procedures outlined in the strategy once it is implemented
• The strategy meets your legal requirements, such as public accountability, records retention schedules, and trustworthiness
• You maximize efficiency by working with other agencies and gaining from their experience

Discussion Questions

• What legal issues do we face? Who will need access to our records (e.g., the public, other government agencies)? Do we have information that must be accessible to the public? Do we have information that is not-public as classified by the MGDPA that must not be disclosed to the public (e.g., social security numbers, adoption records)?

• Can we adopt one of the general records retention schedules, or do we need to modify or create an agency-specific records retention schedule and seek approval from the Records Disposition Panel?

• What are the roles of different groups and individuals in our organization in ensuring a coordinated process? How can we facilitate planning, communication, and cooperation among all individuals who create and use the electronic records? What level of control should different individuals and groups have?

• Can we cooperate with other government agencies to streamline the process and save money or time?

• What best practices can we identify and apply to our own situation?

• What is the life cycle of our data? When should we capture records? How can we describe our records continuum? At which phases along our continuum do we need to actively manage the record? Would we benefit from developing a model of our operational process to aid in this discussion? How will we ensure long-term preservation and access? What are our requirements under the law?

• What are our options for long-term retention? What are the advantages of each option? How would each option work in our particular situation? What is our budget?

• What technological resources do we have available? How much of our chosen process can we or should we automate?

• What sort of appraisal process will we use to determine which records to keep? How will we ensure that this process identifies all records as defined by the law?

• What staff training do we need to ensure the staff complies with the new procedures and policies?

• What elements of the electronic records do we need to keep (e.g., text content only, graphical appearance, interactivity)?

• What metadata do we need to collect and preserve?

Annotated List of Resources

Primary Resources

Hunter, G. S. “Storage, Handling, and Preservation Best Practices.” In Preserving Digital Information, A How-To-Do-It Manual. New York: Neal-Schuman Publishers, Inc., 2000: 53–93. These hands-on recommendations provide practical information for electronic records storage, handling, and preservation. Topics covered include useful information on the deterioration of magnetic media, recommended storage conditions, proper care and handling, file formats (including advantages and disadvantages of different formats), and other best practices.

Developed for Minnesota government agencies, this overview of the basic principles of records management includes chapters on defining a government record, taking inventory of your records, developing records retention schedules, preserving archival records,
disposing of records, and setting up a records storage area. A list of resources for more information is included, as well as information about applicable state law regarding electronic records management. Originally published by the Minnesota Department of
Administration in July 2000, the guide was updated jointly by the Minnesota Historical Society and the Minnesota Government Records and Information Network (MNGRIN) in 2008.
Minnesota Historical Society, State Archives Department. Trustworthy Information Systems Handbook. Version 4, July 2002.
<http://www.mnhs.org/preserve/records/tis/tis.html>
This handbook provides an overview for all stakeholders involved in government electronic records management. Topics center around ensuring accountability to elected officials and citizens by developing systems that create reliable and authentic information and records. The handbook outlines the characteristics that define trustworthy information, offers a methodology for ensuring trustworthiness, and provides a series of worksheets and tools for evaluating and refining system design and documentation.
Stephens, D. O. and R. C. Wallace. “Electronic Records Retention: Fourteen Basic Principles.”

The Information Management Journal 34 (October 2000): 38–52.
Providing a brief, but complete, overview of the basic principles of electronic records management, this article also contains practical guidelines for developing an electronic records management strategy.

Additional Resources
Barata K., P. Cain, R. Routledge. Principles and Practices in Managing Financial Records: A Reference Model and Assessment Tool. London: International Records Management Trust, Rights and Records Institute, 2001.
<http://www.irmt.org/Images/documents/assessment%20tools/mfsr.pdf> Of particular interest to the public sector, this handbook provides an overview of international best practices in the management of electronic financial records.

Bill Number S-761. Washington, D.C.: Library of Congress, 2001.
<http://thomas.loc.gov/cgi-bin/query/z?c106:S.761:>

This site provides the results of a search for E-Sign legislation in the Thomas database of legislative information on the Internet. The site lists five versions of the bill (including the final enrolled bill) for the 106th congress (1999–2000). The site provides a downloadable file of the bill, plus links to other information about the bill in the Congressional Record
and committee reports.
COOL, Conservation OnLine
<http://palimpsest.stanford.edu>

A compilation of materials from other sources about electronic conservation, this web site includes links to resources on disaster recovery, electronic media, electronic formats, and storage environments.

International Council on Archives, Committee on Electronic Records. Guide for Managing Electronic Records from an Archival Perspective. Paris: International Council on Archives, 1997.

<http://www.ica.org/sites/default/files/ICA%20Study%208%20guide_eng_0.pdf>

This handbook provides a comprehensive overview of electronic records management from an archival perspective. It provides useful information on key concepts, such as lifecycle management, legal issues, technological issues, and implementation tactics for all readers.

InterPARES Project
<http://interpares.org>

This web site is a comprehensive resource for information about the InterPARES Project. This project is an international research initiative to develop a theory and methods for permanent electronic records preservation. The site includes white papers, links to
additional resources, presentations, and workshop listings.

Public Records Office of the United Kingdom. Records Management: Electronic Records.
<http://www.pro.gov.uk/recordsmanagement/erecords/default.htm>

Published by the Public Records Office of the United Kingdom, this site provides a wide range of information, including downloadable documents on the management, appraisal, and preservation of electronic records; how to incorporate a policy on electronic records
management; and toolkits for compiling an inventory of electronic records collections.

Long-Term Preservation

Summary
During the course of routine business, your agency generates thousands upon thousands of electronic records, from e-mail to web pages to complex e-government transactions. Most are useful for only a short period of time, but some you may need to keep permanently. For those records, you will need to implement a well-considered, well-documented plan for their preservation
in order to ensure that they remain trustworthy and useful over time. Tools such as migration, conversion, metadata, and eXtensible Markup Language (XML) will help you not only preserve your records, but also realize their full value.

Legal Framework
For more information on the legal framework to consider when developing a preservation plan for your records, refer to the Introduction and Appendix D of the Trustworthy Information Systems Handbook. Also review the requirements of:

• Records Management Act [Minnesota Statutes, Chapter 138.17] (available at:
<http://www.revisor.leg.state.mn.us/stats/138/17.html>), which establishes the Records
Disposition Panel to oversee the orderly disposition of records using approved records retention schedules. Coordinate your records retention schedules with your preservation plan to help ensure that you store and dispose of records in accordance with the Records
Management Act.

• Minnesota Government Data Practices Act (MGDPA) [Minnesota Statutes, Chapter 13]
(available at: <http://www.revisor.leg.state.mn.us/stats/13/>), which mandates that government records should be accessible to the public unless categorized as not-public by the state Electronic Records Management Guidelines LongTerm Preservation legislature. You must be able to provide access to the stored public records, yet prevent unauthorized access to not-public records.

• Information and Communications Technology Policy [Minnesota Statutes, Chapter 16E.04]
(available at: <http://www.revisor.leg.state.mn.us/stats/16E/>), which mandates state agency compliance with Minnesota’s enterprise technical architecture “to ensure that individual agency information systems complement and do not needlessly duplicate or conflict with the systems of other agencies. . . . [and to] promote the most efficient and cost-effective method of producing and storing data for or sharing data between those agencies.” Section 16E.07 establishes the North Star portal as the state’s official online government information service with the idea that “the greatest possible access to certain government information and data is
essential to allow citizens to participate fully in a democratic system of government.”

Key Concepts
The value of your information justifies your investment in information technology. There is no point to an agency investing large sums in hardware and software if it cannot preserve the use value of the information it creates, exchanges, and stores. In the short-term, this is often not a problem. But, over time, it will be. As technology changes, hardware and software will become obsolete, and then you might face some hard choices. The challenge is to preserve the usefulness and trustworthiness of your information in an efficient and cost-effective way.

Any preservation plan for electronic records must take into account the changes in hardware and software, the limitations of storage media, and the potential use-value of your information. As you begin exploring your options, you will need to be familiar with the following:
• Needs analysis
• Physical storage options
• File format options
• Digital preservation techniques
• E-government and collaboration

Needs Analysis
As a first step in developing your preservation plan, you should do a needs analysis to help guide your decisions. While the complexity of such an analysis will vary from situation to situation, these basic components should always be included.

First, you need to understand the value of your information. The value of your information will justify your investment in technology, over the short- and the long-term. Minnesota’s enterprise technical architecture notes that information is the state’s most important asset. But all information is not created equal; some has much more value than others. Some of your information, as records,
will have legal and evidentiary significance and may well demand special attention. Most of the information you want to preserve will be important to your agency’s mission or, increasingly, to the business of other agencies as well. As e-government develops in complexity and sophistication, more and more agencies will be expected to work within the framework of a common technological
architecture and to share the information they create.

The practical side of understanding the value of your records is determining their retention requirements. How long do you really need to keep them? Why are you keeping them? Do they have to be kept in electronic format or is there another, more cost-effective option for long-term storage? For instance, a word processing document might be printed and kept as a paper record without losing any of its value. In contrast, printing a web page means a significant loss of information and functionality.

It is also important to ascertain if access to certain data in your records is restricted by statute. The state’s Government Data Practices Act and some federal laws, such as the Health Insurance Portability and Accountability Act (HIPAA), will determine if data needs to be protected as Electronic Records Management Guidelines LongTerm Preservation confidential or non-public. If it does, then you will need to ensure that your long-term storage and access policies account for those obligations.

In the broadest sense, the demands governing the access and use of your records will determine what preservation options are most appropriate and will dictate the metadata you should create and store along with the records. Metadata is the “data about the data,” that allows you to manage, find, and evaluate your information over time. Minnesota’s enterprise technical architecture includes metadata standards for GIS data, web content management, and recordkeeping. There are a number of international standards that are pertinent as well. While all-important for the longterm preservation of data, metadata takes on additional significance when you share your information because others must understand the information’s structure and content in order to put it to fullest use. For more information about metadata, refer to the Metadata guideline in this series.

Physical Storage Options
As mentioned, choosing the most appropriate storage option for your situation will depend upon your records’ access requirements. There are basically three options available to you:
• Online storage. Records are kept on a server or hard drive and are immediately available for use over a network. This option is best for records that must be accessed frequently.
• Nearline storage. Records are stored on media such as optical disks in jukeboxes or tapes in automated libraries which are attached to a network. Because retrieval is slower than with online storage, this option is most appropriate for records that are accessed
occasionally.
• Offline storage. Records are stored on removable media and must be manually retrieved. This option provides the slowest access and should be used for records that are only rarely needed.

If you choose nearline or offline storage, you will need to consider what media will best suit your needs. To do this, you should start by analyzing your current and projected volume of stored records, along with the size of the files themselves and any associated metadata. Also take into account any security requirements, such as viewing, use, and modification restrictions.

Different media have different storage characteristics. For instance, with CD-R, DVD-R, and DVD+R disks, data can be recorded one time only, after which the media becomes read-only. This provides protection for your records against intentional or unintentional tampering. CDRW, DVD-RW, DVD+RW, and DVD-RAM can all be written to multiple times, although at the cost of diminished life span and the risk of possible loss or alteration of the contents. CDs can generally store up to 800 MB of data, while DVDs can store several gigabytes. Magnetic tape is an alternative to optical disk, with capacity up to several gigabytes, although retrieval is much slower since it is a sequential-access rather than random-access medium. Tapes are most often used for offline
storage and backups.

Life spans also differ among media types. Under optimal storage and use conditions, optical disks and magnetic tapes will generally give reliable service for anywhere between 5 and 20 years. Under normal conditions, however, life expectancies are probably significantly shorter. For more information on media types, refer to the Digital Media guideline in this series.

File Format Options
Most records are created using specific, proprietary software applications. Over time, these applications will be upgraded or be phased out altogether. Because upgraded applications may or may not be able to read files created with previous versions, backward compatibility is not a given and cannot be counted on as a preservation tool. Maintaining the software on your own is an option, but over and above the question of costs, that carries the risk the software will fail in time, leaving you with no way to access your records. One common alternative is continually to convert your files from version to version and format to format as your software environment changes.

While non-proprietary formats are the ideal for the long-term preservation of files, they are few in number and each has its limitations. ASCII or plain text will capture data in the lowest common denominator of formats, losing structure and functions in the process. Rich Text Format (RTF) is a Microsoft format, although it is supported by a variety of vendors and software applications.

Portable Document Format (PDF), a popular choice for file sharing and storage, is an Adobe product. Because Adobe makes PDF’s specifications publicly available, many believe that it is an open standard when, in fact, the company is under no obligation to continue this practice into the future. Furthermore, PDF has a problem with backward compatibility, with newer versions often incorrectly rendering files created with older ones. To address these problems, an archival version, currently referred to as PDF/A, has been developed and is under consideration as a potential ISO standard.

For long-term preservation and use, eXtensible Markup Language (XML) is currently the optimum choice of formats. An international standard since 1998, XML is both a file format and a textbased, self-describing, human-readable markup language that is independent of hardware and operating systems. Because it is infrastructure-independent, XML is one of the best solutions for re-purposing the content of your records and/or sharing them with others. Proper use of XML requires a certain amount of planning and up-front commitment of money and time, but its structured nature makes it suitable for automation and will allow you to more easily take advantage of whatever new open formats will follow in the future. For more information on file formats, refer to the File Formats guideline in this series.

Digital Preservation Techniques
There are several approaches, some more practical than others, to ensure that electronic records remain useful over time. One is to save all of the hardware, software, and documentation needed to support the records. Known as the “computer museum” approach, it is not very realistic on a large scale because, given how rapidly hardware and software environments change, it means storing and maintaining huge quantities of outdated equipment with no assurance that any of it will work when needed.

Emulation has a similarly antiquarian flavor. Emulator programs simulate the behavior, look, and feel of other programs, thus preserving the functionality of the records in their original format without the necessity of saving the original equipment and software. However, emulation has so far proven more attractive in theory than in practice. There are few examples of success using this
approach, and costs have proven high. It has a further limitation in that, at best, emulation simply reproduces earlier, less sophisticated versions of an application. Given all the expenses of technology, it seems problematic to limit the value of information by preserving it in a static framework.

Encapsulation is a third approach to preservation. It involves combining the object to be preserved with all of the necessary details of how to interpret it within a wrapper or package, all possibly formatted in XML. While appealing in its comprehensiveness, encapsulation has several drawbacks: file sizes are large because of all of the included information; format specifications must be determined; the encapsulated records must somehow be generated, usually separate from the act of record creation; and the encapsulated records must still be migrated over time.

The most common approach to preserving electronic records involves a combination of two other techniques: migration and conversion. Migration is the process of moving files to new media (also know as “refreshing”) or computer platforms in order to maintain their value. Conversion entails changing files from one format from one to another and may involve moving from a proprietary format, such as Microsoft Word, to a non-proprietary one such as a plain text file or XML. To avoid losing data in the process, you should perform initial tests and analysis to determine exactly what changes will occur and whether they are acceptable. With both migration and conversion, special attention must be paid to also maintaining the accessibility of any associated metadata.

When properly planned and executed, the migration and conversion approach probably represents the easiest and most cost-effective preservation method available today.

E-Government and Collaboration
The State of Minnesota’s e-government framework should influence your preservation plans. The long-term preservation of records will demand a variety of investments and decisions that will involve time, staff, technology, and specialized expertise. Practically speaking, the state probably cannot afford to have every agency make all those investments independently. Similarly, no
agency, even with the best of intentions, can consistently make all those decisions correctly. Finding effective and economic solutions means working together.

The state’s enterprise technical architecture reflects that. In order to facilitate the development of e-government, the architecture identifies a series of issues, approaches, and standards that will make your agency’s investments in information technology more likely to succeed. At the same time, these also will facilitate the long-term preservation of digital resources through sharing services and solutions. In developing your preservation strategy, start by looking at what other agencies are doing and what you can learn from their experiences.

Key Issues to Consider
The foundation of your preservation plan should be your needs analysis, as well as an analysis of the costs, benefits, and risks involved with each of the options you are studying. Your records management, information technology, and legal staff should all be involved in the process to make sure your plan meets your business requirements and fits in with your general electronic records management strategy. Be sure to document your decision-making process in addition to your choices and plans for implementation.

At the minimum, your preservation plan should include the following items:
• Rationale and requirements for your preservation program.
• List of relevant records series and their retention and access requirements.
• Explanation of the selected preservation technique(s), including schedules for preservation actions, quality assurance testing, backups, etc. and instructions for documentation.
• Pointer to a business continuity or disaster recovery plan.
Once completed, your preservation plan should not gather dust on a shelf. Rather, it should be a reference document for all preservation activities, and it should be kept up to date as your situation changes (e.g., changes in use needs, hardware, software, media, security/access requirements, retention periods, legal mandates).

Discussion Questions
As you move from your needs analysis to the development of your preservation plan, you will face many choices. These are just a few of the questions you should ask during the process.
• How long do we need to keep these records? What will be the costs associated with such preservation tasks as migration and conversion over time?
• What best practices can we identify and apply to our situation? Can we cooperate with other agencies or organizations to share expertise or save money?
• Do we need to keep the records in electronic format or is another format, such as paper or microfilm, more appropriate? How much functionality do we need to retain over time?
• How often are these records accessed? What is the best storage solution (e.g., online, nearline, offline)?
• What is the most appropriate storage media for the records? How will we ensure that we retain the hardware necessary to handle the media? What documentation should we collect and maintain regarding the media and hardware?
• How will we ensure that the content of the records is accessible and readable over time? Is the format and necessary software proprietary or non-proprietary? What documentation should we collect and maintain regarding format and software?
• How will we perform periodic quality assurance checks to ensure accessibility and trustworthiness over time? How will we document these checks?
• What indexing and metadata schemes should we employ to ensure that the records can be easily located and evaluated for use?
• How will these records be used? Will they be shared with others inside our organization? Outside? Would XML enhance the use-value of the records?
• Have the records been compressed or encrypted? If so, how does this fit into our management plan?
• Are there data access issues that require special security measures?
• What hardware and software configurations are we moving to in the foreseeable future? How do these records fit in with that plan?
• What staff training is necessary to ensure compliance with the preservation plan?

Annotated List of Resources

This guide discusses the physical characteristics of various optical media, as well as methods for their proper care and handling to ensure longest possible use in any given environment. A useful glossary is included.

Lawrence, Gregory W., William R. Kehoe, Oya Y. Rieger, William H. Walters, and Anne R. Kenney. Risk Management of Digital Information: A File Format Investigation. Washington, D.C.: Council on Library and Information Resources. June 2000.
<http://www.clir.org/pubs/reports/pub93/pub93.pdf>

This publication offers detailed guidance on migration (which is defined to include conversion) as a preservation technique through a risk assessment process. A useful workbook is provided to assist users in applying quantitative risk assessment measurements
to their own environment.

Lee, Kyong-Ho, Oliver Slatterly, Richang Lu, Xiao Tang, and Victor McCrary. “The State of the Art and Practice in Digital Preservation.” Journal of Research of the National Institute of Standards and Technology. 107(January-February 2002): 93-106.
<http://nvl.nist.gov/pub/nistpubs/jres/107/1/cnt107-1.htm>

This paper provides a concise survey of a variety of preservation techniques for digital resources, including migration, emulation, encapsulation, and the use of eXtensible Markup Language (XML), as well as some project case studies.
Minnesota Department of Administration, Office of Enterprise Technology. Minnesota Enterprise Technical Architecture. Version 2.02, 2006.
<http://www.oet.state.mn.us/>

The Minnesota Office of Enterprise Technology (OET) is charged with establishing and maintaining a state information architecture as specified in Minnesota Statue, Chapter 16E.04 Subdivision 2. According to the OET, “This technical architecture is established to
describe technology components of the State’s information infrastructure and their individual principles, practices and standards that are to be used to guide the development and delivery of all information systems services. The architecture will provide a reference
so that various groups of government IT professionals have a consistent view of the information systems infrastructure and the methods that they employ to develop and deliver information systems services.” Chapter 4, Data and Records Management, describes the framework for managing information resources, as well as the standards and guidelines that apply.
World Wide Web Consortium (W3C). Extensible Markup Language (XML).
<http://www.w3.org/XML/>

The W3C is the international body responsible for the development and ongoing refinement of the XML family of standards. This site provides links to the specification itself, as well as pointers to working groups and other resources.

Additional Resources
Minnesota Historical Society, State Archives Department. Preserving and Disposing of Government Records. St. Paul: Minnesota Historical Society, May 2008.
<http://www.mnhs.org/preserve/records/docs_pdfs/PandD_may2008.pdf>

Minnesota Historical Society, State Archives Department. Trustworthy Information Systems Handbook. Version 4, July 2002.
<http://www.mnhs.org/preserve/records/tis/tis.html>

Metadata

Summary
Metadata is usually defined as “data about data.” Metadata allows users to locate and evaluate data without each person having to discover it anew with every use. Its basic elements are a structured format and a controlled vocabulary, which together allow for a precise and comprehensible description of content, location, and value.

While the term itself might sound new and trendy, the concept it describes is not. In some fashion, metadata has always been with us, apparent in everything from program listings in TV Guide to the nutritional information on the back of a cereal box. For government records, the familiar forms of metadata are the recordkeeping metadata standard and the records retention schedule.

Anyone who has suffered the exercise in irrelevance offered by an Internet search engine will appreciate the value of precise metadata. Because information in a digital format is only legible through the use of intermediary hardware and software, the role of metadata in information technology is fundamentally important. In any system, given the volume of information it contains, the uses to which it can be put, and the costs involved, metadata is the basic tool for efficiency and effectiveness.

Whatever you want to do with the information (e.g., protect its confidentiality, present it as evidence, provide citizens access to it, broadcast it, share it, preserve it, destroy it) will be feasible only if you and your partners can understand and rely upon the metadata describing it. Using metadata effectively means understanding and applying the standards appropriate to your needs.

Key Concepts
To understand, create, and use metadata effectively, you will need to know more about:
• Metadata functions
• Legal needs and statutory mandates
• Metadata and technology
• Metadata standards

Metadata Functions
Government agencies routinely use metadata to fulfill a variety of functions, but the primary uses are for:
Metadata
• Legal and statutory reasons (e.g., to satisfy records management laws and the rules of evidence)
• Technological reasons (e.g., to design and document systems)
• Operational or administrative reasons (e.g., to document decisions and establish accountability)
• Service to citizens, agency staff, and others (e.g., to locate and share information)

In all of these cases, metadata standards will be effective only if they rely on a structured format and controlled vocabulary. “Structured format” means the metadata is defined in terms of specific, standardized elements or fields. For example, a library catalog entry for a book will identify its author, title, subject(s), and location, among other things. Unless all the elements are there, users will not be able to evaluate the metadata; they won’t be able to answer the question “Is this the book I want?”

“Controlled vocabulary” means that there is a standard as well for the content of the elements. For example, the nutritional information on the back of a box of cereal is often defined in terms of weight per serving. We know what “sugar: three grams” means. It refers to a standard unit of measurement that allows us to compare the sugar content of one cereal to that of another. But if
the box read “just the way you like it” or “pretty sweet,” that would mean different things to different people. We couldn’t compare a subjective review like that to what’s on the back of another box of cereal.

To work effectively, the elements and components of metadata should have an accepted, precise meaning that reflects a common understanding among its creators and its users. That allows for evaluation and comparison, for selecting the information you want from all the information available.

Legal Needs and Statutory Mandates
Because you are part of a government entity, you need to pay particular attention to metadata’s value to help you achieve basic legal needs and meet statutory mandates. For example, Minnesota’s Records Management Act mandates that government agencies cannot
dispose of records without the approval of the state’s Records Disposition Panel. The only way to get that approval is to describe the records: what they are, where they are, what their significance is, and how they should be disposed. All that information is metadata. In the records management process, metadata usually takes two forms, either a records retention schedule or an Application
for Authority to Dispose of Records form (PR-1).

Similarly, the Minnesota Government Data Practices Act classifies data under nine different categories which specify how, when, or if the public may gain access to government data. You cannot guess what level of access or security to provide just by looking at the data itself. You need some additional information – some metadata – in order to follow the letter of the law.

These are some of the laws most pertinent to the use of metadata:

• Records Management Act [Minnesota Statutes, Chapter 138.17] (available at:

<http://www.revisor.leg.state.mn.us/stats/138/17.html>), which creates the Records

Disposition Panel and establishes the records management process for government records.

The metadata requirements of all of these statutes are encompassed in the state’s Recordkeeping Metadata Standard. For more information on the legal framework you must consider when dealing with government records, refer to the Introduction and Appendix D of the Trustworthy Information Systems Handbook.

Metadata and Information Technology
Metadata is useful for the management of information in any storage format, paper or digital. But it is critically important for information in a digital format because that is only legible through the use of intermediary hardware and software. We can open up a book or even hold microfilm up to a light to determine what it says. But we can’t just look at a CD and say what’s on it. We cannot
possibly hope to locate, evaluate, or use all the files on a single PC, let alone the Internet, without metadata.

If information technology makes metadata necessary, it’s information technology that makes metadata useful. Special software applications, such as TagGen, make the creation of standardized metadata simpler. Databases store and provide access to metadata. Most software applications automatically create metadata and associate it with files. One example is the header and routing
information that accompany an e-mail message. Another is the set of properties created with every Microsoft Word document; certain elements such as the title, author, file size, etc., are automatically created, but other elements can be customized and created manually.

Normally, some combination of automatically and manually created information is best for precise and practical metadata. Most important, metadata can inform business rules and software code that transforms it into “executable knowledge.” For example, metadata can be used for batch processing of files. A date element is critical to records management, as most record retention schedules are keyed to a record’s date of creation. Metadata in more sophisticated data formats, such as eXtensible Markup
Language (XML), allow for extraction, use, and calculation based on specific components of ametadata record.

Metadata Standards
To work effectively, metadata has to be precise and comprehensible. The entire community of creators and users has to understand what it means. There is a variety of metadata standards in use across the world, but there are three principal standards in general use in Minnesota government today. Minnesota’s Office of Enterprise Technology (http://www.oet.state.mn.us/) recommends
the following standards in its enterprise architecture:
• Minnesota Metadata Guidelines – Dublin Core
• Minnesota Geographic Metadata Guidelines
• Minnesota Recordkeeping Metadata Standard

Minnesota Metadata Guidelines – Dublin Core (MMG-DC)
The Dublin Core is a metadata standard with fifteen elements that is an official international standard (NISO Standard Z39.85; ISO Standard 15836). It was designed principally by the library and archives community, and its primary application is to describe information resources, particularly web content. When you use the search engine on the state’s North Star site, Dublin Core metadata helps you find exactly what you’re looking for.

The MMG-DC set includes these elements:
• Title. The name of the resource given by the creator or publisher.
• Subject. The topic of the resource.
• Description. A short, text description of the resource’s contents.
• Creator. The name of the person who created the resource.
• Publisher. The name of the entity that published the resource. Note that the publisher is not the person who posted the resource to the web site, but the entity responsible for the publication of the resource, such as your agency.
• Contributor. Someone aside from the creator who made a significant contribution to the resource.
• Date. Either the creation date or the publication date. Your agency will need to determine which date to use.
• Resource Type. The category the resource belongs to, such as committee minutes, press release, or report. Format. The file format of the resource. For more information on file formats, refer to the File Formats guidelines.
• Identifier. A text string or number unique to the resource, such as a URL or other formal name. See the File Naming guidelines for more information on naming web site files for longevity and ease of use.
• Relation. An element that refers to related resources.
• Source. Information about the source from which the current resource is derived (e.g., an abstract of a report).
• Rights Management. A text statement regarding copyright and use permission.
• Language. The language used in the resource (e.g., English, Spanish).
• Coverage. Either geographic (e.g., Minnesota) or temporal (e.g., the years 2000–2001).

To populate these elements and to describe web content, the State of Minnesota uses an established and maintained set of terms along with the MMG-DC. Information on the Legislative Indexing Vocabulary is available online, at <http://bridges.state.mn.us>. The State also has a license to use a specific software application, TagGen, as a tool for the creation or capture of metadata. It is available free to Minnesota government agencies. Information on using and acquiring TagGen is also online, at <http://bridges.state.mn.us>, along with an instructional manual, the Best Practices

Guidelines for Web Metadata.

Minnesota Geographic Metadata Guidelines

The Minnesota Geographic Metadata Guidelines provide a common approach for documenting all types of geographic data. They have been designed to be straightforward, intuitive, and complete. The guidelines are based on a standard developed by the Federal Geographic Data Committee in 1993: The Content Standards for Digital Geospatial Metadata. In developing the Minnesota Geographic Metadata Guidelines, the Standards Committee of the Minnesota Governor’s Council on Geographic Information created a streamlined implementation of the federal standard, while retaining the essence of its original content. Information about the
guidelines is available at <http://www.gis.state.mn.us/stds/metadata.htm>

The Minnesota Geographic Metadata Guidelines includes a number of metadata elements, arranged in seven sections:
• Identification Information
• Data Quality Information
• Spatial Data Organization Information
Spatial Reference Information
• Entity and Attribute Information
• Distribution Information
• Metadata Reference Information

Minnesota Recordkeeping Metadata Standard
The Minnesota Recordkeeping Metadata Standard is designed to support the accountability of government and the proper use of government records as mandated by law. It is based on the Dublin Core, and its fields can be easily mapped to the Minnesota Geographic Metadata Guidelines.

The standard consists of twenty elements, ten of which are mandatory and ten optional. In addition, many of these elements contain a number of sub-elements, some mandatory and some optional. To ensure compatibility across metadata sets, six of the ten mandatory elements have direct counterparts both in the Dublin Core and the geographic metadata standards. Overall, the recordkeeping metadata elements are:

• Agent. An agency or organizational unit that is responsible for some action on or usage of a record, or an individual who performs some action on a record, or who uses a record in some way.
• Rights Management. Legislation, policies, and caveats that govern or restrict access to or use of records.
• Title. The names given to the record.
• Subject. The subject matter or topic of a record.
• Description. An account, in free text prose, of the content and/or purpose of the record.
• Language. The language of the content of the record.
• Relation. A link between one record item and another, between various aggregations of records, or a link between a record and another information resource.
• Coverage. The jurisdictional, spatial, and/or temporal characteristics of the content of the record.
• Function. The general or agency-specific business function(s) and activities that are documented by the record. Date. The dates and times at which such fundamental recordkeeping actions as of the record’s or records series’ creation and transaction occur.
• Type. The recognized form or genre a record takes, which governs its internal structure.
• Aggregation Level. The level at which the record(s) is/are being described and controlled or the level of aggregation of the unit of description.
• Format. The logical form (content medium and data format) and physical form (storage medium and extent) of the record.
• Record Identifier. A unique code for the record.
• Management History. The dates and descriptions of all records management actions performed on a record from its registration into a recordkeeping system until its disposal.
• Use History. The dates and descriptions of both legal and illegal attempts to access and use a record, from the time of its registration into a recordkeeping system until its disposal.
• Preservation History. The dates and descriptions of all actions performed on a record after its registration into a recordkeeping system which ensure that the record remains readable and accessible for as long as it has value to the agency and to the community at large.
• Location. The current (physical or system) location of the record or details about where the record usually resides.
• Disposal. Information about policies and conditions that pertain to or control the authorized disposal of records or information about the current retention schedule and disposal actions to which the record is subject.
• Mandate. A source of recordkeeping requirements. For example, a piece of legislation, formal directive, policy, standard, guideline, set of procedures, or community expectation which (explicitly or implicitly) imposes a requirement to create, keep, dispose of, or control access to and use of a record.

Key Issues to Consider
Now that you are familiar with some of the basic concepts and types of metadata, you can consider some of the issues that have to be addressed in order to use metadata effectively. The most important are:

• Audiences: Most people who rely on metadata are unaware they’re using it or even that it exists. Nevertheless, when you create metadata, you have to be aware of the audiences for your information in order to determine the appropriate standards and approaches. To make your decisions, you should know which information resources your audiences use, which questions
they ask, and what their level of expertise is.

Partnerships: To increase the value of both metadata and the information it describes, you need to work with other creators, custodians, and users of information. If you agree on metadata standards, tools, and practices in collaboration with others, you will create a much more beneficial information management program for your whole organization.

• Implementation: Selecting a standard is a good first step. Putting it into practice is a more useful and difficult one. Creating and maintaining metadata over time will demand attention, resources, and staff. You will get a good return on that investment if you keep in mind your legal mandates, your business processes, and your customers as you choose what standards and practices are most appropriate for you.

• Education: One critical element of a practical metadata program to keep in mind is education. You will need to know about what others are doing with the standards, the tools, and the uses of metadata. As these change, you will need to keep up with those developments.

• Promotion: To promote the understanding, use, and creation of metadata, as well as to ensure that there are enough resources to support a metadata program, it is important to draw people’s attention to metadata and its importance. The State of Minnesota’s Information Policy Council supports a metadata awareness program designed by the Land Management Information Center and the State Archives Department of the Minnesota Historical Society. The program promotes reliable and standardized metadata with an educational resource online and a symbol:

When you see this symbol, you are looking at information that is described by metadata created according to a recognized standard. On a web page, the symbol will act as a hot link to a page describing the value and uses of metadata and offering information about specific metadata standards used in Minnesota

Discussion Questions
• What are the business functions your metadata is supposed to fulfill?
• Who is the audience for your metadata? What are their needs?
• Does your agency have an information and/or technical architecture? What metadata standards does it recommend?
• Are your software applications creating metadata?
What are your legal needs? Does your agency have a records management or data practices office?
• Do the managers and resource allocators in your agency support a metadata program? Have you made a business case to them?
• Are the offices or departments of your agency already creating metadata? Are they using different standards?
• What are the metadata standards pertinent to your profession or business functions?

Dublin Core Metadata Initiative
<http://dublincore.org>
The Dublin Core Metadata Initiative is the official site for the Dublin Core (DC) project. The fifteen-element metadata standard is the product of a number of workshops that began in 1995 and is now an official international standard (NISO Standard Z39.85; ISO
Standard 15836). Intended to serve users in a flexible manner, the elements are all optional, repeatable, and labeled with descriptive names. Metadata generated from this scheme may be represented in a number of ways (e.g., HTML, RDF) for use on the Internet.

Minnesota Land Management Information Center (LMIC)
<http://www.lmic.state.mn.us>
LMIC, a division of the Office of Strategic and Long-Range Planning (Minnesota Planning), is charged with coordinating the “effective use of digital geographic data to support public policy and government operations” in the state. As a member of the GIS Standards Committee of the Minnesota Governor’s Council on Geographic Information, LMIC helped develop a standard format for GIS metadata (the Minnesota Geographic Metadata Guidelines) based upon the federal model of the Content Standard for Digital
Geospatial Metadata. LMIC makes available software (DataLogr) to aid data holders in recording their metadata in conformance with the Minnesota guidelines. By arrangement, LMIC offers project assistance and research- and technology-related services.

Featured links at the LMIC site include access to 2000 Census data through Datanet and information about the activities of the Governor’s Council on Geographic Information. Additionally, the Minnesota Geographic Data Clearinghouse provides a collection of resources to help find, access and use geospatial data about Minnesota regardless of source. The Clearinghouse includes: the Minnesota Geographic Data Catalog, providing information about data holdings at LMIC as well as other state and federal agencies;
LMIC’s metadata index, containing detailed information on over 120 data sets accessible through the agency; and the GeoGateway, a search engine that integrates access to over 300 data sets served by Minnesota organizations and over 2500 data sets focused on the
geography of Minnesota. The GeoGateway assists users in locating data sets specific to the state and surrounding region by searching metadata based on user-defined criteria, including keywords, temporal considerations and geographic extent and source.

Minnesota Department of Natural Resources. Best Practice Guidelines for Web Metadata.
<http://bridges.state.mn.us/bestprac/index.html>

Multiple documents and downloads are available on this web site, including guidelines on how to use the Dublin Core Metadata Element Set as part of the process of archiving web content and a description of each element’s purpose and method of creation. The site also offers a bibliography, a training manual on applying the Dublin Core metadata set, background reports, and information about downloading the TagGen tool.

Minnesota Department of Natural Resources. Bridges: Minnesota’s Gateway to Environmental Information.
<http://bridges.state.mn.us>

The Bridges project represented a collaboration between Minnesota’s environmental agencies with the goal of providing easy access to their electronic resources such as web pages, PDF documents, databases, and geographic data. Resources were cataloged using the Dublin Core metadata scheme and are located through a simple cross-agency search engine (the Inktomi-powered North Star search at the state’s main portal). Although the project was completed in July 2000, the web site still offers a number of resources to visitors, including best practice guidelines for web metadata, information on metadata tools, project reports, as well as links to participating agencies, other regional and federal environmental sites, and the Minnesota Governor’s Council on Geographic Information.

Minnesota Department of Natural Resources. GIS Data Deli
<http://deli.dnr.state.mn.us>

The GIS Data Deli site is a service of the Minnesota Department of Natural Resources. Visitors may download raw spatial data pertaining to the state for use with GIS-specific software, image processing systems, or traditional databases; no online map composition or viewing is possible. Users capture the data through a process involving specifying geographic areas, layers and data elements of interest. Detailed metadata conforming to the Minnesota Geographic Metadata Guidelines is available for each layer.

Minnesota Historical Society, State Archives Department. Trustworthy Information Systems
Handbook. Version 4, July 2002.
<http://www.mnhs.org/preserve/records/tis/tis.html>

This handbook provides an overview for all stakeholders involved in government electronic records management. Topics center around ensuring accountability to elected officials and citizens by developing systems that create reliable and authentic information and records. The handbook outlines the characteristics that define trustworthy information, offers a methodology for ensuring trustworthiness, and provides a series of worksheets and tools for evaluating and refining system design and documentation.
Minnesota Recordkeeping Metadata Standard (Minnesota Office of Enterprise Technology Standard IRM 20)
<http://www.mnhs.org/preserve/records/metadatastandard.html>

The Minnesota Recordkeeping Metadata Standard was developed to facilitate records management by government entities at any level of government. It shares many of its elements with other metadata standards, such as the Dublin Core and the Minnesota Geographic Metadata Guidelines set, but goes further to address such issues as access restrictions, data practices, and records retention and disposition, thereby enabling the practical implementation of statutory mandates for records management. The standard is
comprised of twenty elements, ten of which are mandatory.

Additional Resources
Federal Geographic Data Committee (FGDC). Metadata.
<http://www.fgdc.gov/fgdc/fgdc.html> and <http://fgdc.er.usgs.gov/metadata/metadata.html>

This site is sponsored by the FGDC, which is made up of several federal agencies. Working with such partners as state and local governments, the academic community, and industry, the FGDC is supervising the development of the National Spatial Data
Infrastructure (NSDI) with the goal of sharing geographic data through standards, policies, and procedures. Through subcommittees and working groups, the FGDC has several geospatial data standards completed or in some stage of development. These include the Cadastral Data Content Standard, the Spatial Data Transfer Standard, the Spatial Data Accuracy Standard, the Address Content Standard, and the Government Unit Boundary Data Content Standard.

The FGDC has developed the Content Standard for Digital Geospatial Metadata (CSDGM) <http://fgdc.er.usgs.gov/metadata/contstan.html> to be used by all federal agencies. This metadata standard is composed of 334 different elements (119 of which only contain sub-elements). The FGDC also coordinates the National Geospatial Data Clearinghouse for participants worldwide interested in sharing digital geospatial data that conforms to the CSDGM. In the future, the CSDGM is expected to be modified to be made compliant with an emerging international metadata standard, ISO 19115.

Minnesota Department of Administration, Office of Enterprise Technology. Minnesota Enterprise
Technical Architecture. Version 2.02, 2006.
<http://www.oet.state.mn.us/>

The Minnesota Office of Enterprise Technology (OET) is charged with establishing and maintaining a state information architecture as specified in Minnesota Statue, Chapter 16E.04 Subdivision 2. According to the OET, “This technical architecture is established
to describe technology components of the State’s information infrastructure and their individual principles, practices and standards that are to be used to guide the development and delivery of all information systems services. The architecture will provide a reference
so that various groups of government IT professionals have a consistent view of the information systems infrastructure and the methods that they employ to develop and deliver information systems services.” Chapter 4, Data and Records Management, describes the framework for managing information resources, as well as the standards and guidelines that apply.

Minnesota Historical Society, State Archives Department. Metadata Resources.
<http://www.mnhs.org/preserve/records/metadata.html>
This web site offers annotated links to State Archives and Minnesota projects, as well as to metadata resources particularly relevant to archival and recordkeeping issues.

State of Utah GILS (Government Information Locator Service) Project. GILS Resources.
<http://www.utah.org/GILS/resources.htm>
Government Information Locator Services (GILS) are in use in a number of states and in agencies of the federal government. They are designed to provide access to the public to government records, library holdings, web sites, and other types of information resources. The State of Utah has compiled a comprehensive and informative list of references and links to GILS conferences, studies, metadata, metadata mapping schemes, and authority list resources.

UK GovTalk. Interoperability: Metadata
<http://www.govtalk.gov.uk/interoperability/metadata.asp?order=title>
The government of the United Kingdom is developing a comprehensive plan for egovernment, which includes standards for interoperability and metadata. This site provides information on, among other things, the UK’s Dublin Core-based metadata standard, implementation plans, and a catalog of government functions.

File Naming

Summary

A file name is the chief identifier for a record. In the world of electronic records, the record’s file name provides metadata that places the record in context with other records, records series, and records retention schedules. In most organizations, the policy for naming a file (and hence a record) is left to individuals or to groups of individuals (e.g., departments, committees). Consider establishing an agency-wide file naming policy that complements your electronic records management strategy.

Consistently named records foster collaboration based on mutual understanding of how to name files and use file names (including the file name metadata). Consistently named records also help you to meet your legal requirements. Legally, your records must be trustworthy, complete, accessible, legally admissible in court, and durable for as long as your approved records retention schedules require. Records that are consistently and logically named are easier to manage to meet these requirements.

In other words, with each staff member consistently naming electronic records, another staff member will be able to look at a record’s file name and use the information in the record’s file name to recognize the contents and characteristics of the record and to make decisions about the record. For example, a staff member could see that “HF0035broch96/97P.pdf” is a brochure about
a House bill (HF0035) in the 1996/1997 session that is available to the public.

Legal Framework
For more information on the legal framework you must consider when developing a file naming policy, refer to the Introduction and Appendix D of the Trustworthy Information Systems Handbook. Also review the requirements of:

• Minnesota Government Data Practices Act (MGDPA) [Minnesota Statutes, Chapter 13]
(available at: <http://www.revisor.leg.state.mn.us/stats/13/>), mandates that government records should be accessible to the public unless categorized as not-public by the state legislature.

Uniform Electronic Transactions Act (UETA) [Minnesota Statutes, Chapter 325L] (available at: <http://www.revisor.leg.state.mn.us/stats/325L>) and Electronic Signatures in Global and National Commerce (E-Sign), a federal law (available at:
<http://thomas.loc.gov/cgibin/query/z?c106:S.761:>). Both UETA and E-Sign address the issues of the legal admissibility of electronic records created in a trustworthy manner and the application of the paper-oriented legal system to electronic records.

Key Concepts
As you develop your file naming policy, you will need to be familiar with the following:
• Differences among file names, file paths, and addresses
• Common file name elements
• General challenges in file naming
• Internet file naming protocols
• Domain names
• URL protocols
• Challenges in Internet-based file naming
• General file naming issues

Differences Among File Names, File Paths, and Addresses
A file name is the name of the file as it stands alone. The file path shows the location of the file. For example, the file “CommitteeAMinutes021401.doc” might be stored in a series of nested directories for all committees as:
“X:Committees/CommitteeA/Minutes/2001/February/CommitteeAMinutes021401.doc.” An address describes the location of a file delivered on the Internet. For example, a map of a public park named Smith Park might have the following address: “http://www.parks.org/smith.html.”

Common File Name Elements
When developing your file naming policy, you may wish to include some of the following common elements:
• Version number (e.g., version 1 [v1, vers1])
• Date of creation (e.g., February 24, 2001 [022401, 02_24_01])
• Name of creator (e.g., Rupert B. Smith [RBSmith, RBS])
Description of content (e.g., media kit [medkit, mk])
• Name of intended audience (e.g., general public [pub])
• Name of group associated with the record (e.g., Committee ABC [CommABC])
• Release date (e.g., released on June 11, 2001 at 8:00 a.m. central time [61101_0800CT])
• Publication date (e.g., published on December 24, 2003 [pub122403])
• Project number (e.g., project number 739 [PN739])
• Department number (e.g., Department 140 [Dept140])
• Records series (e.g., SeriesX)

General Challenges in File Naming
As you develop your policy, you will encounter the following challenges in file naming:

• Version control. You will need to determine how and whether to indicate the version of the record. Some organizations put current and obsolete drafts in different electronic file folders without altering the file name. However, when these records are moved from the active electronic file folder to another storage area, identical file names may conflict and cause
confusion.

• Uniqueness. To avoid file names conflicting when they are moved from one location to another, each record’s file name should be unique and independent from its location. For example, if letters are simply named with the word letter and the date, they are not independent from location because they could fit into any records series that contains letters, and all letters sent on that date would have the same file name.

• Persistence over time. File names should outlast the records creator who originally named the file. With good stakeholder and staff input, and training, you should be able to develop file names that make sense to staff members once the file creators are no longer available.

• Access and ease of use. The policy should be simple and straightforward. A simple policy will help staff members logically and easily name records and help ensure that records are accessible to staff members and/or to the public (as determined by the MGDPA). A simple policy will be more consistently used, resulting in records that are consistently named, and thus easier to organize and access.

• Ease of administration. The policy should work with your computer infrastructure, so that you can monitor policy compliance, manage records and records series, gather metadata, and perform other administrative tasks easily and in compliance with all legal requirements. For example, if all the records in a specific records series are easily identifiable by file name, they will be easier to gather and manage.

Scalability. Consider how scalable your file naming policy needs to be. For example, if you want to include the project number, don’t limit your project numbers to two digits, or you can only have ninety-nine projects.

Internet File Naming Protocols
Several file naming protocols are currently in use on the Internet. They all fall under the category of Uniform Resource Identifiers (URIs). URIs are short text strings that identify resources (e.g., documents, images, electronic mailboxes) on the Internet. These text strings commonly appear in the address window of web browsers. The first part of a URI specifies the transfer protocol in use (the method for transmitting the file from one device to another, such as hypertext transfer protocol [HTTP]). The second part specifies the address, often including the domain name, of the file.

Within the broad grouping of URIs are:
• Uniform Resource Locators (URLs). URLs are specific schemes that allow browsers and other software to access resources on the Internet. URLs indicate the resource’s location (e.g., address and name).
• Persistent Uniform Resource Locators (PURLs). PURLs are functionally URLs, but act as an intermediary for the URL of a web site by redirecting the browser to a PURL server instead of the actual URL. The PURL server associates the PURL with the real URL and returns the URL to the viewer’s browser.
• Uniform Resource Names (URNs). URNs are designed to serve as persistent, location independent resource identifiers. Some overlap exists between URLs and URNs, and some URNs are PURLs. URNs are intended to overcome the problem of persistence and
location independence by providing a long-term identifier for resources. URNs use a resolution service to enable a web browser to use the URN to find the URL location for the resource.

Domain Name
Common practice is to include the domain name in the URI. A domain name, such as “microsoft.com,” is nearly always a part of the URL, because URLs identify resources by location. Review the resources in the Annotated List of Resources for more information on domain names.
Domain names are administered by the Domain Name System.

URL Protocols
You will encounter several common types of URL transfer protocols, including:

• Hypertext Transfer Protocol (HTTP). This is the most common type of URL protocol accessed on the Internet (e.g., http://www.mnhs.org).
File Transfer Protocol (FTP). This protocol type is commonly used to transfer large files via the Internet (e.g., ftp://ftp.mm.com).
• Gopher. This protocol was used primarily in academic and governmental settings, and is rarely used today.
• News. This protocol accesses newsgroups (e.g., news:rec:knitting).
• Telnet. This protocol allows users to control the activity on another computer and participate in interactive sites for such activities as games, live chats, and text information exchange.
• Mailto. This protocol is for e-mail exchange.

Challenges in Internet-Based File Naming
Naming for the Internet is particularly challenging. File names should meet your general criteria, especially for uniqueness, independence from location, and persistence over time. The file names should persist even if you move the files to another server, reorganize your web site, or use another software program or method for producing your web pages.

A carefully constructed policy for naming Internet-delivered files will ensure that:

• Your web site links stay live. Links contain embedded information about the location of the resource being linked to. Moving files from one server to another may result in dead links. If you develop a policy that builds in persistence and location-independence, you should be able to avoid this problem.
• You can more easily manage your web site records. Because the file names are independent of location, you can be assured that you will be able to find records if they are reorganized. For example, if a department within your agency reorganizes its web pages and moves some files to another server, as long as the file names of the records are independent of location, you can still efficiently manage and archive them.
• Your Internet-accessed files mesh with your other electronic files. By integrating your file naming policy with that used for other electronic records, your public records will remain accessible as long as necessary and not-public information will be protected as appropriate.

General File Naming Issues

General issues to consider as you develop a file naming policy include:

• Determining what metadata to collect. You will need to decide what metadata to collect and include in file names. Collection and use of metadata in file names will help ensure the longterm usefulness of your records and help you to meet legal requirements for accessibility (for public records) and accountability, as well as protect not-public records.

Universal retrieval. Ensure that the staff and the public (as appropriate) can access your files. Legally, public records must be accessible. Standard file names allow users to find records efficiently.

• Determining the official copy. Determine which file is the “official” copy. As part of your web content management (see the Web Content Management guidelines), you should include in your policy which web site files are official records, and which version of the electronic file is the official record. Including an indicator of official record status in a file name may be useful for this purpose. The inclusion of this parameter in your policy will help you meet your legal requirements to capture records as set forth by the Official Records Act. The inclusion of this designation may also make administration of your web site records easier.

• Determining file naming boundaries. Pay close attention to the freedom you give staff members (and outside vendors) in naming files. Provide guidelines and training on file naming. You will not be able to manage every electronic record’s file name, so you will need to rely on staff members and vendors to name files in compliance with your policy. By providing guidelines and training, you can maximize policy compliance in a way that meets your operational and legal requirements.

• Relationship to and connection with paper records. Determine how the names of your electronic records relate to the names of paper files you have stored. Because electronic records may be part of records series that include paper records, the file naming policy for electronic records should fit logically with your paper records naming. For example, a letter published on a web site might be part of a records series that includes additional paper documents in a file folder. By ensuring that the electronic records’ and the paper records’ file names mesh, you can more easily manage the records series.

Key Issues to Consider
Now that you are familiar with some of the basic concepts of file naming, you can use the questions below to discuss how they relate to your agency.

Pay special attention to the questions posed by the legal framework, including the need for public accessibility, as appropriate. Consider your current and future activities and records to help determine the components of a file naming policy that will work now and in the future. For example, you may currently publish official statements or press releases on paper, but in the future,
you may publish such records on the web.

Discussion Questions
• Who will use the file naming policy to name files? What policy will make sense to each group? Who will need access to these records? Are there different groups with different needs (e.g., the public, internal users)? How will people “think of” this record (e.g., “I need to find a copy of XYZ.doc.” or “I need information about legislation passed in 2002/2003.”)?
• Will the records move location (e.g., from one server to another, from a server to long-term storage)? How will these changes affect file naming?
• What style issues are important? For example, how should the record names appear in print?
• How does file type affect file name? Does our software or computer system limit the number of digits in the file name?
• What types of electronic records will we name?
• How will staff members and the public access and open files in the short-term and longterm?

What limitations do these systems have for file naming?

Cool URIs Don’t Change. In: Style Guide for Online Hypertext. Cambridge, MA: World Wide
Web Consortium (W3C), 1998.
<http://www.w3.org/Provider/Style/URI>
This section of the complete style guide discusses the file naming concepts for the World Wide Web to ensure the accuracy of links and the longevity of the names. Naming and Addressing: URIs, URLs,….
<http://www.w3.org/Addressing>
These web pages describe the relationship of URIs, URLs, and URNs. The pages also provide links and other information about other file naming topics for the web, such as metadata, markup languages, events, and history.
Webopedia
<http://webopedia.internet.com>
This comprehensive online encyclopedia for the information technology community provides an easy-to-understand, searchable database of terms and topics, including entries on file names and file formats.
PURL
<http://purl.oclc.org/>
The OCLC PURL Service provides a comprehensive introduction to the subject of PURLs. Available from this web site are Frequently Asked Questions on PURLs, introductions to the subject, and the opportunity to create and modify a PURL.

Additional Resources
Identifiers for Digital Resources. Washington, D.C.: Library of Congress, National Digital Library
Program, 1996.
<http://memory.loc.gov/ammem/award/docs/identifiers.html>
These web pages describe the desirable characteristics for file naming for digital records. For illustrative purposes, the pages use the American Memory Collection as a case study for a file naming scheme.
Mims, J. “Files Control.” In Records Management: A Practical Guide. Washington, D.C.:
International City County Management Agency, 1996: 73–84.

This chapter on file management discusses such topics as filing systems, filing system creation, filing system maintenance, and filing system equipment. This chapter also offers information on troubleshooting file system control. The content focuses primarily on paper
systems, but the management principles apply across all media.
Minnesota Historical Society, State Archives Department. Trustworthy Information Systems
Handbook. Version 4, July 2002.
<http://www.mnhs.org/preserve/records/tis/tis.html>

Rapid changes in technology mean that file formats can become obsolete quickly and cause problems for your records management strategy. A long-term view and careful planning can overcome this risk and ensure that you can meet your legal and operational requirements. Legally, your records must be trustworthy, complete, accessible, legally admissible in court, and durable for as long as your approved records retention schedules require. For example, you can convert a record to another, more durable format (e.g., from a nearly obsolete software program to a text file). That copy, as long as it is created in a trustworthy manner, is legally acceptable.

The software in which a file is created usually has a default format, often indicated by a file name suffix (e.g., *.PDF for portable document format). Most software allows authors to select from a variety of formats when they save a file (e.g., document [DOC], Rich Text Format [RTF], text [TXT] in Microsoft Word). Some software, such as Adobe Acrobat, is designed to convert files
from one format to another.

Legal Framework
For more information on the legal framework you must consider when developing a file format policy, refer to the Introduction and Appendix D of the Trustworthy Information Systems Handbook. Also review the requirements of:
• Official Records Act [Minnesota Statutes, Chapter 15.17] (available at:
<http://www.revisor.leg.state.mn.us/stats/15/17.html>), which mandates that government agencies must keep records to maintain their accountability and stipulates that the medium must enable the records to be permanent. It further stipulates that you can copy a record and that the copy, if trustworthy, is legally admissible in court.
• Records Management Act [Minnesota Statutes, Chapter 138.17] (available at:
<http://www.revisor.leg.state.mn.us/stats/138/17.html>), which establishes the Records
Disposition Panel to oversee the orderly disposition of records using approved records retention schedules.
• Minnesota Government Data Practices Act (MGDPA) [Minnesota Statutes, Chapter 13]
(available at: <http://www.revisor.leg.state.mn.us/stats/13/>), which mandates that government records should be accessible to the public, unless categorized as not-public by the state legislature.

Uniform Electronic Transactions Act (UETA) [Minnesota Statutes, Chapter 325L] (available at: <http://www.revisor.leg.state.mn.us/stats/325L>) and Electronic Signatures in Global and
National Commerce (E-Sign), a federal law (available at:
<http://thomas.loc.gov/cgibin/query/z?c106:S.761:>). Both UETA and E-Sign address the issues of the legal admissibility of electronic records created in a trustworthy manner and the application of the paper-oriented legal system to electronic records.

Key concepts

As you consider the file format options available to you, you will need to be familiar with the following concepts:
• Proprietary and non-proprietary file formats
• File format types
• Preservation: conversion and migration
• Compression
• Importance of planning
• File format decisions and electronic records management goals

Proprietary and Non-proprietary File Formats
A file format is usually described as either proprietary or non-proprietary:
• Proprietary formats. Proprietary file formats are controlled and supported by just one software developer.
• Non-proprietary formats. These formats are supported by more than one developer and can be accessed with different software systems. For example, eXtensible Markup Language (XML) is becoming an increasingly popular non-proprietary format.

File Format Types
Below are brief descriptions of the basic files you are likely to encounter. You can use the resources in the Annotated List of Resources for more detailed information on specific file formats. Basic file format types include:

• Text files. Text files are most often created in word processing software programs. Common file formats for text files include:
Proprietary formats, such as Microsoft Word files and WordPerfect files, which carry the extension of the software in which they were created.

RTF files, which are supported by a variety of applications and saved with formatting instructions (such as page layout).

Portable Document Format (PDF) files, which contain an image of the page, including text and graphics. PDF files are widely used for read-only file sharing. However, only Adobe Acrobat can make a PDF file, and Acrobat is necessary for reading a PDF file.

• Graphics files. Graphics files store an image (e.g., photograph, drawing) and are divided into two basic types:
Vector-based files that store the image as geometric shapes stored as mathematical formulas, which allow the image to be scaled without distortion. Common types of vector-based file formats include:

Drawing Interchange Format (DXF) files, which are widely used in computer-aided design software programs, such as those used by engineers and architects

Encapsulated PostScript (EPS) files, which are widely used in desktop publishing software programs

Computer Graphics Metafile (CGM) files, which are widely used in many imageoriented software programs (e.g., Photoshop) and offer a high degree of durability

Raster-based files that store the image as a collection of pixels. Raster graphics are also referred to as bitmapped images. Raster graphics cannot be scaled without distortion.

Common types of raster-based file formats include:
Bitmap (BMP) files, which are relatively low-quality files used most often in word processing applications

Tagged Image File Format (TIFF) files, which are widely usable in many different software programs

Graphics Interchange Format (GIF) files, which are widely used for Internet applications

Joint Photographic Experts Group (JPEG) files, which are used for full-color or grayscale images

• Data files. Data files are created in database software programs. Data files are divided into fields and tables that contain discrete elements of information. The software builds the relationships between these discrete elements. For example, a customer service database may contain customer name, address, and billing history fields. These fields may be organized into separate tables (e.g., one table for all customer name fields). You may convert data files to a text format, but you will lose the relationships among the fields and tables. For example, if you convert the information in the customer database to text, you may end up with ten pages of names, ten pages of addresses, and a thousand pages of billing information, with no indication of which information is related.

• Spreadsheet files. Spreadsheet files store the value of the numbers in their cells, as well as the relationships of those numbers. For example, one cell may contain the formula that sums two other cells. Like data files, spreadsheet files are most often in the proprietary format of the software program in which they were created. Some software programs can import and export data from other sources, including software programs designed for such data sharing (e.g., Data Interchange Format [DIF]). Spreadsheet files can be exported as text files, but the value and relationship of the numbers are lost.

• Video and audio files. These files contain moving images (e.g., digitized video, animation) and sound data. They are most often created and viewed in proprietary software programs and stored in proprietary formats. Common files formats in use include QuickTime and Motion Picture Experts Group (MPEG) formats.

• Markup languages. Markup languages, also called markup formats, contain embedded instructions for displaying or understanding the content of the file. The World Wide Web Consortium (W3C) (http://www.w3c.org) supports these standards. Common markup
language file formats include the following:

Standard Generalized Markup Language (SGML), a common markup language used in government offices worldwide, is an international standard.

Hypertext Markup Language (HTML) is used to display most of the information on the World Wide Web.

eXtensible Markup Language (XML) is a relatively simple language based on SGML that is gaining popularity for managing and sharing information.

Table 1 summarizes the common file formats

Preservation: Conversion and Migration
Your most basic decision about file formats will be whether you want to convert and/or migrate your file formats. If you convert your records, you will change their formats, perhaps to a software independent format. If you migrate your records, you will move them to another platform or storage medium, without changing the file format. However, you may need to convert records in order to migrate them to ensure that they remain accessible. For example, if you migrate records from a Macintosh operating system to a Microsoft Windows operating system, you need to convert the records to a file format that is accessible in the new one (e.g., RTF, Word 2000). For more information on conversion and migration, refer to the Electronic Records Management Strategy and Long-Term Preservation guidelines.

You will face three basic types of loss determining your course of action:
• Data. If you lose data, you lose, to a varying degree, the content of the record. Bear in mind that, legally, your records must be complete and trustworthy.

• Appearance. You also risk loss of the structure of the record. For example, if you convert all word processing documents to RTF, you may lose some of the page layout. You must determine if this loss affects the completeness of the record. If the structure is essential to
understanding the record, this loss may be unacceptable.

• Relationships. Another risk is the loss of the relationships of the data in the file (e.g., spreadsheet cell formulas, database file fields). Again, this loss may affect the legal requirement for complete records.

Keep in mind that a copy of a record is legally admissible only if it is created in a trustworthy manner and is accurate, complete, and durable.

Compression
As part of your strategy, you may choose to compress your files. The pros and cons are summarized in Table 2 below.

The greatest challenge in compressing files is that you may lose data. Compression options vary in their degree of data loss. Some are intentionally “lossy,” such as the JPEG format, which relies on the human eye to fill in the missing detail. Others are designed to be “lossless.” You may choose to compress some files and not others.

Importance of Planning
The challenges of preservation can be overcome with good planning. Use the resources in the Annotated List of Resources, and thoroughly discuss the issues raised in the Key Issues to Consider section, to weigh the specific pros and cons of each option for your agency. Review the decision tree in the Guidelines on Best Practices for Electronic Information white paper for preliminary planning and use the workbook in Risk Management of Digital Information: A File Format Investigation to assess your unique situation and risk. File Format Decisions and Electronic Records Management Goals

The goals of electronic records management that may be affected by file format decisions include:
• Accessibility. The file format must enable staff members and the public (as appropriate under the MGDPA) to find and view the record. In other words, you cannot convert the record to a format that is highly compressed and easy to store, but inaccessible.
• Longevity. Developers should support the file format long-term. If the file format will not be supported long-term, you risk having records that are not durable, because the software to read or modify the file may be not be available.
• Accuracy. If you convert your records, the file format you convert to should result in records that have an acceptable level of data, appearance, and relationship loss.
• Completeness. If you convert your records, the file format you convert to should meet your operational and legal objectives for acceptable degree of data, appearance, and relationship loss.
• Flexibility. The file format needs to meet your objectives for sharing and using records. For example, you may need to frequently share copies of the records with another agency, use the records in your daily work, or convert and/or migrate the records later. If the file format can only be read by specialized hardware and/or software, your ability to share, use, and manipulate the records is limited.

Key Issues to Consider
Now that you are familiar with some of the basic concepts of file naming, you can use the questions below to discuss how those concepts relate to your agency. Pay special attention to the questions posed by the legal framework, including the need for public accessibility as appropriate, completeness, trustworthiness, durability, and legal admissibility. Consider the degree of acceptable data, appearance, and relationship loss. Take a long-term approach so that your file formats will meet your operational and legal requirements now and in the future. Electronic Records Management Guidelines

File Formats

• What are our goals for electronic records management?
• How is our agency affected by the legal requirements?
• What current file formats do we use? Will the developer support these formats long-term?
• Are we planning on converting and/or migrating our records?
• What levels of data, appearance, and relationship loss are acceptable?
• What resources do we have for processing and maintaining records?
• How will our decisions affect other groups that may need current and future access to our records (e.g., other government agencies, the public)?

Annotated List of Resources
Primary Resources
Clausen, Lars R. Handling File Formats. Denmark: The State and University Library, The Royal Library, May 2004.
<http://www.netarchive.dk/publikationer/FileFormats-2004.pdf>

This report is a publication of the Netarchive.dk project, which seeks strategies for archiving the Danish part of the World Wide Web. The report offers a succinct and intelligent analysis of the issues surrounding file format preservation, including the categorization of formats, aspects of preservation quality, assessment criteria for future usability, and preservation strategies.
DLM Forum. Guidelines on Best Practices for Using Electronic Information. Luxembourg:
European Communities, 1997.
<http://dlmforum.typepad.com/>
<http://dlmforum.typepad.com/gdlines.pdf>

This white paper was published by the DLM Forum, an organization of records management experts from the Member States of the European Union and the European Commission. The paper provides a basic overview of the file formats in use worldwide.
Topics include the information life cycle; the design, creation, and maintenance of electronic records; short-term and long-term access; and accessing and sharing information.

Lawrence, G.W., W.R. Kehoe, O.Y. Rieger, et al. Risk Management of Digital Information: A File Format Investigation. Washington, D.C.: Council on Library and Information Resources, 2000.
<http://www.clir.org/pubs/abstract/pub93abst.html>

This publication provides an overview of file format issues related to records management strategies. The publication also provides a comprehensive workbook for users to help them develop a records management strategy.

Additional Resources
Electronic Recordkeeping Resources.
<http://www.kshs.org/government/records/electronic/ermlinks.htm>
This web site provides a comprehensive list of links to other Internet resources related to electronic records management. The site is managed by Cal Lee, who originally constructed it while employed at the Kansas State Historical Society. Topics include
security, preservation, access, and technology infrastructure.

Minnesota Historical Society, State Archives Department. Trustworthy Information Systems Handbook. Version 4, July 2002.
<http://www.mnhs.org/preserve/records/tis/tis.html>

PRONOM: The File Format Registry.
<http://www.nationalarchives.gov.uk/pronom/>
PRONOM is maintained by the Digital Preservation Department of the UK National Archives. Visitors to the site can search within five areas (File Format, Product, Vendor, Support Period, and Release Date), each of which offer more options. Choosing “File Format,” for instance, allows visitors to search just by extension to get a straightforward list of associated software or by compatible products, which returns a list of products, versions, release dates, vendors, read/write capabilities, and invariance. Links on vendor and product lead to a wealth of additional detail. Reports can be easily printed or exported into XML or CSV (Comma Separated Value file) for further use.

Wotsit’s Format: The Programmer’s Resource.
<http://www.wotsit.org>
This online catalog of file formats is broken down into categories such as “Graphics Files,” “Text Files/Documents,” and “Spreadsheet/Database.” Visitors can browse each section or can use the provided search engine to zero in on their mark. Each format carries a one-line description and a link to further information either online or in a download file.
World Wide Web Consortium (W3C)
<http://www.w3.org>

W3C is a consortium of organizations around the world that develops and promotes common web protocols. The site contains news, specifications, guidelines, software, and tools for web development on a wide variety of topics, including markup languages and
transfer protocols.

Storage Facilities and Procedures

Summary
As an employee of a Minnesota government agency, you are legally required to keep records of your agency’s activities so that you are accountable to the citizens of the state. While the law does not require you to keep records permanently, your approved records retention schedule may dictate that you keep them for extended periods of time (e.g., ten years or permanently). For practical reasons, you may want to remove the records that you do not refer to frequently from high-cost office space to a lower-cost storage facility until their disposal date. If you use a storage facility, you will need to consider:

• The physical storage space. Storing your electronic records in a space designed for that purpose will help you maintain your electronic records as long as legally and operationally necessary.

• Access procedures. Procedures for access and use of the storage facility must detail who may access the facility, check out records, add records, and dispose of records. Your storage facility and procedures policy should mesh with your overall records management
strategy. Address both operational and legal requirements to ensure that you store and handle your electronic records in accordance with Minnesota law, while also meeting your operational needs.

Legal Framework
For more information on the legal framework to consider when developing a storage facility and procedures policy, refer to the Introduction and Appendix D of the Trustworthy Information Systems Handbook. Also review the requirements of:

• Records Management Act [Minnesota Statutes, Chapter 138.17] (available at:
<http://www.revisor.leg.state.mn.us/stats/138/17.html>), which establishes the Records
Disposition Panel to oversee the orderly disposition of records using approved records retention schedules. Coordinate your records retention schedules with your storage facility management to help ensure that you store and dispose of records in accordance with the
Records Management Act.

• Minnesota Government Data Practices Act (MGDPA) [Minnesota Statutes, Chapter 13]
(available at: <http://www.revisor.leg.state.mn.us/stats/13/>), which mandates that government records should be accessible to the public, unless categorized as not-public by the state legislature. Carefully consider which records are public and which are not-public under the MGDPA. You must be able to provide access to the stored public records, yet prevent
unauthorized access to not-public records.

Key Concepts
As you discuss and develop a plan for storage facilities and procedures, you will need to consider:
• Storage facility requirements
• Storage facility components

Storage Facility Requirements
The desirable qualities of a storage facility for electronic records are:
• Adequate floor space. You will need to consider:
The current volume of material (both electronic and paper) you need to store

The projected volume of material you will need to store in the future

Your records retention schedules, to see how much material is stored at a given time

The space requirements of different media (see the Digital Media guidelines)— especially if you are considering switching storage media (e.g., electronic media generally requires less space than paper media)

• Security. Allow only approved people to access the storage facility. You will want to consider, among other things:
A controlled entrance (e.g., security code keypad, smart-card swipe)

An alarm system that sounds if an unauthorized person attempts to enter the storage facility

• Convenient location. Consider how often you will need to access the records in your offline storage facility to help determine how conveniently located your storage facility needs to be.

• Adjustable lighting. Your storage facility will need to have adequate lighting available for people using the facility, but should be relatively dark when not in use to help preserve the stored materials. Bright lights can fade printed material.

• Ventilation. Good ventilation will help prevent dampness, mold, and pest infiltration.

• Temperature and humidity control. Proper temperature and humidity are essential for preserving electronic records on digital media. Temperatures and humidity levels that that are above or below the recommended range can deteriorate electronic and paper records. You should strive for a consistent environment, without sudden or drastic changes in temperature or relative humidity.

The temperature should be between 68 ºF +/- 2 ºF.

Relative humidity should be 40% +/- 5%.

• Clean air quality. The air in the storage facility should be free from pollutants (e.g., chemically strong cleaning solution fumes). Dust can be particularly damaging to digital media.

• Damage prevention. Protect your storage facility from:
Pest infestation (e.g., mice, cockroaches, silverfish)

Fire, smoke, and sprinkler damage

Water damage, either from leaky pipes and leaky foundations, or from trapped moisture in walls, floors, and ceilings

Damage from magnets, since magnets can damage digital data on electronic storage media, and thereby damage your electronic records

You may also consider using a third-party storage facility that can store, access, and deliver records to you. Be certain that the third-party facility can meet your operational needs and all legal requirements.

Storage Facility Components
Determine your needs, priorities, and budget for the following components of a storage facility:
• Storage aids. Appropriate storage aids for the media may include shelving, file cabinets, and storage boxes. You may also need special cleaning supplies (e.g., lint-free dusting cloths, cotton gloves for handling sensitive media). Facility map. You will need a map of the storage facility so that you know which records are stored in each area.

• Circulation control. Develop a circulation log or other method for tracking facility access and records circulation. For a reliable circulation control system, you will need to develop an indexing system that accounts for all the records stored in the facility. A central authority should manage the index’s content. Media options include a paper list, card file, or database. You should be able to look at the circulation control index and determine the exact status of each record (e.g., if checked out, with whom and when due; if disposed of, when destroyed or disposed of; date of final disposition).

• Acceptance system. Develop a process that allows agency members to place records into the facility. Items submitted for storage should have, at minimum, the:

Name of the records series

Public or not-public designation

Record series inclusive dates

Unique locator number or identifier

Name of the agency and/or department submitting the item

Records disposal date

Special consideration for vital records. Your vital records should have the best storage facility you can devise and afford. A third-party vendor may provide your best option for the physical storage of vital records. An off-site storage location is best. Be certain that your facility map shows the location of vital records, so that you can locate them immediately should a disaster occur.

• On-going maintenance schedule. Establish an on-going system for maintaining the storage facility, including:
Regular cleaning, using chemicals that will not leave harmful residue or fumes

Procedures for checking deterioration of physical storage media (e.g., warped compact disks, cracked disks, moldy boxes)

Procedures for checking deterioration of electronic content (e.g., unreadable disks, inaccurately read records, missing or scrambled information on records)

On-going maintenance program (e.g., reading samples, spinning tapes to tighten them)

Regular maintenance of storage facility equipment (e.g., furnaces, air conditioners, dehumidifiers)

Reading room. Establishing a separate reading room near the storage facility could improve security, by allowing you to monitor records use.

• Disaster recovery plan. As part of your policy, include a disaster recovery plan that provides a series of detailed actions (including who is responsible for executing each step of the disaster plan) if a disaster should occur at the storage facility. Include the response procedures for multiple types of disasters (e.g., flood, fire, smoke, explosion). The goal of the plan should be to have the facility operational and the greatest number of records recovered in the least amount of time. Train staff members and practice the disaster recovery plan. For more information on disaster recovery, refer to the Disaster Preparedness guidelines
<http://www.mnhs.org/preserve/records/disaster.html> on the State Archives’ web site.

• Access and use training. Provide instruction and training for staff members who will be submitting items for storage, accessing stored records, and checking out records. Established guidelines and training will enable you to provide service, stay organized, and protect your records.

Key Issues to Consider
Now that you are familiar with some of the basic concepts of storage facilities and access procedures, you can use the questions below to discuss how those concepts relate to your agency. Pay special attention to the questions posed by the legal framework, including the need for public accessibility and protection of not-public records as set forth in the MGDPA. Consider your current and future activities and records to help determine your requirements for a storage facility and access procedures. The answers to these questions will guide your development of a storage facility that meets your agency’s needs and legal requirements.

Discussion Questions
• What are our goals for a storage facility and access procedures? What priority can we place these goals in? How does this prioritization affect our budget?
• Are there other government agencies to share resources with?
• How long do we need to retain our records under the Records Management Act?
• Will we be storing an increasing volume of electronic records and fewer paper records?
• How frequently will the records need to be accessed? How strictly must access to the records be monitored? Will the public access our records directly, or will we access records on behalf of the public? How will we protect not-public records as defined under the MGDPA?
• What are our needs for floor space, storage aids, location, and security systems?
• Will the storage area be maintained in our daily work space or in a separate location? What are the cost differences of our options?
Are we considering a third-party storage facility? How will we be sure that the third-party can meet all of our legal and operational requirements?
• Who is responsible for enforcing the storage system policy and procedures? Who will maintain the map and index?
• How will we accept and process records into the storage facility?

Annotated List of Resources

Minnesota Historical Society, State Archives Department. Preserving and Disposing of Government Records. St. Paul: Minnesota Historical Society, May 2008.

<http://www.mnhs.org/preserve/records/docs_pdfs/PandD_may2008.pdf>
Developed for Minnesota government agencies, this overview of the basic principles of records management includes chapters on defining a government record, taking inventory of your records, developing records retention schedules, preserving archival records,
disposing of records, and setting up a records storage area. A list of resources for more information is included, as well as information about applicable state law regarding electronic records management. Originally published by the Minnesota Department of Administration in July 2000, the guide was updated jointly by the Minnesota Historical Society and the Minnesota Government Records and Information Network (MNGRIN) in 2008.

Disaster Preparedness. St. Paul: State Archives Department, Minnesota Historical Society, 2000.
<http://www.mnhs.org/preserve/records/disaster.html>
Also available as a downloadable file, the information on these web pages summarizes the basic concepts of disaster preparedness, including disaster prevention, disaster planning, disaster recovery, and disaster preparedness resources.

Electronic Recordkeeping Resources
<http://www.kshs.org/government/records/electronic/ermlinks.htm>
This web site provides a comprehensive list of links to other Internet resources related to electronic records management. The site is managed by Cal Lee, who originally constructed it while employed at the Kansas State Historical Society. Topics include security, preservation, access, and technology infrastructure.

Ellis, J., S. McCausland, S. McKemmish, et al., eds. Keeping Archives. 2nd ed. Melbourne, Australia: Thorpe in association with the Australian Society of Archivists Inc., 1993. This book provides chapters that focus on the different aspects of planning and managing
archives for all media, including paper and electronic formats. Special topics of interest to the electronic records archivist include special formats (e.g., moving images, sound recordings), and using computers and document imaging systems.

Minnesota Historical Society, State Archives Department. Trustworthy Information Systems
Handbook. Version 4, July 2002.
<http://www.mnhs.org/preserve/records/tis/tis.html>

This handbook provides an overview for all stakeholders involved in government electronic records management. Topics center around ensuring accountability to elected officials and citizens by developing systems that create reliable and authentic information and records. The handbook outlines the characteristics that define trustworthy information, offers a methodology for ensuring trustworthiness, and provides a series of worksheets and tools for evaluating and refining system design and documentation.
National Archives and Records Administration (NARA)
<http://www.archives.gov/index.html>
For technical guidance on archival preservation and management, visit the web site of the National Archives and Records Administration.
The PC Technology Guide
<http://www.pctechguide.com/storage.htm>
This site is a comprehensive resource on all aspects of the personal computer. Topics include hardware, software, computer use, and digital media.

Digital Media

Summary
On-going and rapid advances in technology dictate that you store your electronic records on media that enable you to meet your long-term operational and legal requirements. Legally, your records must be trustworthy, complete, accessible, legally admissible in court, and durable for as long as you need them. Because every digital storage option will eventually become obsolete, consider digital storage options that will enable you to maintain records by migrating and/or converting them during their required retention period.

Legal Framework
For more information on the legal framework you must consider when selecting digital storage media, refer to the Introduction and Appendix D of the Trustworthy Information Systems Handbook. Also review the requirements of:
• Official Records Act [Minnesota Statutes, Chapter 15.17] (available at:
<http://www.revisor.leg.state.mn.us/stats/15/17.html>), which mandates that government agencies must keep records to fulfill the obligations of accountability and specifies that the medium must enable the records to be permanent. It further stipulates that you can copy a record and that the copy, if trustworthy, will be legally admissible in court.
• Records Management Act [Minnesota Statutes, Chapter 138.17] (available at:
<http://www.revisor.leg.state.mn.us/stats/138/17.html>), which establishes the Records
Disposition Panel to oversee the orderly disposition of records using approved records retention schedules.
• Minnesota Government Data Practices Act (MGDPA) [Minnesota Statutes, Chapter 13]
(available at: <http://www.revisor.leg.state.mn.us/stats/13/>), which mandates that government records should be accessible to the public, unless categorized as not-public by the state legislature.
• Uniform Electronic Transactions Act (UETA) [Minnesota Statutes, Chapter 325L] (available
at: <http://www.revisor.leg.state.mn.us/stats/325L>) and Electronic Signatures in Global and National Commerce (E-Sign), a federal law (available at:
<http://thomas.loc.gov/cgibin/query/z?c106:S.761:>). Both UETA and E-Sign address the issues of the legal admissibility of electronic records created in a trustworthy manner and the application of the paper-oriented legal system to electronic records.

Key Concepts
Before you determine which digital media will meet your long-term legal and operational needs, familiarize yourself with the following key concepts:
• Digital data
• Sequential versus random access
• Storage measurement
• Media life expectancy
• Magnetic media
• Optical media
• Performance issues

Digital Data
Your electronic records are digital data that are stored on digital media. Digital data exists, at its most basic level, as just 0 and 1, or on and off. For example, black and white photographs in the newspaper are printed as a series of either black or white dots (0 or 1, on or off). The complex organization of a large number of dots allows the human eye to complete the image. The digital data in an electronic record uses the same principle to organize digital data into the record to make the record readable. A bit (short for binary digit) is the smallest unit of data in a computer. A bit has a single binary value, either 0 or 1.

Digital data is stored on digital media. Digital media are divided into two types:
• Magnetic. On magnetic media, the digital data is encoded as microscopic magnetized needles on the surface of the medium (e.g., disk or tape).
• Optical. On optical media, the digital data is encoded by creating microscopic holes in the surface of the medium (e.g., disk).

For more information on the storage of digital media to preserve longevity, refer to the Storage Facilities and Procedures guidelines.

Sequential Versus Random Access
Access to digital information on digital media is divided into two types:
• Sequential. Sequential access requires the user to access specific information by accessing the preceding information on the medium. For example, if you want to view a specific portion of a videotape, you must first fast-forward through the preceding portion of the
videotape.
• Random. Some digital media allow users to access the stored information from any physical place on the media. For example, when you put a disk into your personal computer’s disk drive, you can access any single file stored on the disk without having to first access all the files that precede it.

Storage Measurement
The storage capacity of digital media is measured in bytes, the basic unit of measurement:
• 1,024 bytes make a kilobyte (KB)
• 1,024 KBs make a megabyte (MB)
• 1,024 MGs make a gigabyte (GB)
• 1,024 GBs make a terabyte
For example, a one-page, text-only letter might be 20 KB, a graphics file might be 200 KB, and a fifty-page, desktop-published document with graphics might be 2 MB.

Media Life Expectancy
All storage media have finite life spans which are dependent on a number of factors, including manufacturing quality, age and condition before recording, handling and maintenance, frequency of access, and storage conditions. Studies have indicated that under optimal conditions, the life expectancy of magnetic media ranges from 10 to 20 years for different types, while optical media may last as long as 30 years. However, in real life situations, most media life expectancies are significantly less.

Magnetic Media
Magnetic media include:

• Magnetic disk. Magnetic disks include the hard disk found in your computer that stores the programs and files you work with daily. Magnetic disks provide random access. Also included are:

Removable hard disk. These disks are encased in a plastic housing that allows them to be inserted and removed from a processor. In this way, a single processor can have access to the data on multiple hard drives.

Removable disk. Removable disks include the relatively small-capacity floppy disks, as well as the larger-capacity peripheral disks, such as the Iomega Zip disks.

Cartridge. Removable cartridges contain disks encased in a metal or plastic casing for easy insertion and removal.

• Magnetic tape. Magnetic tapes come in reel-to-reel, as well as cartridge format (encased in a housing for ease of use). The two main advantages of magnetic tapes are their relatively low cost and their large storage capacities (up to several gigabytes). Magnetic tapes provide sequential access to stored information, which is slower than the random access of magnetic disks. Magnetic tapes are a common choice for long-term storage or the transport of large volumes of information.

• Digital audio tape (DAT). DATs are in a cartridge format a little larger than a credit card. The industry standard for DAT cartridge format is a digital data storage (DDS) cartridge. DDS cartridges provide sequential access.

• Videotape. Videotape provides sequential access to video footage (e.g., feature films).

Optical Media
Optical media options include:

• Compact Disk (CD). Compact disks come in a variety of formats. These formats include CDROMs that are read-only, CD-Rs that you can write to once and are then read-only, and CDRWs that you can write to in multiple sessions.

• Write-Once, Read-Many (WORM) disk. WORM disks require a specific WORM disk drive to enable the user to write or read the disk. WORM disks function the same as CD-R disks.

• Erasable optical (EO) disk. The user can write to, read from, and erase from EO disks as often as they can magnetic disks. EO disks require special hardware.

• Digital versatile disk (DVD). These disks are also called digital video disks, but do not necessarily include video. DVD disks are new types of optical disks with more storage capacity than CD-ROMs. Common types of DVDs include:

DVD video. These DVDs provide a format for showing full-length films using a special DVD player connected to a television set. DVD videos contain a scrambling system that prevents users from copying the contents.

DVD-ROM. These DVDs are read-only disks that also have enough storage capacity for a full-length feature film. They are accessed using a special DVD drive attached to a personal computer. Most of these drives are backward-compatible with CD-ROMs and
can play DVD video disks.

DVD-RAM. These DVDs are rewritable disks with exceptional storage capacity. They come in one- or two-sided formats.

DVD+RW. DVD+RW is a direct competitor to DVD-RAM with similar functionality and slightly greater storage capacity.

Note: DVD-RAM and DVD+RW are not compatible. The two technologies are being developed by competing vendors and require different hardware.

• Optical cards. Optical cards, also known as “smart cards,” are the size of a credit card. They come in read-only and read-write formats. They are not in widespread use except for limited applications, such as automatic teller machines, personal identification for security systems, and airline reservations.

• Optical tape. Optical tape is tape coated with optical recording material. Optical tape is not widely used.

Performance Issues
As you discuss your digital media options, consider each option’s performance characteristics in terms of your records management needs.

• Speed of access. Consider how quickly you or authorized members of the public may need to access your records. You may find that some types of records require fast access, while others do not. For example, you may need fast access to key policy decisions, but not to employee records.

• Capacity. The volume of records that you can store on the medium will be a key consideration. Examine the volume of the records you now store, and try to determine what your needs may be in the future. Consider the official definition of a record and whether that definition will affect the records volume that you need to manage. For example, you may anticipate greater use of e-mail and the expansion of your web site, which would affect the capacity that you need.

• Longevity. Research how long the industry will support various media options and compare those figures with the time period that you need to keep your records according to the approved records retention schedule. You may find a medium that meets all your needs, but is not widely used or has a high risk of becoming obsolete, thereby limiting its usefulness in the future.

• Durability. Research how easily a given medium can be damaged or will deteriorate. You may find that a medium that deteriorates after three years will still be a suitable option for records that need to be retained for only one year. Be sure to review your records retention periods.

• Versatility. If your records contain multiple file formats (as described in the File Formats guidelines), research how many file formats a medium can store. For example, a floppy disk cannot store large graphics files, but a CD or a DVD can store graphics, text, audio files, or video files.

• Portability. Determine how portable your stored records should be. Some media, such as DVDROMs, are very portable, while hard disks in a computer processor are not. You should also consider whether you will need special devices to read the records. For example, not many organizations are equipped with DVD-ROM players. Consider who will be accessing your records. For example, will the public, the press, or other agencies frequently access your records?

• Compatibility. Assess the backward and forward compatibility of the digital media you are considering. For example, DVD-ROM drives are backward-compatible for CD-ROMs, but a CD-ROM drive is not forward-compatible for DVD-ROMs. This discussion will help you to determine how often you may need to upgrade supporting computer systems, migrate records, and/or convert records.

• Cost. Assess the costs and benefits of each medium you consider. Be sure to discuss the costs of converting and/or migrating records, as well as the basic costs of the system.

Summary
Table 1 summarizes the capacity of the basic digital media options. Research the specific medium and manufacturer for exact specifications, including cost. Because of rapid technology developments in a highly competitive market, the costs for each option change frequently.

Key Issues to Consider
Now that you are familiar with some of the basic concepts and options of digital storage media, you can use the questions below to discuss how those concepts relate to your agency. Pay special attention to the questions posed by the legal framework, including the required records retention periods. Examine your current and future records series. Some records series may require large storage capacities, may need to be retained for a long time, or may be frequently accessed by the public, other agencies, or other groups. Prioritizing your needs in light of the legal requirements will help you narrow your discussion and focus your research.

The point is to determine the best option for your agency that meets your legal and operational needs, not merely to automatically upgrade technology. For example, if you are currently using magnetic tape, you may discover that magnetic tape remains your best choice.

Discussion Questions
• What types of records do we need to store (e.g., graphics, text, database text)? What file formats? How large are our record files?
• Which performance issues are most important in our situation?
• How long do we need to retain the records?
• How often will we need to access the records?
• Will all records or specific records series be frequently accessed by the public or other groups?
• How well do our current media meet our needs? What costs would be incurred for supplies, equipment, and training that would be required if we were to switch to or add a new storage medium?
• Are any of the media we are considering expected to become obsolete in the near future? Will the medium, as well as the necessary hardware and software, still be available from a number of suppliers for as long as we need? Has the developer defined a migration path for improved versions of the medium?

Annotated List of Resources

Primary Resources
Beyers, Fred R. Information Technology: Care and Handling for the Preservation of CDs and DVDs – A Guide for Librarians and Archivists. NIST Special Publication 500-252. Gaithersburg, MD: National Institute of Standards and Technology; Washington, D.C.: Council on Library and Information Resources. October 2003.
<http://www.foray.com/images/pdfs/CDandDVDCareandHandlingGuide.pdf> This guide discusses the physical characteristics of various optical media, as well as methods for their proper care and handling to ensure longest possible use in any given
environment. A useful glossary is included.

The PC Technology Guide
<http://www.pctechguide.com/04disks.htm#>
This site is a comprehensive resource on all aspects of the personal computer. Topics include hardware, software, computer use, and digital media.
Webopedia
<http://webopedia.internet.com>
This comprehensive online encyclopedia for the information technology community provides an easy-to-understand, searchable database of terms.

Additional Resources
International Council on Archives, Committee on Electronic Records. Guide for Managing Electronic Records from an Archival Perspective. Paris: International Council on Archives, 1997.
<http://www.ica.org/sites/default/files/ICA%20Study%208%20guide_eng_0.pdf>
This handbook provides a comprehensive overview of electronic records management from an archival perspective. It provides useful information on key concepts, such as lifecycle management, legal issues, technological issues, and implementation tactics for all readers.

COOL (Conservation OnLine): Electronic Storage Media
<http://palimpsest.stanford.edu/bytopic/electronic-records/electronic-storage-media> These pages are part of the Conservation OnLine, Resources for Conservation Professionals web site at Stanford University. This web page is a collection of materials from other sources about electronic conservation, including resources on disaster recovery, electronic media, electronic formats, and storage environments.

Bell, R. and A. Waugh. “VERS Standard for the Management of Electronic Record Formats, Appendix Four: Digital Storage Media.” In Standard for the Management of Electronic Records.
Version 1.0. North Melbourne, Australia: State of Victoria, 2000.
<http://www.prov.vic.gov.au/vers/standards/pros9907/99-7s4.htm>
An appendix to the State of Victoria (Australia) standard for electronic records management outlines the digital media available for electronic records storage.
Minnesota Historical Society, State Archives Department. Trustworthy Information Systems Handbook. Version 4, July 2002.
<http://www.mnhs.org/preserve/records/tis/tis.html>
This handbook provides an overview for all stakeholders involved in government electronic records management. Topics center around ensuring accountability to elected officials and citizens by developing systems that create reliable and authentic information and records. The handbook outlines the characteristics that define trustworthy information, offers a methodology for ensuring trustworthiness, and provides a series of worksheets and tools for evaluating and refining system design and documentation.
Puglia, S. “Creating Permanent and Durable Information: Physical Media and Storage Standards.”

CRM: Cultural Resource Management 22 (1999): 25–27.
<http://crm.cr.nps.gov/archive/22-2/22-02-10.pdf>

Refer to this web page for a list of references on creating and storing records, including paper records, microfilm, and electronic records. U.S. General Services Administration. “Applying Technology to Record Systems: A Media Guideline.” Information Resources Management Services, KML-93-1-R. (Washington, D.C., 1993).

Published in 1993, this booklet from the federal government provides an overview of digital storage media considerations. Topics include an introduction to concepts and definitions of storage options, physical properties of different media (e.g., paper, microfilm, digital storage, magnetic media, optical media), organization records, capturing and converting records, and cost considerations.

Electronic Document Management Systems

Summary

An electronic document management system (EDMS) is an off-the-shelf software program that serves as an access portal to other applications. The primary function of an EDMS is to manage electronic information within an organization’s workflow. Only a few EDMSs include records management capability, so if you choose to use an EDMS, you must be sure that it works within your records management strategy. For example, you must be sure it is able to capture a record and provide access security.

Legal Framework
If you choose to use an EDMS, your selection requires a careful, considered balance between your legal requirements and your technological options. Use of an EDMS is not a panacea for implementing your electronic records management strategy. You should not assume that the requirements for a government agency are built into an EDMS. In fact, the use of an EDMS can lead to records management problems, especially for government agencies with specific legal requirements. The decision to use an EDMS requires significant planning and analysis.

Each vendor’s EDMS has different degrees of functionality. In an EDMS designed for the private sector, the functions available may not allow you to meet your legal requirements. For example, an EDMS designed for the private sector may be unable to:
• Manage all the required file formats that constitute government records
• Preserve the record’s required metadata
• Ensure trustworthiness
• Provide adequate security of not-public information and records

For example, an EDMS may improve collaboration during document development. However, the EDMS also may create multiple copies of a document and may not provide the access security you need to protect not-public records as defined by the Minnesota Government Data Practices Act

Electronic Document Management Systems

(MGDPA) [Minnesota Statutes, Chapter 13] (available at:
<http://www.revisor.leg.state.mn.us/stats/13/>).
Therefore, examine the advantages offered by an EDMS in light of your legal requirements as a government agency. These guidelines will guide you in considering the merits of an EDMS.

Key Concepts
As you discuss the merits of an EDMS for your agency, you will need to be familiar with the following key concepts:
• Document workflow integration
• Basic functions
• Optional functions
• Government standards
• Basic process for selecting an EDMS

Document Workflow Integration
You should look for an EDMS that will help you integrate and automate document management and records management at each point in your agency’s records continuum. As discussed in the Electronic Records Management Strategy guidelines, records should be managed as part of a continuum, rather than as having discrete stages in a life cycle. The right EDMS may increase the ease of this integrated management.

Consider your agency’s document workflow. An EDMS should mirror your workflow and enable you to capture and manage records as part of your daily work (one of the requirements for records to be accepted as evidence under the law).

To learn more about which documents are records, refer to the Electronic Records Management Strategy guidelines.
Basic Functions
At a minimum, look for an EDMS that provides:

• Security control. This function controls which users have access to which information. Any system that you use must be able to protect not-public records as defined by the MGDPA.

• Addition, designation, and version control. The EDMS should allow users to add documents to the system and designate a document as an official government record. It should also automatically assign the correct version designation.

• Metadata capture and use. The EDMS should allow you to capture and use the metadata appropriate for your agency.

Optional Functions
You may also want an EDMS that can provide:
• Records management. An EDMS may integrate and automate records retention schedules, document status designations, and address other aspects of a unique workflow records continuum. Remember that the inclusion of records management functions is the exception.
• Storage. This function will allow you to store documents within the EDMS or to centrally manage your adjunct storage system.
• Free-text search. This function allows users to search every word in the entire document or a specified group of documents. Other systems search only metadata.
• Hypertext links. Some EDMSs will provide hypertext links from one document to another to facilitate navigating and browsing among related documents.
• Automatic conversion. Some EDMSs will automatically convert one file format to another when the file is designated as a record (or at another specific point in the workflow). (For more information on conversion, refer to the Electronic Records Management Strategy and LongTerm Preservation guidelines.)
• Compound document management. Some EDMSs manage compound documents better than others. Compound documents are single documents that contain multiple elements (e.g., text, photographs, video, hypertext links).
With so many developers and systems currently on the market, the list above describes only a few of the optional features that your agency may be interested in.

Government Standards
Government agencies are subject to government regulations and guidelines in the selection of an EDMS. Federal guidelines are set forth in the Department of Defense 5015.2-STD, Design Criteria Standard for Electronic Records Management Software Applications. Bear in mind that even though an EDMS may meet all the Department of Defense guidelines, it may not meet all the requirements for the State of Minnesota. Therefore, you must also consider State of Minnesota legal requirements. You must carefully examine if the EDMS supports:
• Adequate security for the protection of not-public records
• Adequate access to public records
• Ability to capture and manage electronic records (if your EDMS has this function) in a way that meets legal requirements for parameters such as trustworthiness, completeness, accessibility, legal admissibility, and durability
• All electronic formats included in the official definition of a government record For more information on these rules and statutes, refer to the Introduction and Appendix D of the Trustworthy Information Systems Handbook. Also review the requirements of:

• Records Management Act [Minnesota Statutes, Chapter 138.17] (available at:
<http://www.revisor.leg.state.mn.us/stats/138/17.html>), which establishes the Records Disposition Panel to oversee the orderly disposition of records. Consider how you will dispose of the records if you are using the EDMS for records management.

• Minnesota Government Data Practices Act (MGDPA) [Minnesota Statutes, Chapter 13]
(available at: <http://www.revisor.leg.state.mn.us/stats/13/>), which mandates that government records should be accessible to the public, unless categorized as not-public by the state legislature. Any EDMS must be able to protect not-public information and records and provide access to records to authorized members of the public. Even if you do not use the EDMS for records management, you must be certain that the system protects not-public information.

Basic Process for Selecting an EDMS
The following basic process for selecting, implementing, and managing an EDMS should serve as a baseline for you to develop a more specific process for your agency. The basic process includes:

• Needs assessment. The first stage is to work with internal stakeholders and understand your legal obligations to determine your unique needs. If you wish to use the EDMS for records management, be sure that you identify trustworthiness, completeness, accessibility, legal admissibility, and durability as needs (as discussed in the Electronic Records Management Strategy guidelines). Be sure to think of not only your immediate needs, but also your longterm requirements.

• Vendor selection. You will need to carefully select an EDMS vendor. You may need to issue a request for proposals that sets forth your legal requirements and vendor selection criteria. You may also contact other Minnesota government agencies with similar systems. In short, you will want to gather as much information as you can about potential EDMSs as they are used in government agencies.

• Implementation plan. You will need to work with the vendor and internal stakeholders to develop a comprehensive implementation plan. The plan should include a:

Technological implementation plan that outlines how and when the system will be installed and tested

User implementation plan that includes training and system rollout

• Deployment. As detailed in your implementation plan, you will need to install and test the system, and train users.

• Management. As you use the system, you will need to continue to manage and refine your use of the system.

Throughout each of these stages, you will need to document the entire process, including needs assessment, implementation, management, and refinement. You will also need to document the system itself, including hardware, software, operational procedures, and security measures. You can refer to the Trustworthy Information Systems Handbook for information on documenting such a process.

Key Issues to Consider
You should consider your operational and records management requirements, including the legal framework you operate in as a government agency, as well as your desired product features and agency-specific workflow in order to select an appropriate EDMS.
Use the questions below to consider whether to pursue an EDMS, as well as how to select a vendor. Take a long-term approach in discussing these questions. Consider the types of documents and records you create now and which types you may create in the future. Remember to think of your records as needing to be managed along a continuum, rather than in discrete stages.

Discussion Questions
• What are our needs? What are the needs of all involved stakeholders?
• Do we want to use the EDMS just for workflow management or do we want to use it for records management as well?
• Which records do we want to capture and manage using our EDMS?
• Which formats do we use now and which formats are we likely to use in the future?
• What metadata do we need to include?
• How does the legal framework affect our discussion and decision?
• How do we use records now? How will we use records in the future? What records do we need to share and store?
• How do our records fit into our current workflow? How may we need to modify our workflow to accommodate an EDMS? At which points in our workflow do we need to capture records?
• How will we dispose of records in the EDMS? Will the system enable us to transfer, convert, and/or migrate records easily?
• What are the roles and responsibilities of groups and individuals in terms of electronic records management?
• What features are essential to us in a document management system? What features might be the most useful, but nonessential, elements of a document management system? What is our budget?
• How will we mesh a new system with systems currently in place (e.g., e-mail systems, databases, word processing systems)?

Association for Information and Image Management International. Implementation Guidelines and Standards Associated with Web-based Document Management Technologies. Silver Spring, Md.:

Association for Information and Image Management International, 2002.
<http://www.project-consult.net/Files/AIIM+ARP1+2002.pdf>

This document contains a set of recommended practices for the implementation of selected web-based document management technologies. The document provides specific recommended activities for each phase of implementing such technologies.

Document Management Avenue
<http://cgi.parapadakis.plus.com/index.php>
This web site provides information and links to white papers, vendors, and related sites.
The site also provides news, answers frequently asked questions, and lists events for documentation management professionals.
Minnesota Historical Society, State Archives Department. Trustworthy Information Systems Handbook. Version 4, July 2002.

<http://www.mnhs.org/preserve/records/tis/tis.html>
This handbook provides an overview for all stakeholders involved in government electronic records management. Topics center around ensuring accountability to elected officials and citizens by developing systems that create reliable and authentic information and records. The handbook outlines the characteristics that define trustworthy information, offers a methodology for ensuring trustworthiness, and provides a series of worksheets and tools for evaluating and refining system design and documentation.

The PC Technology Guide
<http://www.pctechguide.com/storage.htm>
This site is a comprehensive resource on all aspects of the personal computer. Topics include hardware, software, computer use, and digital media.
Additional Resources

AIIM International
<http://www.aiim.org>
This web site is published by the Association for Information and Image Management (AIIM). AIIM is an international professional organization for “users and suppliers of the content, document and process management technologies that drive e-business.” The site
includes information about events, articles, industry studies, and white papers. The web site also includes a products and services vendor directory.

ARMA International
<http://www.arma.org>
Published by ARMA International, this site focuses on strategic information management issues for records and information managers, information technology professionals, imaging specialists, archivists, librarians, and others. The site includes a buyer’s guide and virtual trade show of industry vendors, as well as publications, a bookstore, white papers, industry news, legislative updates, and information on industry standards.

CNET Enterprise, Collaboration and Management, Document Management
<http://www.canada.cnet.com/enterprise/0-9533.html>
This portion of the CNET Enterprise web site provides information on document management software products, including EDMS products. The site also has a research library that allows searches and links to articles, industry news, and white papers. The site
also allows you to sign up for newsletters related to topics of interest related to document management. CNET Networks, Inc. is a commercial business that provides information, services, and products to the information technology industry.

Records Management Application Compliance Testing
<http://jitc.fhu.disa.mil/recmgt>
This site lists vendors with EDMS products that have been tested and approved by the federal government. The site provides links to the vendor’s web sites. The site also provides access to a number of federal guidelines for records management, including the DOD Standard 5015.2 Design Criteria Standard for Electronic Records Management Software Applications.

Preserving the Electronic Records Stored in an RMA (PERM)
<http://www.sdsc.edu/PERM/>
This web site provides information on the joint project between the State Archives of Michigan and the San Diego Supercomputer Center to develop and test a model for the preservation of electronic records in the State of Michigan’s records management
application (RMA) environment.

Digital Imaging

Summary
Increasingly businesses and government agencies are looking towards digital imaging to enhance productivity and to provide greater access to certain types of information. Digital imaging offers many advantages, including: improved distribution and publication, increased access, streamlined workflows, and a greatly reduced need for physical storage space. In addition, digital images can
be used to create text-searchable files through the application of optical character recognition (OCR) software. Digital images can be made available over the web, allowing government agencies and businesses to provide information to business partners or the general public quickly and efficiently.

While digital imaging is becoming increasingly popular and commonplace, you must remember it is an investment with potentially very high up-front costs. Digital imaging should make financial sense for your business or agency. To assure your digitized records are fully admissible in court, they must be trustworthy, complete, and durable for as long as your approved records retention
schedules require.

Legal Framework
Imaging is, by state law, a recognized and legitimate form of record reproduction. To assure that your imaged records are fully admissible and meet all evidentiary standards, you should review the requirements of the:

• Uniform Photographic Copies of Business and Public Records as Evidence Act [Minnesota Statutes, Chapter 600.135] (available at:
<http://www.revisor.leg.state.mn.us/stats/600/135.html>), which establishes that an accurate reproduction of a record is as admissible in evidence as the original in any judicial or administrative proceeding. It further stipulates that if an accurate and durable reproduction is made, the original record may be destroyed in the regular course of business unless its preservation is required by law.

To prove the legal admissibility of your digitized records, you will need to demonstrate the records were created in a trustworthy manner. You should be prepared to demonstrate the reliability of your system and show that it leaves no room for the manipulation of the stored record. For more information refer to the State Archives’ Trustworthy Information System Handbook.

Key Concepts
Before you determine whether digital imaging will meet your long-term legal and operational needs, acquaint yourself with the following key concepts:
• Imaging terms
• File formats
• Image storage
• Metadata
• Justifying the cost
• Choosing a vendor
• Implementation strategy

Imaging Terms
Digital imaging is a process by which a document or photo is scanned by computer and converted from analog format to a computer-readable digital format. After scanning, the original document or photo is represented by a series of pixels arranged in a two-dimensional matrix called a bitmap or raster image. This image can then be transferred onto a variety of electronic storage media,
such as CD-ROM, for storage and use.

For a better understanding of imaging you should be familiar with the following terms:

• Pixel Bit Depth: Defines the number of shades that can actually be represented by the amount of information saved for each pixel. These can range from 1 bit/pixel for binary (fax type) images to 24 bits per pixel or greater in high quality color images. The following are current standard bit depths for image files:

Resolution: The quality of a digital image is dependent on the initial scanning resolution. Resolution is expressed in the number of dots, or pixels, used to represent an image, expressed commonly as “dpi,” dots per inch. You may also see “ppi” (pixels per inch) and “lpi” (lines per inch) used. As the dpi value increases, image quality increases but so does the file size.

Unlike paper documents, the resolution of photographs is sometimes expressed in the number of pixels across the long-dimension of an image. When creating standard-sized images from photographs or negatives of differing sizes (e.g., 35mm, 4”x 5”), the scanning resolution in dpi varies. In such cases, it is often easier to measure resolution as the number of pixels across an image’s long dimension. For example, each of the following files measures 3000 pixels in the long-dimension, although they have varying values of dpi.

To determine the scanning resolution you need, you first have to determine the desired quality of your images and the storage capacity of your computer system. You will also need to consider the desired speed of delivery of the images, especially if they will be accessed over the Internet. You may want to scan high-resolution masters of your images and then create lower resolution copies for web delivery. General recommendations for master files are as follows:

Compression: Data compression saves file space. There are two types of compression, lossless and lossy. Under lossless compression no data is lost (although the file is still compressed).

Under lossy compression data is lost. Lossy compression attempts to eliminate redundant or unnecessary information. Depending upon the degree of compression, this information loss may be unnoticeable to the human eye. For example, it is possible for a JPEG file (a lossy compression) and a TIFF file (lossless) to appear exactly the same, although the JPEG file is missing data, making it significantly smaller. These file formats, and others, are discussed in the following section.

File Formats
In any digital imaging project, choosing the file formats you will use is important. Like scanning resolution, the file format directly affects the quality and file size of your images. Choosing the best file format for your needs requires knowing how your images will be used (e.g., archival or display functions), the type of materials you will be imaging (e.g., text, art, graphics, photos), and the desired speed of delivery and the necessary quality of your images.

For many digital imaging projects it is necessary to create master images. Master images are especially necessary when creating a digital archive. They will serve as archival copies and be the basis from which derivative images are subsequently created. For this reason, high quality is crucial; master images must be in a high resolution and lossless format, insuring that the original document is captured as completely as possible. Master images are high quality images, and they facilitate such functions as implementing OCR, verifying textual information, or zooming into details in maps or photographs. The TIFF file format, which allows high resolution and utilizes lossless compression, is well suited for making master images.

Master images, in formats such as TIFF, have large file sizes, making their delivery cumbersome for some web and document management system applications. To enhance the speed of delivery, you can create copy images from the master images. Copy images have smaller file sizes, are of lower quality, and typically use a lossy compression. The JPEG file format is commonly used for
copy images.

Common types of digital image file formats include:

• Tagged Image File Format (TIFF) files, which are widely usable in many different software programs. TIFF files utilize lossless compression and are commonly used for master copies. TIFF graphics can be any resolution, and they can be black and white, grayscale, or color. TIFF is a very extensible format, allowing variations to be created for specific applications. Variations include GeoTIFF, used in cartographic and GIS (geographic information system) applications; TIFF Class F, used in faxing applications; and TIFF/IT, used in the graphic arts industry. Files in TIFF format end with a .tif extension.

• Graphics Interchange Format (GIF) files. GIF supports color and grayscale. Limited to 256 colors, GIFs are more effective for images such as logos and graphics rather than color photos or art. It should be noted that although the GIF format is widely used, it is technically proprietary. A lossless compression, files in GIF format end with a .gif extension.

• Joint Photographic Experts Group (JPEG) files. JPEG is a lossy compression technique for color and grayscale images. Depending upon the degree of compression, the loss of detail may be visible to the human eye. Files in JPEG format end with a .jpg extension.

• Bitmap (BMP) files. BMP files are relatively low quality and used most often in word processing applications. BMP format creates a lossless compression. Files end with a .bmp extension.

• Portable Network Graphics (PNG) files. A lossless compression designed to replace GIF files, PNG files can be ten to thirty percent more compressed than GIFs. PNG is completely patent and license free and is of higher quality than GIF. Files in PNG format end with a .png extension.

• Portable Document Format (PDF) files. PDFs are useful for viewing and printing multiple documents and images. Commonly used to capture, distribute, and store electronic documents, PDF preserves the fonts, images, graphics, and overall “look” of the original digital files. As with the GIF format, the PDF format is proprietary, although widely used.
Files in PDF often end with a .pdf extension.
For a more in-depth discussion of file formats, refer to the File Formats guidelines.

Image Storage
Digital images are stored on digital media. Digital media are divided into two types: magnetic and optical. Examples of magnetic media include:

• Magnetic disk. Magnetic disks include the hard disk found in your computer that stores the programs and files you work with daily. Magnetic disks provide random access. Also included are removable hard disks, floppy disks, zip disks, and removable cartridges.

• Magnetic tape. Magnetic tapes come in reel-to-reel as well as cartridge format (encased in a housing for ease of use). The two main advantages of magnetic tapes are their relatively low cost and their large storage capacities (up to several gigabytes). Magnetic tapes provide sequential access to stored information, which is slower than the random access of magnetic disks. Magnetic tapes are a common choice for long-term storage or the transport of large volumes of information.

• Digital Audio Tape (DAT). DATs are in a cartridge format a little larger than a credit card. The industry standard for DAT cartridge format is a digital data storage (DDS) cartridge. DDS cartridges provide sequential access.

Optical media options include:
• Compact Disk (CD). Compact disks come in a variety of formats. These formats include CDROMs that are read-only, CD-Rs that you can write to once and are then read-only, and CDRWs that you can write to in multiple sessions.

• Write-Once, Read-Many (WORM) disk. WORM disks require a specific WORM disk drive to enable the user to write or read the disk. WORM disks function the same as CD-R disks.

• Erasable Optical (EO) disk. The user can write to, read from, and erase from EO disks as often as they can magnetic disks. EO disks require special hardware.

• Digital Versatile Disk (DVD). These disks are also called digital video disks, but do not necessarily include video. DVD disks are new types of optical disks with more storage capacity than CD-ROMs. Common types of DVDs include:

DVD-RAM. These DVDs are rewritable disks with exceptional storage capacity. They come in one- or two-sided formats.

DVD+RW. DVD+RW is a direct competitor to DVD-RAM with similar functionality and slightly greater storage capacity.

Note: DVD-RAM and DVD+RW are not compatible. The two technologies are being developed by competing vendors and require different hardware.

It is highly recommended that you store digital images on WORM, CD-R, or DVD-R disks to assure that the stored records are tamper-proof, allowing the greatest security for the data. Rewritable disks, in contrast, are designed to be re-used, making data integrity uncertain. Because of limited life expectancy, no digital storage medium is adequate for the long-term, archival preservation of records. The most generous estimate of physical obsolescence is thirty years. Technological obsolescence, though, will probably come within five to ten years. As a result, you should assume the need to migrate all your files to a new storage medium on a regular basis. In the meantime, you will need to protect your stored data with a comprehensive back-up system.
For more information on digital storage media, refer to the Digital Media guidelines.

Metadata
Metadata is crucial to any digital imaging project, enabling proper data creation, storage, retrieval, use, modification, and retention of your digitized records. In addition, proper metadata helps document the trustworthiness of your system, assuring the legal admissibility of your digitized records in court.

Metadata can be simply defined as “data about data.” More specifically, metadata consists of a standardized structured format and controlled vocabulary which allow for the precise description of record content, location, and value. Metadata often includes items like file type, file name, creator name, date of creation, and the record’s classification under the Minnesota Data Practices Act.

For digital images, metadata is especially important in facilitating retrieval. Unless you plan to use OCR, all of your records will be stored as graphic files. The only way to locate specific information will be through its metadata. Metadata makes it possible to locate, use, and evaluate information through standard search criteria such as subject heading, numerical identifier, or keyword. For this to work effectively, you will have to identify the metadata your employees or patrons use to search for records. For more information concerning metadata, refer to the Metadata guidelines.

Justifying the Cost
Digital imaging should make financial sense for your business or agency. While digital imaging is becoming increasingly popular and commonplace, you must remember it is an investment with potentially very high up-front costs. Is digital imaging financially right for you? A comprehensive cost-benefit analysis is a necessary step in determining the answer. Costs will include system hardware, system software, application software, long-term system maintenance, staff training, vendor costs, and other expenses. Benefits include higher office productivity, lower storage costs, and the option of using the Web to make digitized information easily accessible. Keep in mind that, because of the rapid pace of technological obsolescence, you will need to make continuing investments in all aspects of an
imaging application on a routine and frequent basis.

Choosing a Vendor
Most agencies and businesses do not have the appropriate scanning equipment, software, or staff expertise to execute a large digitizing project. For this reason, vendors have become integral to the world of digital imaging. Quality varies among vendors, so selecting the right one is crucial to your project.

Vendors provide digitizing services, technical advice, and sometimes the long-term maintenance of the resulting electronic files. To better choose your vendor, you should become familiar with digitizing technology and the terms used by the industry. You must also have a clear idea of your project and its goals. Questions such as the following must be addressed:
• How much material will be digitized?
• What type of materials will be digitized? Textual documents? Photographs? Maps?
• Who is the intended audience? Staff members? Researchers? The general public?
• What is the required quality of the digital images? High or low resolution? Black and white or color?
• What is the desired end product? A document management system? A searchable online collection?

As technology products and vendors come and go, you should assume and plan for the possibility of business failure and the inevitability of product obsolescence. The best way to protect yourself is to insist on an open systems architecture, using non-proprietary hardware and software. Nonproprietary means that the chosen hardware and software is not specific to that vendor. If
proprietary software is unavoidable, it should be licensed beyond the length of the contract. As there will inevitably be some bugs in the system, a contract should completely spell out the provisions for implementation, service, upgrades, and repair.

Implementation Strategy
To successfully implement a digitizing project in a timely manner, you must create an implementation strategy which manages workflow. A digitizing project incorporates a myriad of tasks, the successful management of which can save time and money. While a vendor may be contracted for the project, you will still need to manage an assortment of activities, including the:
• Selection of materials to be digitized
• Preparation of materials, including sorting files, removing staples and paperclips, weeding out unnecessary materials, and conservation of any deteriorating documents.
• Creation of standardized metadata
• Quality control of source materials and digital images
• Staff training on new hardware and/or software
• Advertising, promotion, and user evaluation
• Long-term maintenance of resulting electronic files

Your implementation strategy may include setting up a pilot project. A pilot project will allow you to test the technology, examine the effectiveness of your digital images in providing and managing information for patrons or employees, and help determine how you can better implement a digital imaging system. A pilot project is especially necessary to study the impact and effectiveness of imaging before undergoing a large digitizing project for a whole department or organization.

Phases are an effective approach to implementing large digitizing projects. Rolling out the system in phases enforces an organized and careful approach to implementation. This allows small errors to be caught and corrected before they snowball into large and costly issues. Phases can be applied in several ways depending upon the structure of your organization and scope of your project. For example, you may want to phase in the system by departments or by function. If your project will be implemented over a lengthy time period, you may want to phase in your system beginning with your organization’s highest priorities.

Key Issues to Consider
Now that you are familiar with some of the basic concepts of digital imaging, you can use the questions below to discuss how those concepts relate to your agency. Pay special attention to the questions posed by the legal framework, including the need for public accessibility as appropriate, completeness, trustworthiness, and legal admissibility. Consider the resolution and delivery requirements of your digital images, and choose the file formats and digital storage media that will best fit your needs.

The goal is to determine the best option for your agency that meets your legal and operational needs, not merely to automatically upgrade technology. If you cannot justify the costs of digital imaging, keeping your records in their original form may be the best option.

Discussion Questions

• What are our goals for digital imaging?
• How is our agency affected by the legal requirements?
• What is the desired end product? A document management system? A searchable online collection?
• What type of materials will be digitized? Textual documents? Photographs? Maps?
• What is the required quality of the digital images? High or low resolution? Black and white or color?
• What file formats and digital storage media will best fit our needs?
• What are some strategies for implementing our digital imaging project?
• Can we justify the costs of digital imaging?

Annotated List of Resources

Primary Resources
California Digital Library. CDL Guidelines for Digital Images. April 2008.
<http://www.cdlib.org/inside/diglib/guidelines/bpgimages/index.html>
These standards, published by the California Digital Library at the University of California, provide recommendations for image quality, file formats, and storage media for digital image collections.
Columbia University Libraries. Technical Recommendations for Digital Imaging Projects. April, 1997.
<http://www.columbia.edu/acis/dl/imagespec.html>

These digital imaging recommendations were prepared by the Image Quality Working Group of ArchivesCom, a joint committee between Columbia University Libraries and AcIS (Academic Information Systems at Columbia University. Provides recommendations for image quality, file formats, and other capture and storage issues. Sitts, Maxine K. Handbook for Digital Projects: A Management Tool for Preservation and Access. Andover, Massachusetts: Northeast Document Conservation Center, 2000.
<http://www.nedcc.org/oldnedccsite/digital/dman2.pdf>

This handbook, published by the Northeast Document Conservation Center, is geared towards librarians, archivists, and other cultural or natural resource managers. Provides a basic technical overview of digital imaging and emphasizes project management, cost
justification, vendor relations, and related issues.

Additional Resources
Colorado Digitization Project
<http://www.cdpheritage.org/>
A collaborative effort among Colorado’s archives, historical societies, libraries, and museums, the Colorado Digitization Project aims to create a statewide digital library. The website features technical guidelines, digitizing standards, a digital imaging glossary, and
links to many additional resources. Cornell University, Department of Conservation and Preservation. Moving Theory Into Practice:

Digital Imaging Tutorial.
<http://www.library.cornell.edu/preservation/tutorial/>
Produced by the Digital Imaging and Preservation Policy Research (DIPPR) team at Cornell University’s Department of Conservation and Preservation, this web tutorial provides an overview of technical and project management issues regarding digital imaging. The tutorial uses examples of actual digital images to demonstrate variations in image quality.

Minnesota Historical Society, State Archives Department. Trustworthy Information Systems
Handbook. Version 4, July 2002.
<http://www.mmhs.org/preserve/records/tis/tis.html>
This handbook provides an overview for all stakeholders involved in government electronic records management. Topics center around ensuring accountability to elected officials and citizens by developing systems that create reliable and authentic information and records. The handbook outlines the characteristics that define trustworthy information, offers a methodology for ensuring trustworthiness, and provides a series of worksheets and tools for evaluating and refining system design and documentation.

Newcombe, Tod. The Local Government Guide to Imaging Systems: Planning and Implementation. United States: Public Technology, Inc., 1995. A publication by Public Technology, Inc. (PTI) and the International City/County Managemnt Association (ICMA), this guide emphasizes planning and implementation issues associated with digital imaging projects. Also addressed are policy and legal issues including records retention, ownership and control of images, and public access.

Technical Advisory Service for Images (TASI)
<http://www.tasi.ac.uk>
This website by Technical Advisory Service for Images (TASI), based at the University of Bristol’s Institute for Learning and Research Technology (ILRT), provides information for creating and using digital image archives. The site feature technical and project
management advice, and a glossary of digital imaging terms.

E-mail Management

Summary
E-mail messages are potentially official government records, so you should plan for e-mail as part of your electronic records management strategy. The medium is irrelevant. The content of the message determines whether it is a record or not; the content determines to which records series the message belongs; and the content determines how long the message needs to be retained.
Both statute and case law make clear that government agencies have to include e-mail in an overall records management strategy. Currently, few government agencies manage e-mail as records. Managing e-mail is usually left to personal preference or routine systems back-ups and administrative procedures that treat all e-mail alike. These practices can result in serious legal, operational, and public relations risks.

Legal Framework
For more information on the legal framework you must consider when developing an e-mail records management policy, refer to the Introduction and Appendix D of the Trustworthy Information Systems Handbook. Also review the requirements of the:

• Official Records Act [Minnesota Statutes, Chapter 15.17] (available at:
<http://www.revisor.leg.state.mn.us/stats/15/17.html>), which:

Mandates that government agencies must keep records to fulfill the obligations of accountability and stipulates that the medium must enable the records to be permanent

Specifies that you can copy a record and that the copy, if trustworthy, will be legally admissible in court. This means that you can copy your e-mail messages to paper or to text files, as long as the record’s content, context, and structure are intact.

Does not differentiate among media. The content of the e-mail message determines whether the message is a record.

• Records Management Act [Minnesota Statutes, Chapter 138.17] (available at:

<http://www.revisor.leg.state.mn.us/stats/138/17.html>), which establishes the Records
Disposition Panel to oversee the orderly disposition of records, including e-mail records, using approved records retention schedules.

• Minnesota Government Data Practices Act (MGDPA) [Minnesota Statutes, Chapter 13] (available at: <http://www.revisor.leg.state.mn.us/stats/13/>), which mandates that government records should be accessible to the public, unless categorized as not-public by the state legislature. Managing access to public versus not-public e-mail records is especially important because e-mail is so easily forwarded, misdirected, and sent to groups of people.

Additional Legal Considerations
Within the context of these laws, you should also consider:

• The ramifications of the Armstrong litigation. In Armstrong v. Executive Office of the President (1 F.3d 1274 [DC Cir 1993]), a federal court found in favor of a group of researchers and nonprofit organizations who wanted to prevent the destruction of e-mail records created during the Reagan administration. The court determined that federal government agency email messages, depending on content, are public records and that complete metadata must be captured and retained with the e-mail record. Although a federal decision, this litigation has strongly influenced government agencies at all levels. Other agencies are now paying closer attention to their e-mail records management practices, including the capture of metadata.

• Legal discovery. When developing your policy, balance your legal and operational requirements with the risk of being engaged in legal discovery. You must meet all government requirements for managing your e-mail records, but you should also be able to respond to discovery in an affordable, efficient, and practical way. Bear in mind that many courts have upheld discovery requests for e-mail records. For more information on the discovery of electronic records, refer to Appendix E of the Trustworthy Information Systems Handbook.

Key Concepts
As you develop your e-mail records management policy, you will need to be familiar with the following key concepts:
• Goals of your process
• E-mail policy components
• Training for staff members
• Recommended process for e-mail policy development

Goals of Your Process
Though your agency will develop unique procedures that meet your specific operational and legal requirements, bear in mind the following goals for an e-mail record. An e-mail record should be:

• Complete. E-mail records should completely document the transaction. For example, you cannot save just the text and none of the sender information. Complete e-mail records must include all of the following elements, as applicable:
Recipient(s)
Sender
Subject
Text
Date sent
Time sent

Complete attachment(s), which should be included in full (not just indicated by file name), because the attachment is part of the record

Group list members, so that if an e-mail record simply lists the group name in the recipient field, the recipients can be identified. For example, the group list “HR” (a group list for all the members of the human resources department) should be documented so that each
member of the list is named.

Directory of e-mail addresses and the corresponding staff member names (e.g., jado25@myorg.net is Jane Doe), so that an e-mail address listed in an e-mail record can be linked to a person
• Accurate. The contents of the e-mail record should accurately reflect the transaction.
• Accessible. Some e-mail records must be accessible to the public and some should not be publicly accessible, depending on the content of the record and as determined in the MGDPA. All e-mail records, like other electronic records, should be reasonably accessible for the purposes of legal discovery.
• Manageable. The e-mail record should be easy for staff members to manage as part of the daily workflow and records management practices. Because you will rely on staff members to implement and use the e-mail records management policy, procedures should be
straightforward.
• Secure. The e-mail record should reside in a secure system that controls access, storage, retrieval, alteration, and deletion. This goal is particularly important to control access to notpublic e-mail records, as set forth in the MGDPA. E-mail records present unique security concerns, because e-mail messages are:

Easily manipulated or deleted in the system
Easily captured and read by unintended persons
Easily forwarded and misdirected by mistake
E-mail Policy Components

The components of an e-mail retention policy should include:
• Confidentiality. Include provisions for maintaining confidentiality of not-public records.
• Assignment of ownership. Clearly communicate that both the sender and the receiver should save e-mail records to document transactions and responsibilities completely. For example, if Person A sends an e-mail message to Person B with important information that affects agency policy, the transaction includes not only Person A’s sending of the information, but Person B’s receipt of the information.
• Process for retention. Guide staff members in determining which e-mail messages are records. Also, outline a procedure for grouping e-mails into records series, as well as a records retention schedule for each series as mandated in the Records Management Act.
• Process for managing. Include procedures for organizing, storing, maintaining, accessing, and disposing of e-mail records. Also, establish a procedure for documenting your e-mail records policy, including the software and hardware in use, specific procedures, training efforts, staff member responsibilities, and records retention schedules.
• Summary of responsibilities. Make clear the records management responsibilities of staff members and groups (e.g., departments, project teams, committees) as they engage in their daily work.

Training for Staff Members
Staff members will need to be trained on how to answer legal and operational questions about email. Your training and documentation material should set forth guidelines that staff members can follow to answer such questions in the course of their work. Possible questions include:
• Is this e-mail an official record? Is this e-mail message administrative or personal (e.g., “Thursday staff meeting to start an hour late.” or “Let’s do lunch!”)?
• Does this e-mail message have long-term significance (e.g., “New policy finalized.”)? Does this e-mail message document a transaction or operations function (e.g., a process, a decision, or a discussion)?
• Is this e-mail record public or not-public as set forth by the MGDPA?
• What metadata must I capture when I save this e-mail record?
• Which records series does this e-mail record belong in?
• Should I save the complete e-mail record, including attachments and group list names?
• Could this e-mail message ever be required as evidence in a legal action?

Recommended Process for E-mail Policy Development
Use the following steps to guide you as you develop your e-mail records management policy:
1. Identify and organize key stakeholders in your organization.
2. Draft the policy and process with the input of key stakeholders.
3. Meet with key stakeholders, including individual staff members.
4. Finalize the policy with the input and support of key stakeholders.
5. Implement the policy technically by setting up and testing the procedures.
6. Train the staff members on the new procedures. (Training is especially important because you must rely on staff members to ensure the integrity of the procedures.)
7. Implement the policy for staff members on a planned schedule.

On an on-going basis, from initial development to future policy changes, document the development of your e-mail records management policy, the policy itself, and changes to the policy.

Key Issues to Consider
Now that you are familiar with the operational and legal importance of managing e-mail messages as records, you can use the questions below to begin the development of your e-mail management policy. Discussion of the questions below will help:
• Ensure that you meet your legal and operational requirements
• Gather staff member input, support, and compliance with your e-mail management policy
• Integrate your records management policy with your overall electronic records management strategy
• Ensure that staff members manage e-mail records at the appropriate points in the records continuum, rather than as a single records series with one retention schedule (as explained in the Electronic Records Management Strategy guidelines)

Discussion Questions
• How can we ensure staff member compliance and understanding? What process is reasonable to ask staff members to comply with?
• How should we train staff members? How accountable should we make staff members for compliance?
• How should we develop our process?
• Which e-mail messages are records?
• What elements of an e-mail record do we need for a complete understanding of the transaction?
• What is the appropriate records series and records retention schedule for each records series?
How should e-mail records be organized for long-term storage and access (e.g., project, department, function)? How will we retrieve and dispose of e-mail on our chosen storage media?
• How should our e-mail retention strategy coordinate with our other records management procedures (e.g., store all project-related e-mail with the other project documentation)? What documentation do we need for our process?
• How should we implement the procedures technically and operationally? How can we plan our implementation so the policy is widely used and accepted, but causes minimal disruption to our daily operation?

Annotated List of Resources

Primary Resources
Ginn, M.L. Guideline for Managing E-mail. Prairie Village, KS: ARMA International, 2000. Topics covered in this overview of e-mail management include organizational issues (e.g., legal, operational, governmental), creation and use of e-mail, and management of e-mail as a record (including filing, classification, backup, and disaster recovery). Minnesota Historical Society, State Archives Department. Trustworthy Information Systems Handbook. Version 4, July 2002.
<http://www.mnhs.org/preserve/records/tis/tis.html>
This handbook provides an overview for all stakeholders involved in government electronic records management. Topics center around ensuring accountability to elected officials and citizens by developing systems that create reliable and authentic information and records. The handbook outlines the characteristics that define trustworthy information, offers a methodology for ensuring trustworthiness, and provides a series of worksheets and tools for evaluating and refining system design and documentation.

National Electronic Commerce Coordinating Committee. Managing E-Mail. December 2002 <http://digitalarchive.oclc.org/da/ViewObjectMain.jsp?fileid=0000070519:000006287185&reqi
d=766>
This guide tackles the perennial problem of e-mail management in a practical manner, offering model policies for use and retention, as well as a model user manual. While the policies acknowledge that e-mail is a record that should be managed on the basis of its
content, the underlying assumption is that most e-mail has only transient value, and three retention periods (immediate destruction, limited retention, and archival retention) are proposed. A guide to implementing the models is also included.

Additional Resources
Utah State Archives and Records Services: Electronic Records
<http://www.archives.utah.gov/main/index.php?module=Pagesetter&func=viewpub&tid=1&pid
=201>
Visit this web site for links to the e-mail policies of a number of states in the United States, as well as links to additional web resources for records management.

Web Content Management

Summary
As the state moves towards e-government and the routine use of technology, more and more government agencies will rely on web sites to serve citizens. In doing so, agencies will have to manage their web content effectively Citizens must be able to find the information they want easily and then be able to determine if it is accurate and current. Information they use for transactions or decision-making will have to be preserved; it cannot be online today and gone tomorrow.

Web content management makes government accountable. Web sites contain records that document government activity and the use of tax dollars, just as any paper record does. Government agencies must therefore manage web content with a carefully developed and
implemented policy. Legally, web content must be trustworthy, complete, accessible, legally admissible in court and durable for as long as an approved records retention schedule requires. When agencies manage web content to meet these requirements, they are accountable to Minnesota’s citizens.

Legal Framework
For more information on the legal framework you must consider when developing a web content management policy, refer to the Introduction and Appendix D of the Trustworthy Information Systems Handbook. Also review the requirements of:

• Official Records Act [Minnesota Statutes, Chapter 15.17] (available at:
<http://www.revisor.leg.state.mn.us/stats/15/17.html>), which mandates that government agencies must keep records to maintain their accountability. A well-constructed web content management policy can help ensure that your web site records help provide this accountability. This statute also stipulates that the medium must enable the records to be permanent and that you can copy a record and that the copy, if trustworthy, will be legally admissible in court. Therefore, though you may originally publish a record on your web site, if you copy the record and save it separately, the record is still legally admissible.

• Records Management Act [Minnesota Statutes, Chapter 138.17] (available at:
<http://www.revisor.leg.state.mn.us/stats/138/17.html>), which establishes the Records Disposition Panel to oversee the orderly disposition of records using approved records retention schedules. Like other records, your web site records must be maintained according to the established records retention schedule.

• Minnesota Government Data Practices Act (MGDPA) [Minnesota Statutes, Chapter 13] (available at: <http://www.revisor.leg.state.mn.us/stats/13/>), which mandates that government records should be accessible to the public, unless categorized as not-public by the state legislature. You may request data through the Internet or use the data on an agency intranet that must be protected according to the MGDPA.

Key Concepts
As you develop your web content management policy, you will need to be familiar with the following concepts:
• Internet, intranets, extranets, and the World Wide Web
• Web site records management
• Legal aspects of web content management
• Involving stakeholders
• Internal communication
• Web content file naming
• Web content management policy components
• Metadata and the Dublin Core set
• TagGen tool for metadata capture
• Web site snapshots

Internet, Intranets, Extranets, and the World Wide Web
The Internet is the vast network of computer systems that enables worldwide connectivity among users and computers. The Internet allows you to send e-mail messages around the world, transfer large files outside your agency using file transfer protocol (FTP) sites, telnet to another computer, participate in newsgroups, and view the graphical pages of the World Wide Web. The Internet links a wide variety of resources. These resources all have implications for use and management. There are resources in different formats (e.g., HTML, PDF) using different protocols for access (e.g., HTTP, FTP, telnet), and different resource indicators for locations (refer to the File Naming guidelines). Selecting from these options will have consequences that you need to understand and manage.

The technology that enables the Internet to exist also enables extranets and intranets to exist:
• Extranet. An extranet is a type of Internet site to which organizations allow only selected external access. For example, a government agency extranet may only allow access by the staff of one other specified agency, or specific government officials.
• Intranet. An intranet is an internal Internet site that cannot be accessed by anyone outside the organization. For example, a government agency may have an intranet for sharing internal administrative information.

Web Site Records Management
Your web site may contain records defined by the Official Records Act, including public and notpublic records as described by the MGDPA. You should manage these records as part of your overall electronic records management strategy. Manage records created for, and published on, web sites at each point in the records continuum, rather than as discrete elements in a set life cycle. Your web content management policy should address web site planning, development, and maintenance with an emphasis on records management. For more information on the records continuum, refer to the Electronic Records Management Strategy guidelines.

Legal Aspects of Web Content Management
Consider your legal requirements carefully. (For more information on Minnesota rules and statutes, refer to Appendix D of the Trustworthy Information Systems and the Introduction.) You will need to consider:

• Public versus not-public. Determine which web site records are public and which are notpublic as described in the MGDPA. For example, you may gather and store confidential data via a web interface. This data should be protected from access as outlined in the MGDPA.
• Record or non-record. The State of Minnesota, as outlined in the Official Records Act, does not differentiate among the media on which records are created or stored. The content of the web file determines whether the file is a record.

Involving Stakeholders
Your web content management policy should include all those who are involved in web site creation, administration, and use. Key groups to include are:
• Content creators and experts
• Web site technical experts
• Web site internal users
• Records management staff
Each group should be familiar with:
• Your policy for web content publication, removal, storage, and disposition
• How the policy affects their daily work practices, including their roles and responsibilities under the policy
• Your agency’s electronic records management strategy

Internal Communication
Initial and on-going internal communication will be a crucial aspect of your policy, because:
• Many groups are involved in the creation and administration of a web site.
• Much of a web site’s content is interrelated.
• Web site content tends to change frequently.

Consider establishing a formal mechanism to keep stakeholders informed of each other’s activities related to the web site. This communication will help ensure the trustworthiness of your web site records, since all stakeholders will know when and why content changes.

Web Content File Naming
Consider establishing a file naming protocol for web pages to help ensure ease of management, usability of the site, and internal communication about contents. For more information about web site file naming, refer to the File Naming guidelines.

Web Content Management Policy Components
Consider these ideas as you develop your web content management policy:
• Determination of records. As you develop your policy (and on an on-going basis), you will need to analyze the content of your web site to determine which elements are records.
• Complete records. When you capture the record, you must be sure that you capture enough information to preserve the appropriate content, context, and structure.
Content. Factual information in the record that documents government business
Context. Information that shows how the record is related to the business of the agency and to other records Structure. Technical characteristics of the record (e.g., file format, data organization, page layout, hyperlinks, headers, footnotes)
• Records series and records retention schedules. As with other records, you should manage records on your web site as records series and develop specific records retention schedules for each records series, as outlined in the Records Management Act.
• Version control. Because web sites are updated constantly by different individuals and groups, you should develop a method for designating and controlling versions. This practice will help ensure the trustworthiness of your web site.

Metadata and the Dublin Core Set
As part of ensuring that you capture enough information in a record to demonstrate the record’s content, context, and structure, you will need to capture metadata. (For more information, refer to the Metadata guidelines). Many Minnesota government agencies have elected to use the Dublin Core Metadata Element Set as a standard (NISO Standard Z39.85; ISO Standard 15836). The Dublin Core was designed to be:
• Manageable
• Searchable
• Extensible
You can read more about the Dublin Core at the Bridges project web site listed in the Annotated
List of Resources.
The Dublin Core includes:
• Title. The name of the resource given by the creator or publisher.
• Subject. The topic of the resource.
• Description. A short, text description of the resource’s contents.
• Creator. The name of the person who created the resource.
• Publisher. The name of the entity that published the resource. Note that the publisher is not the person who posted the resource to the web site, but the entity responsible for the publication of the resource, such as your agency.
• Contributor. Someone aside from the creator who made a significant contribution to the resource.
• Date. Either the creation date or the publication date. Your agency will need to determine which date to use.
• Resource type. The category the resource belongs to, such as committee minutes, press release, or report.
• Format. The file format of the resource. For more information on file formats, see the File

Formats guidelines.
• Identifier. A text string or number unique to the resource, such as a URL or other formal name. See the File Naming guidelines for more information on naming web site files for longevity and ease of use.
• Relation. An element that refers to related resources.
• Source. Information about the source from which the current resource is derived (e.g., a report which has been abstracted).
• Rights management. A text statement regarding copyright and use permissions.
• Language. The language used in the resource (e.g., English, Spanish).
• Coverage. Either geographic (e.g., Minnesota) or temporal (e.g., the years 2000–2001).

TagGen Tool for Metadata Capture
TagGen is a software tool that facilitates the creation of standardized metadata. It is available free to Minnesota government agencies. Information on using and acquiring TagGen is on the Bridges web site, as listed in the Annotated List of Resources.

Web Site Snapshots
If you must document your entire web site as a record, consider taking web site snapshots, using a software program to enable you to reconstruct your entire web site. For example, an agency set up a short-term extranet web site for a legislative initiative that included a bulletin board for key people to discuss the initiative. For public records purposes, the agency took web site snapshots in order to reconstruct the site completely as it existed at a given point in time.

Key Issues to Consider
Now that you are familiar with some of the basic concepts of web content management, you can use the questions below to discuss how those concepts relate to your agency.
You will want to discuss:
• Changes to content, organization, or administration
• Transactions completed via the web site
• Communication that takes place via the web site (e.g., bulletin boards, live chats, e-mails posted)
• Development of web site
• Versions and history of web site development

Pay special attention to the questions posed by the legal framework, including the need for public accountability, managing public and not-public records, and following records retention schedules. Put yourself in the citizens’ place, and think about how they will use your web site. Take into account your current use of the web and your expectations for future use. For example, you may currently publish a newsletter in paper format, but in the future, you may publish the same newsletter on the web.

Discussion Questions
• What information will citizens seek on our web site? How can we ensure that we make the information easy to find? How can we assure those seeking information of the trustworthiness of the information?
• Which elements of our web site are records?
• Which elements of our web site should we track and store? How long are we legally required to retain our web site records?
• How can we build web content archiving into overall web site management?
• How can we build staff awareness and compliance with web content archiving procedures?
• What will be the archival responsibilities for all staff members involved in web site development and management, especially the webmaster and content developers? Who will authorize web site content removal? Who will have the responsibility to accomplish the
physical removal and archiving of web site content?

Annotated List of Resources

Primary Resources
Archiving Websites. Canberra, Australia: National Archives of Australia, Commonwealth of Australia, 2000.
<http://www.naa.gov.au/recordkeeping/er/web_records/intro.html>
These web pages are the official policy of the National Archives of Australia for web site content management as it relates to records management. However, the pages provide a comprehensive overview for the general reader of the records management aspects of
managing and archiving a web site.

Guidelines for Electronic Records Management on State and Federal Agency Websites. Syracuse, NY: National Historical Publications and Records Commission, 1997.
<http://www.ii.fsu.edu/~cmcclure/guidelines.html>

These web pages provide the initial findings of a research project that set out to develop a records management strategy for state and federal agency web sites. The web pages offer a series of assumptions (e.g., what a record is) as well as a discussion of such topics as the relationship of web site records management to other policies, exposure analysis, and guidelines for web site management for state and federal agencies.

Minnesota Department of Natural Resources. Bridges: Minnesota’s Gateway to Environmental Information.
<http://bridges.state.mn.us>
The Bridges project represented a collaboration between Minnesota’s environmental agencies with the goal of providing easy access to their electronic resources such as web pages, PDF documents, databases, and geographic data. Resources were cataloged using
the Dublin Core metadata scheme and are located through a simple cross-agency search engine (the Inktomi-powered North Star search at the state’s main portal). Although the project was completed in July 2000, the web site still offers a number of resources to
visitors, including best practice guidelines for web metadata, information on metadata tools, project reports, as well as links to participating agencies, other regional and federal environmental sites, and the Minnesota Governor’s Council on Geographic Information.

Additional Resources
Kansas Information Technology Advisory Board, Electronic Records Committee and Internet Task Force. Guidelines for Managing Records on Kansas Government Agency Web Sites.
Version 1.0, January 2004.
<http://da.state.ks.us/itab/documents/ERC_Prop_Web_Guidelines.pdf>
The Kansas guidelines are based upon a risk analysis methodology. A summary of webbased resource types and a discussion of preservation strategies accompany a set of agency self-assessment tools.
McCluskey-Moore, N. “Untangling Web Content Management.” Intranet Journal. April 18, 2000.
<http://www.intranetjournal.com/articles/200004/im_04_18_00a.html>
This article, published in the online Intranet Journal, discusses the development and implementation of a process for managing live web content. The article analyzes the benefits of systematic web content management, describes the desirable characteristics of
a web content management strategy, and outlines the process of developing a web content management strategy.

Minnesota Historical Society, State Archives Department. Trustworthy Information Systems Handbook. Version 4, July 2002.
<http://www.mnhs.org/preserve/records/tis/tis.html>
This handbook provides an overview for all stakeholders involved in government electronic records management. Topics center around ensuring accountability to elected officials and citizens by developing systems that create reliable and authentic information and records. The handbook outlines the characteristics that define trustworthy information, offers a methodology for ensuring trustworthiness, and provides a series of worksheets and tools for evaluating and refining system design and documentation

Electronic And Digital Signatures

Summary
The advent of e-government and e-services is changing the way we do business. Traditionally, we created records on paper and we authenticated a record by signing it in ink. Today, technology is making both paper and ink irrelevant to many business processes. This has all sorts of consequences, but, whether in ink or in an electronic format, a signature must fulfill the same functions: it has to authenticate the signer and the document. To use electronic signatures effectively, you need to select the appropriate technological application and make sure they meet these legal obligations. Because signatures are important for their legal and evidentiary
value foremost, legal concerns must be the guiding factor in the selection of technologies.

Since different laws affect different agencies and governmental functions, you will need to define your legal needs and connect them to your business processes before deciding which electronic signature application is appropriate for you. In addition, you need to consider your technology architecture, since that application has to work with all the others that create, preserve, and make available your records. As you implement an electronic signature application, you will need to document the key features of the system in order to demonstrate its trustworthy operation and establish its evidentiary value.

Key Concepts
When selecting and implementing an electronic signature technology, keep in mind:
• Legal and technological definitions
• Functions of signatures
• Additional legal considerations
• Electronic signature technologies

Legal and Technological Definitions
There is a problem with the terminology we use. In Minnesota and in most states, there is a clear legal distinction between the definitions of “electronic signature” and “digital signature.” This distinction is not made in other forums, especially among information technology communities, where “electronic” and “digital” are used synonymously and interchangeably. Since signatures are important because of their evidentiary value, there should not be any confusion about a technology you might have to describe before a judge.

In Minnesota, these are the important statutory definitions:
Minnesota Statutes, Chapter 645.44 Subd. 14 (available at:
<http://www.revisor.leg.state.mn.us/stats/645/44.html>) contains the basic and traditional

definition of a signature:
The signature of a person, when required by law, (a) must be in the handwriting of the person or, (b) if the person is unable to write, (i) the person’s mark or name written by another at the request and in the presence of the person or, (ii) by a rubber
stamp facsimile of the person’s actual signature, mark, or a signature of the person’s name or a mark made by another and adopted for all purposes of signature by the person with a motor disability and affixed in the person’s presence.

A reliance on this definition would make it virtually impossible to use technology to deliver services and to meet all legal and evidentiary requirements at the same time. To address this problem, and to provide a standard approach to the use of electronic signatures, Minnesota adopted the Uniform Electronic Transactions Act (UETA) in the 2000 legislative session [Minnesota
Statutes, Chapter 325L] (available at:
<http://www.revisor.leg.state.mn.us/stats/325L>). UETA defines electronic signatures as:
An electronic sound, symbol, or process attached to or logically associated with a record and executed or adopted by a person with the intent to sign the record.

This definition is not technology specific, and so does not mandate the adoption of any particular hardware or software application. Any technology, theoretically, that could authenticate the signer and the signed document could generate a legally admissible signature, if the parties could demonstrate the trustworthiness of the process that created and preserved the records in question.
Another approach has emphasized the use of a specific application, public key infrastructure (PKI). The Minnesota Electronic Authentication Act [Minnesota Statutes, Chapter 325K] (available at: <http://www.revisor.leg.state.mn.us/stats/325K>) defines a digital signature uniquely in terms of PKI. A digital signature is:
A transformation of a message using an asymmetric cryptosystem such that a person having the initial message and the signer’s public key can accurately determine: (1) whether the transformation was created using the private key that corresponds to the signer’s public key; and (2) whether the initial message has been altered since the transformation was made.

Digital signatures are a particular type of electronic signature. The advantage a digital signature may offer is that, by providing a unique identifier and linking the signature to the record, it can authenticate both the signer and the signed document. This promises to meet legal requirements for admissibility and trustworthiness. A further advantage is that PKI technology can be adaptable to a wide range of applications and so can work with basic office software.

Functions of Signatures
Signatures serve specific functions. The American Bar Association enumerates these as:
• Evidence: A signature authenticates a writing by identifying the signer with the signed document. When the signer makes a mark in a distinctive manner, the writing becomes attributable to the signer.
• Ceremony: The act of signing a document calls to the signer’s attention the legal significance of the signer’s act, and thereby helps
• Approval: In certain contexts defined by law or custom, a signature expresses the signer’s approval or authorization of the writing, or the signer’s intention that it have legal effect.
• Efficiency and logistics: A signature on a written document often imparts a sense of clarity and finality to the transaction, and may lessen the subsequent need to inquire beyond the face of a document. Negotiable instruments, for example, rely upon formal requirements, including a signature, for their ability to change hands with ease, rapidity, and minimal interruption. An electronic signature will have to fulfill some or all of these functions. You should determine which are pertinent to your business processes before selecting a particular electronic signature technology.

Additional Legal Considerations
Many government agencies and functions have unique and specific legislative mandates. These very often include particular concerns for signatures. A simple search of the online version of the Minnesota Statutes for the keyword “signature” generated hundreds of references. You should thoroughly research the statutes applicable to your agency and functions before making any choices about electronic signature technologies.

For example, a federal law, HIPAA, the Health Insurance Portability and Accountability Act of 1996, is concerned with non-repudiation. Non-repudiation “provides assurance of the origin or delivery of data,” so that the sender cannot deny sending a message and the receiver cannot deny receiving it. This prevents either party from modifying or breaking a legal relationship unilaterally.
HIPAA holds that only a digital signature technology can currently provide that assurance. In addition, there are a number of statutes pertaining to government records which you need to understand because any document signed in the course of an official transaction becomes a government record. The most important are:

• Official Records Act [Minnesota Statutes, Chapter 15.17] (available at:
<http://www.revisor.leg.state.mn.us/stats/15/17.html>), which mandates that government agencies must keep records to fulfill the obligations of accountability and specifies that the medium must enable the records to be permanent. It further stipulates that you can copy a record and that the copy will be legally admissible in court.
• Records Management Act [Minnesota Statutes, Chapter 138.17] (available at:
<http://www.revisor.leg.state.mn.us/stats/138/17.html>), which establishes the Records Disposition Panel to oversee the orderly disposition of records using approved records retention schedules.
• Minnesota Government Data Practices Act (MGDPA) [Minnesota Statutes, Chapter 13]
(available at: <http://www.revisor.leg.state.mn.us/stats/13/>), which mandates that your records should be accessible to the public unless categorized as not-public by the state legislature.
• Uniform Electronic Transactions Act (UETA) [Minnesota Statutes, Chapter 325L] (available
at: <http://www.revisor.leg.state.mn.us/stats/325L>) and Electronic Signatures in Global and National Commerce (E-Sign), a federal law (available at: <http://thomas.loc.gov/cgibin/query/z?c106:S.761:>). Both UETA and E-Sign address the issues of the legal admissibility of electronic records created in a trustworthy manner and the application of the paper-oriented legal system to electronic records. For more information on the legal framework you must consider when developing an electronic signature technology, refer to the Introduction and Appendix D of the Trustworthy Information Systems Handbook.

Electronic Signature Technologies
The Uniform Electronic Transactions Act (UETA) [Minnesota Statutes, Chapter 325L] (available at: <http://www.revisor.leg.state.mn.us/stats/325L>) purposely allows for a wide range of signature technologies. It says, “An electronic record or electronic signature is attributable to a person if it was the act of the person. The act of the person may be shown in any manner, including a showing of the efficacy of any security procedure applied to determine the person to which the
electronic record or electronic signature was attributable.”

An example of this is the “click through” option used on many web sites. To order a product, be it a shareware application, an airline ticket, or a book, a web user has to “click through” a page or form that indicates approval of the vendor’s conditions for the sale. The system makes it impossible to transact any business without first establishing that agreement. In this instance, there Electronic
is no “signature” or anything like it. Instead, the system is designed to make it necessary to move from “A” to “C” only through “B,” with “B” serving as the equivalent of a signature. Authentication is demonstrated by the documentation of the system and its procedures, not by a signed record of a specific, individual transaction.

UETA implicitly legitimates the use of more familiar technologies, such as faxes and imaging, and more exotic ones, such as iris scans, for electronic signatures. In all cases, the key to demonstrating the trustworthiness of a record and its signature is demonstrating the trustworthiness of the system that creates and manages the record. Having sufficient and appropriate systems documentation is
the only way to achieve this.

Digital signatures demand the use of a specific technology, PKI. PKI uses two different keys. One key is kept secret (the private key) and the other key is made publicly available (the public key). The two keys are generated simultaneously and collectively; they are known as a “key pair.” Once a message has been signed using one of the two keys, it can only be verified by the other key. The resulting digital signature is a cryptographic checksum computed as a function of the message and the signer’s private key.

Because the digital signature is generated as a function of the key and a unique message, the signature serves two purposes. It authenticates the signer, since only the individual owner has (in theory, anyway) access to the private key. It also indicates the reliability and integrity of the message, since any alteration to the text would invalidate the signature.

This is not the same as encryption. PKI technology was originally developed for encryption (as in the Pretty Good Privacy applications), but the use of a digital signature does not automatically encode a message. In fact, encryption is not covered in the Minnesota Electronic Authentication Act [Minnesota Statutes, Chapter 325K] (available at:

<http://www.revisor.leg.state.mn.us/stats/325K>); that only addresses the use of PKI for digital signatures.
The effective use of PKI for digital signatures relies on some policy and organizational factors. There has to be some way to guarantee and to prove that a specific person actually owns a specific key. And there has to be some way to provide quick and easy access to public keys. Because it is completely impractical for each sender and each recipient of a message to work this out on a caseby-case basis, the use of PKI for digital signatures is dependent on the operation of certificate authorities.

A certificate authority is an independent, trusted third party who issues and manages key pairs. To get a key pair, individuals must prove to a certificate authority that they are who they claim to be. The certificate authority also provides secure access to public keys that allow for the validation and verification of signatures. The Minnesota Electronic Authentication Act [Minnesota Statutes,
Chapter 325K] (available at:
<http://www.revisor.leg.state.mn.us/stats/325K>) creates a mechanism to license and regulate certificate authorities.

Key Issues to Consider
No electronic signature technology in and of itself is sufficient to meet your legal needs. The evidentiary value of your signed records will ultimately rely on your ability to produce legally admissible documentation of your recordkeeping system. In addition, you will, of course, have to produce the electronic records themselves. Just preserving and providing access to electronic records present some daunting challenges. (For more information, refer to the Electronic Records Management Strategy guidelines). Adding electronic signatures to the equation can complicate the situation even further.

Every option available to you has its own advantages and disadvantages. Some issues are constant, though:
• Consider technology obsolescence: hardware and software become quickly outdated, often making it difficult, if not impossible, to preserve and provide access to older electronic records. If you are using two different technologies to create and to sign a record, they might “age” at different rates.
• Plan to document your decisions and transactions: understanding your legal needs and addressing them at the design phase of an application are keys to making this work. Keeping documentation up-to-date is an on-going responsibility, which could be complicated if you are relying on a third party. If you are using digital signatures, for example, you need to make sure that your certificate authority is managing its records and documentation adequately.
• Make sure that your electronic signature technology is interoperable with your and your constituencies’ other software applications: requiring complex or expensive solutions is probably not practical. It would be especially difficult to ask citizens to buy and maintain
multiple signature technologies.
• Evaluate risks and allocate liabilities: one of the functions of signatures is to provide the evidence of agreement to a transaction. There is no guarantee, either with paper or electronic signatures, that all parties will be one-hundred percent satisfied with the results all the time; litigation will always be with us. Because of that, you should understand the risks any system presents and you should manage the liabilities that result.
• Remember that the human side of the equation is critical: no technology will completely address your legal requirements. For example, despite all its attractive features as a technology, a digital signature is only as reliable as the certificate authority standing behind it. Overall, selecting the appropriate electronic signature technology means defining the criteria you consider important and then determining if your system and proposed application meet those criteria. The criteria should give priority to legal concerns, since signatures are primarily valuable for evidentiary purposes. But your assessment should include the consideration of other factors,
such as technology architectures, costs/benefits, your business practices, and all the policies, hardware, software, controls, and audit procedures that are pertinent. For a model of and methodology for system development and assessment, refer to the Trustworthy Information Systems Handbook. For a specific example of the criteria pertinent to a digital signature application, see the American Bar Association’s PKI Assessment Guidelines (See the Annotated List of Resources at the end of these guidelines).

Discussion Questions
• Why do you want to use electronic signatures? What business functions will the technology support?
• Who will have to use and rely on the electronic signature?
• How long will the signatures and the records to which the electronic signatures are affixed have to be preserved?
• Which state and federal statutes pertain to the functions and transactions that generate your signed records? What case law is there?
• How does the electronic signature technology fit into your overall technology architecture? What’s the total cost of the technology? What’s the cost per transaction?
• What sort of electronic signature technologies do your customers use? Will you have to share these records with any other organizations or agencies? What technologies do they use?
• What methodology will you use for documenting your information systems, policies, and practices?

Annotated List of Resources

Primary Resources
American Bar Association. Digital Signature Guidelines Tutorial. Washington, D.C.: American Bar Association, 1996.
<http://www.abanet.org/scitech/ec/isc/dsg-tutorial.html>
In 1996, the ABA’s Section on Science and Technology produced the first legal overview of electronic and digital signatures, as well as related concerns. Although there have been many legal and technological developments in the years since, the site still contains
fundamental information on signatures that is of value. The term “tutorial” is slightly misleading; this is basically a short essay, but it is the best introduction to signatures available. It has recently been complemented by the ABA’s PKI Assessment Guideline. American Bar Association. PKI Assessment Guidelines. Washington, D.C.: American Bar Association, 2001.

<http://www.abanet.org/scitech/ec/isc/pag/pag.html> The Information Security Committee of the Electronic Commerce Division of the ABA issued a draft version of its PKI Assessment Guidelines (PAG) in 2001. The PAG offers a practical guide for the evaluation and assessment of PKI systems and vendors. This is a very detailed document, almost four hundred pages long. It is available as a PDF file. As noted, it is currently a draft and will be updated in the future. Blanchette, Jean-Francoise. “Defining Electronic Authenticity: An Interdisciplinary Journey.” Workshop on Interdisciplinary Approaches to Achieving and Analysing System Dependability, Florence, Italy, 29 June 2004.

<http://homepages.cs.ncl.ac.uk/michael.harrison/dsn/blanchettejf_authenticity.pdf> Blanchette’s paper provides a succinct overview of digital signature and evidence law in the United States and Europe, along with an examination of the signature lifecycle and the technical preservation problems facing the archivists and the cryptographic community.

McBride Baker & Coles. Legislative Analysis Database for E-Commerce and Digital Signatures. Chicago, IL: McBride Baker & Coles, 2001.
<http://www.mbc.com/ecommerce/legislative.asp>
McBride Baker & Coles is Chicago law firm with an interest in information technology and the law. The Legislative Analysis Database for E-Commerce and Digital Signatures is a set of tables that allow for the comparative analysis of practices in different states. These
tables systematically list and distinguish enacted digital signature legislation and uniform laws. The firm’s e-commerce site provides a variety of other tables for study of pertinent issues around the world. Minnesota Historical Society, State Archives Department. Trustworthy Information Systems Handbook. Version 4, July 2002.
<http://www.mnhs.org/preserve/records/tis/tis.html>

National Institute of Standards and Technology (NIST), U.S. Department of Commerce.
Cryptographic Toolkit: Digital Signatures. Washington, D.C.: NIST, 2001.
<http://csrc.nist.gov/encryption/tkdigsigs.html>
NIST’s web site provides access to three Federal Information Processing Standards (FIPS) standards for digital signature algorithms, along with a variety of other resources on cryptography.

Additional Resources
HIPAAdvisory. Standards for Security and Electronic Signatures. Montgomery Village, MD: Phoenix Health Systems, 2001.
<http://www.hipaadvisory.com/regs/securityandelectronicsign/electronicsignature.htm> HIPAA,
the Health Insurance Portability and Accountability Act of 1996, has created a small industry of guidelines, consultancies, and web sites devoted to explaining how its mandates can be implemented. This site provides easy access to the rules created by the
Department of Health and Human Services for “standards for the security of individual health information and electronic signature use by health plans, health care clearinghouses, and health care providers.” Since so many important government functions are related to health care, HIPAA’s requirements will probably heavily influence the development of standards and technology architectures for electronic signatures.
State of Washington. Electronic Authentication. Olympia, WA: Office of the Secretary of State, 2001.
<http://www.secstate.wa.gov/ea> Washington’s digital signature law was a model for a number of other states, including
Minnesota. The Secretary of State oversees the implementation of the law and particularly the regulation of certificate authorities. The web site includes useful information and resources on the workings of the law.

Glossary
Architecture: An enterprise-wide architecture is a logically consistent set of principles that guide the design and development of an organization’s information systems and technology infrastructure.

Backward-compatible: The ability of a software program or piece of hardware to read files in previous versions of the software or hardware.

Bitmap (BMP files): A relatively low quality digital image file format, used most often in word processing applications. BMP format creates a lossless compression. Files end with a .bmp extension.

Bits: The smallest discrete units of digital data. Short for binary digit.

Byte: Eight consecutive bits of digital data.

Checksum: A checksum is a count of the number of bits in a transmission unit that is included with the unit so that the receiver can check to see whether the same number of bits arrived. If the counts match, then one can assume that the complete transmission was received.

Compact Disk (CD): A type of optical disk storage media, compact disks come in a variety of formats. These formats include CD-ROMs that are read-only, CD-Rs that you can write to once and are then read-only, and CD-RWs that you can write to in multiple sessions.

Compound document: A document with multiple elements (e.g., images, text, animation, hypertext).

Compression: A process, using special software, that reduces the file size of a given electronic file.

Conversion: Changing a record’s file format, often to make the record software-independent and in a standard or open format.

Digital Audio Tape (DAT): A type of digital storage media, DATs are in a cartridge format a little larger than a credit card. The industry standard for DAT cartridge format is a digital data storage (DDS) cartridge. DDS cartridges provide sequential access.

Digital data: Data that consists, at its most basic level, of just 0s and 1s.

Digital signature: “A transformation of a message using an asymmetric cryptosystem such that a person having the initial message and the signer’s public key can accurately determine: (1) whether the transformation was created using the private key that corresponds to the signer’s public key; and (2) whether the initial message has been altered since the transformation was made” [Minnesota Statutes, section 325K.01].

Digital Versatile Disk (DVD): An optical disk with more storage capacity than CD-ROMs, these disks are also called digital video disks, but do not necessarily include video. Common types of DVDs include: DVD-ROM (read-only), DVD-RAM (rewritable), DVD+RW
(competitor to DVD-RAM with similar functionality slightly greater storage capacity).

Digital Versatile Disk–Random Access Memory (DVD-RAM): These DVDs are rewritable disks with exceptional storage capacity.

Digital Versatile Disk–Read Only Memory (DVD-ROM): These DVDs are read-only disks that also have enough storage capacity for a full-length feature film. They are accessed using a special DVD drive attached to a personal computer. Most of these drives are backward compatible with CD-ROMs and can play DVD video disks. DVD-Rs can be written to once and are then readonly.
Digital Versatile Disk + ReWritable (DVD+RW): DVD+RW is a direct competitor to VDRAM with similar functionality and slightly greater storage capacity.

Disposal date: The date on which the records retention period for a given records series expires and the records may be disposed of, either by destruction or transfer to the Minnesota State Archives.

Disposition: Either the destruction of a record or the transfer of the record to the Minnesota State Archives.

Dublin Core metadata set: A widely used set of metadata elements that is easily embedded in a web page.

Erasable Optical (EO) disk: The user can write to, read from, and erase from EO disks as often as they can magnetic disks. EO disks require special hardware.

Electronic document management system (EDMS): A software program and supporting hardware that automate and integrate the records management process.

Electronic mail (e-mail): Electronic correspondence sent from one user to one or more recipients.

Electronic record: “A record created, generated, sent, communicated, received, or stored by electronic means” [Minnesota Statutes, section 325L.02].

Electronic signature: “An electronic sound, symbol, or process attached to or logically associated with a record and executed or adopted by a person with the intent to sign the record” [Minnesota Statutes, section 325L.02].

Extranet: A type of Internet site to which organizations allow only selected external access.

File name: The name of the file independent of location.

File path: The location of the file as it is stored in a series of directories.

File transfer protocol (FTP): A type of URL that is commonly used to store and exchange large files.

Free-text search: A document searching function that searches every word in a document or specified group of documents.

Geographic Information System (GIS): A system of hardware and software used for storage, retrieval, mapping, and analysis of geographic data. A GIS can be as complex as whole systems using dedicated databases and workstations hooked up to a network, or as simple as “off-theshelf” desktop software. A GIS is able to combine and overlay separate layers of geographic data, making
it a valuable tool for organizations needing to map and analyze spatial information.

Gigabyte: 1,024 megabytes of digital data.

Gopher: An early URI protocol used primarily in academic and governmental settings that is rarely used today.

Graphics Interchange Format (GIF): A digital image file format, GIF supports color and grayscale. Limited to 256 colors, GIFs are more effective for images such as logos and graphics rather than color photos or art. It should be noted that although the GIF format is widely used, it is technically proprietary. A lossless compression, files in GIF format end with a .gif extension.

Group list: A list of names and e-mail addresses, organized into a group, that enables the e-mail message sender to enter only the group list name when sending an e-mail message to the group list members.

Hypertext: A special type of database system that allows links among documents.

Hypertext transfer protocol (HTTP): A protocol commonly used to access resources on the Internet.

Information: “Data, text, images, sounds, codes, computer programs, software, databases, or the like” [Minnesota Statutes, section 325L.02].

Internet: The vast network of computer systems that enables worldwide connectivity among users and computers.

Intranet: An internal Internet site that cannot be accessed by anyone outside the organization.

Joint Photographic Experts Group (JPEG): A digital image file format, JPEG is a lossy compression technique for color and grayscale images. Depending upon the degree of compression, the loss of detail may be visible to the human eye. Files in JPEG format end with a .jpg extension.
Kilobyte: 1,204 bytes of digital data.

Lossiness: The degree to which data is lost during file compression.

Lossless compression: Refers to data compression techniques in which no data is lost.

Lossy compression: Refers to data compression techniques in which some amount of data is lost. Lossy compression technologies attempt to eliminate redundant or unnecessary information.

Mailto: This protocol is used for e-mail exchange.

Magnetic disk: A type of digital storage media, magnetic disks include the hard disk found in your computer that stores the programs and files you work with daily. Magnetic disks provide random access. Also included are removable hard disks, floppy disks, zip disks, and removable cartridges.

Magnetic tape: A type of digital storage media, magnetic tapes come in reel-to-reel as well as cartridge format (encased in a housing for ease of use). The two main advantages of magnetic tapes are their relatively low cost and their large storage capacities (up to several gigabytes). Magnetic tapes provide sequential access to stored information, which is slower than the random access of magnetic disks. Magnetic tapes are a common choice for long-term storage or the transport of large volumes of information.
Megabyte: 1,024 kilobytes of digital data.

Metadata: Data about data. Information (e.g., creator name, creation date) that is used to facilitate intellectual control of, and structured access to, other information.

Migration: Moving files to another computer platform that may require changing their formats.

Nearline storage: Storage in a system that is not a direct part of the network in daily use, but that can be accessed through the network.

News: A URI access protocol for newsgroups.

Offline storage: The storage of digital data outside the network in daily use (e.g., on backup tapes) that is only accessible through the offline storage system, not the network.

Online storage: The storage of digital data as fully accessible information on the network in daily use.

Optical Character Recognition (OCR): OCR is the recognition of printed or written text characters by a computer. This involves analysis of the scanned-in image, and then translation of the character image into character codes, such as ASCII. OCR is being applied by libraries, businesses, and government agencies to create text-searchable files for digital collections. OCR is also used to help process checks and credit card slips and sort the mail.

Persistent uniform resource locator (PURL): A type of URI scheme that is functionally a URL, but that redirects the user to a PURL server instead of the URL.

Pixel: A dot of color in a raster-based graphics file.

Pixel Bit-Depth: Defines the number of shades that can actually be represented by the amount of information saved for each pixel. These can range from 1 bit/pixel for binary (fax type) images to 24 bits per pixel or greater in high quality color images.

Portable Document Format (PDF): PDFs are useful for viewing and printing multiple documents and images. Commonly used to capture, distribute, and store electronic documents, PDF preserves the fonts, images, graphics, and overall “look” of the original digital files. As with the GIF format, the PDF format is proprietary, although widely used. Files in PDF often end with a .pdf extension.

Portable Network Graphics (PNG) files: A digital image file format, PNG files are designed to replace GIF files. PNG files can be ten to thirty percent more compressed than GIFs. PNG is completely patent and license free and is of higher quality than GIF. A lossless compression, files in PNG format end with a .png extension.

Raster graphics: A type of graphics file that stores the images as a collection of pixels. Also called bitmapped images.

Record: According to the State of Minnesota, an item that documents an official government transaction or action.

“All cards, correspondence, disks, maps, memoranda, microfilm, papers, photographs, recordings, reports, tapes, writings and other data, information or documentary material, regardless of physical form or characteristics, storage media or condition of use, made or received by an officer or agency of the state and an officer or agency of a county, city, town, school, district, municipal, subdivision or corporation or other public authority or political entity within the state pursuant to state law or in connection with the translation of public business by an officer or agency….The term ‘records’ excludes data and information that does not become part of an official translation, library and museum material made or acquired and kept solely for reference or exhibit purpose, extra copies of documents kept only for convenience of reference and stock of publications and process documents, and bond, coupons, or other obligations or evidence of indebtedness, the destruction or other disposition of which is governed by other laws” [Minnesota Statutes, section 138.17,
subd.1].

“Information that is inscribed on a tangible medium or that is stored in an electronic or other medium and is retrievable in perceivable form” [Minnesota Statutes, section 325L.02]. Recordkeeping: The act or process of creating, maintaining, and disposing of records. See also

Records management.
Records continuum: An Australian concept that holds that each person who touches the record should manage the record during its existence, using the stage of the record (e.g., creation, use, long-term storage) as a reference point, not a separate function.
Records management: The planning, controlling, directing, organizing, training, promoting, and other managerial activities related to the creation, maintenance, use, and disposition of records.

Records retention period: The length of time a given records series must be kept, expressed as either a time period (e.g., four years), an event or action (e.g., audit), or a combination (e.g., six months after audit). Records retention schedule: A plan for the management of records listing types of records and how long they should be kept; the purpose is to provide continuing authority to dispose of or
transfer records to the Minnesota State Archives.

Records series: Records arranged according to a filing system or kept together because they relate to a particular subject or function or result from the same activity. Tagged Image File Format (TIFF): A digital image format, TIFF supports black and white, gray-scaled, and color. TIFF is a non-proprietary format offering the option of lossless compression. TIFF files are usually indicated with the .tif extension.

Telnet: A URI access protocol that provides the user remote control (not just access) to another computer. Most commonly used for interactive, text-based sites.

Terabyte: 1,024 gigabytes of digital data.

Transfer protocol: A series of commands that defines how information is formatted, retrieved, and delivered. Usually used in reference to information transferred over the Internet.

Uniform resource identifier (URI): A short text string that describes an item on the Internet. Also known as the resource’s “address.”

Uniform resource locator (URL): A type of URI scheme that allows users to access resources on the Internet.

Uniform resource name (URN): A type of URI scheme that is designed to serve as a persistent, location-independent resource identifier.

Vector graphics: A type of graphics file that stores the image as a collection of geometric shapes.

Vital record: A record that is essential to the organization’s operation or to the reestablishment of the organization after a disaster.

Web site: A collection of Uniform Resource Indicators (URIs) in the control of one administrative entity. May include different types of URIs (e.g., file transfer protocol sites, telnet sites, as well as World Wide Web sites).

Records Management

Records management is the:
Planning, controlling, directing, organizing, training, promoting, and other managerial activities involved with respect to records creation, records maintenance and use, and records disposition in order to achieve adequate and proper documentation of the policies
and transactions of the Federal Government and effective and economical management of agency operations.

Records are managed throughout a “records lifecycle,” which has three stages:
1. Creation or Receipt
2. Maintenance and Use
3. Disposition of Temporary and Permanent Records

below shows the Records Lifecycle stages

1.3 Objectives
The primary objectives of records management within DOE are to ensure the capture, storage, retrieval, disposal, and preservation of records that serve as documentary evidence of the work and history of DOE. One of primary concerns is ensuring that records are carefully preserved when they have value for future study by scholars and historians. Properly managed files will prevent the loss of historical records and make filing easier, simpler, more logical, and more efficient.

1.4 Governance
The National Archives and Records Administration (NARA) shares responsibility with federal agencies to ensure that each agency creates and preserves records containing adequate and proper documentation of the organization, functions, policies, decisions, procedures, and essential transactions of the agency. The Archivist of the United States, as head of NARA, provides direction, guidance, assistance, and oversight through issuance of records management regulations and standards applicable to all federal agencies .

1.4.1 Federal Laws, Regulations, and Requirements
Federal records management is mandated by the following laws and regulations:
▪ governs records management by NARA and the General Services Administration.
▪ governs records management by federal agencies.
▪ describes penalties for willfully and unlawfully destroying, damaging, or removing federal records. provides regulations implementing 44 USC 3101 through 3107

On August 24, 2012, the President issued Managing Government Records Directive , which provides multiple requirements including the elimination of paper and the use of electronic recordkeeping to the fullest extent possible. On September 15, 2014, OMB and NARA issued Guidance on Managing Email which provides details on NARA’s Capstone approach, designed to assist agencies with meeting the goals outlined in M12-18 pertaining to electronic messaging.

1.4.2 DOE Requirements
Records Management Program provides the foundation and requirements for the establishment and maintenance of the DOE Records Management Program. It implements and provides the requirements and assigns responsibilities for creating and preserving DOE records, to include the management of unique sets of records. The Contractor Requirements Document (CRD) provided in Attachment 1 of DOE O 243.1b, provides the requirements contractors must follow when they create, use, maintain, receive, disseminate, or dispose of DOE records in connection with the performance of DOE-funded tasks or activities.

Records schedules approved by NARA provide mandatory instructions for the disposition of the records (including the accession of permanent records and disposal of temporary records) when they are no longer needed by the agency. All federal records must be scheduled either by an agency schedule or a General Records Schedule (GRS).

1.5 Responsibilities & General Requirements
Every federal employee and contractor is responsible for creating, managing, protecting, and disposing of federal records in their custody. There are legal consequences for destroying records without the proper authority. Following sound records management practices benefits the Department in many ways, including improving access to information and preserving agency historical records.

1.5.1 Senior Officials
Senior officials should be fully informed of federal laws and requirements concerning records held by their organizations, including:

The legal requirements governing the disposition of DOE and DOE-contractor records (removal or destruction of records may occur only when authorized by NARA in a DOE records disposition schedule or in the NARA-published General Records Schedules, as signed by the Archivist of the United States);
The criminal penalties for the unlawful removal or destruction of federal records and and the unlawful disclosure of national security information The handling of records containing information exempt from disclosure under the Freedom of
Information Act (FOIA),the Privacy Act or other information restricted by law; and
The legal responsibility of an employee to inform their Program Records Official (PRO) Records Management Community of any actual, impending, or threatened unlawful removal, alteration, or destruction of records. The PRO receiving the information must ensure that the Departmental Records Officer (DRO) is immediately informed in accordance with accepted reporting procedures.

1.5.2 Contractors
All contractors, regardless of whether they are federal, Managing & Operating (M&O) contractors, or other must manage government-owned records according to their governing government contract. Government-owned records as defined in the Access to and Ownership of Records clause are all records acquired or generated by the contractor in the performance of their contract, including records series described within the contract as Privacy Act systems of records. These records are the property of the Government and shall be maintained in accordance with “Records Management.” The contractor shall ensure records classified as Privacy Act system of records are maintained in accordance with “Privacy Act.”

Contractor-owned records are also defined within the Access to and Ownership of Records clause ) and include:

Employment-related records (excluding those listed as Privacy Act systems of records)
Confidential contractor financial information
Records relating to any procurement action by the contractor, except records under
Legal records
Technology transfer records related to executed license agreements, Cooperative Research and Development Agreement (CRADA) information, patent, and copyright application files (see the “Access to and Ownership of Records” clause for further details)

1.5.3 New Employees
In general, new federal employees and contractors will receive records management information and requirements during the onboarding process either through official human resource processes or through association with their local records contact. In the absence of a records management briefing or lack of provided related documentation, resources such as the Records Management
Handbook and other guidance products are available for reference at the Records Management energy.gov and PowerPedia pages.

1.5.4 Exiting Employees
Records Management Program provides the Department’s final exit policy concerning records. By law, federal records may not be removed from Government custody nor may they be destroyed without a records disposition schedule that has been approved by the Archivist of the United States. Accordingly, every federal employee and contractor has an obligation to preserve and protect
federal records. Occurrences of unauthorized records destruction or removal of records from Departmental custody without appropriate approval must be reported immediately to the DRO.

1.5.4.1 Records Inventory
Federal and contractor employees should contact their local records contact approximately two weeks prior to departure and identify federal records for which they have custody and responsibility. Records, regardless of media, shall be inventoried Records Inventory and those on file servers, hard drives, and in email systems shall be copied and removed or reassigned.

Inactive records must be transferred to a records management custodian and active records must be reassigned to another employee.
Depending on the status of the contract, the departing contractor employee’s records must be reassigned to another contractor or federal employee or incorporated into the Department’s official files.
All file searches for which the employee has been tasked must be completed or reassigned, such as those for FOIA, Congressional, or litigation-related document requests.

1.5.4.2 Vault and Restricted Area Combinations, Passwords, and File Cabinets
Vault and restricted area combinations, computer and system passwords, and filing cabinet keys must be turned over to the departing federal employee’s supervisor or the contractor employee’s supervisor / Contracting Official’s Technical Representative (COTR) (accounting for necessary security clearances).

1.5.4.3 Departing Senior Officials
Although federal records may not be removed, departing senior officials are allowed to create a limited number of duplicate copies of unclassified documents for reference or personal use when warranted by the level of their position, significance of the work or research, or the prestige of the researcher. Such copies are considered non-record material. DOE senior officials may retain these extra copies, provided the retention will not:

Diminish the official records of the Department;
Violate confidentiality required by national security, privacy, or other interests protected by law; and
Exceed normal administrative economies, such as the administrative costs of storage and maintenance.

Senior officials may remove documentary materials that are of a purely personal nature when they leave the Department. Personal materials include family and personal correspondence and materials documenting outside professional activities and outside business or political pursuits. Removal of any of the above items must be reviewed and approved by the PRO, Records Management Field Officer (RMFO), or the DRO before they may be removed to ensure that the law and all Departmental policies are properly followed. An accounting must be made of all nonrecord and personal papers that are removed.

1.5.4.4 Certification
A certification must be made by the departing employee that all federal documents, records, and files, regardless of media, have been identified and transferred to a records management custodian or COTR, or have been reassigned to another employee. The appropriate records official (Headquarters – Records Liaison Officer (RLO) or Records Management Field Officer (RMFO) Records Management Community, or contractor’s COTR must initial the certification.

The exiting employee should work with local Human Capital officials, their records contact, and any other officials with a vested interest to complete requisite forms, such as Employee Separation Clearance. Completion of this form is required for exiting HQ federal employees; section 7c “RLO Action” should be completed with the appropriate RLO’s assistance. “Employee Separation:
Completing provides instructions on the completion of section 7c of HQ F 3293.1. DOE Records Management Program Office has released an additional Employee Exit guidance product for further information. Field and contractor exit processes may have unique requirements. Contact your local records contact for further information.

1.4.3 Penalties for Unauthorized Creation and Destruction of Records
Records created or acquired by an official or employee of the Department in the course of conducting DOE business are the property of the Department. The maximum penalty for the willful and unlawful removal, mutilation, obliteration, destruction, or private use of any federal record includes a fine, up to three years in prison, or both (18 USC 2071). All employees are responsible for reporting any actual or threatened unlawful loss or removal of official records to the Departmental Records Officer, Office of the Chief Information Officer.

Due to the increase of telework, employees and contractors should ensure that records created offsite are captured within a federal system or network. In particular, federal employees are prohibited from creating or sending a record using a non-official electronic messaging account unless the message is originally copied to or forwarded to an official electronic messaging account within 20 days. Electronic messaging tools may not be limited to just email. To encourage compliance and promote the seriousness of records management, the law provides for disciplinary action for
intentional violations (44 USC 2209).

2.0 Records Management Program at DOE
The Department of Energy (DOE) Records Management Program ensures compliance with the Federal Records
The DOE Records Management Program (RMP) mission is to establish and maintain policies and procedures for the systematic management of DOE records. Through managing records during their lifecycle, DOE preserves and protects records in accordance with requirements set forth by the Congress, the National Archives and Records Administration (NARA), the Office of Management and Budget (OMB), other federal agencies, and DOE.

2.1 Mission
Chapter Highlights
Mission
Goals
Records Management Program Office
Records Management Community
Records Schedules
Training
performance through the creation and maintenance of records, while also protecting the rights and interests of the Department and the American public. sound records management program provides decision-makers and others with the right information for mission of records throughout their lifecycle in an economical, efficient, and effective manner. Implementation of a

2.2 Goals
DOE records management goals include:

Enable a more efficient RMP through the use of the technology and enterprise-wide established best practices
Ensure risk management practices are in place to determine when best to avoid, mitigate, accept, or eliminate information risks and to respond to compromises
Enhance processes for standardizing responses and promoting reuse of solutions
Provide records management training and expert advice to DOE employees and contractors

2.3 Records Management Program Office
The Records Management Program Office operates within the Office of the Chief Information Officer (OCIO). The Records Management Program Office develops and provides records management policy, directives, assistance, guidance, and direction to the Records Management Community (RMC) and the Department as a whole. Through the Departmental Records Officer (DRO), the Records Management Program Office reports to the Secretary every year on the status of records management in DOE.

The Records Management Program Office works closely with the DOE Senior Agency Official (SAO) for records, who is the Chief Information Officer. The SAO has direct responsibility for ensuring that the department efficiently and appropriately complies with all applicable records management statutes, regulations, NARA policy, and the requirements of the Managing Government Records Directive. DOE O 243.1b, Records Management Program, establishes the Records Management Program Office’s responsibilities.
The Records Management Program Office is available for questions or concerns that cannot be resolved locally or have an impact on multiple elements within the Department.

2.4 Records Management Community
The Records Management Community (RMC) is a vital part of the success of records management initiatives and projects at DOE. The RMC is a network of DOE records management professionals throughout the United States at a variety of DOE program offices, staff and support offices, field sites, and laboratories. These individuals have the knowledge and expertise to do any range of records management activities including, but not limited to, records transfers and disposals, records scheduling, inventories, and training.

The following program roles exist within each element, where appointed, and serve as the primary roles and contacts within the RMC.

Agency Records Officers (AROs) have records management responsibility with appropriate authority to support, coordinate, and implement oversight of their respective records management programs consistent with federal laws and regulations. Additionally, AROs provide senior records management analysis and subject matter expertise for guidance, direction, and oversight of their RM program under the DOE Records Management Program.
Per the DOE O 243.1b, Records Management Program, a Program Records Official (PRO) must be assigned to each DOE element. A PRO is a federal senior-level DOE HQ manager who has program and field site oversight, budgetary, and signatory authority to approve records matters for the program and serves as the program liaison with the Departmental Records Officer.
A Records Management Field Officer (RMFO) is a federal senior manager who represents a field site, office, or laboratory and implements the records management program for their respective organizations; they also serve as liaison with the DOE HQ PRO, and provide oversight and guidance to federal and contractor records management programs.
A Records Liaison Officer (RLO) provides day-to-day administration of an organization’s records management program and acts as liaison with the PRO or RMFO, as appropriate.
A Contractor Records Custodian (CRC) is a contractor representative for a program, staff, or support office (in DOE HQ and the field) who provides day-to-day administration of an organization’s RM program and acts as liaison with their PRO or RMFO as appropriate. When DOE employees or contractors have questions on records management, they should first reach out to their local records contact who is familiar with their element and the records they deal with on a daily basis. All records management contact information can be found at “Contacts for Information Management: Forms & Records.”

2.5 Records Schedules
Records schedules help determine when to keep, transfer, and destroy records. As such, they are essential to the appropriate and accurate completion of actions detailed within Section 5, Records

Disposition.
Presently, there are four types of records disposition schedules at DOE:
1. General Records Schedules (GRS) are NARA drafted and approved disposition schedules for records common to federal agencies. All agencies are required by law to follow the GRS disposition instructions unless an agency has received an exemption from NARA.
2. DOE Administrative Records Schedules are scheduling guidance products customized for DOE records. The Administrative Records Schedules contain NARA GRS customized for DOE (and its contractors) as well as any NARA-approved DOE specific records disposition schedules. These guidance products do not include Power Marketing Administration records specific schedules or other programmatic and site specific schedules.
3. Program Specific Records Schedules are NARA-approved schedules that cover the unique program records held by any Departmental or contractor office.
4. Site Specific Records Schedules covers record held by specific Departmental or contractor offices, and are specifically approved if they are not covered elsewhere in other schedules or those that do not meet the needs of the sites. Only the site identified
in a site specific schedule may use it, unless permission has been granted by the DOE

Records Management Program and/or NARA.
These schedules identify and authorize the selective disposition of records for two different retention periods (i.e., the length of time that records should be kept or retained):

Permanent retention of records of continuing value that should never be destroyed; and
Temporary retention of records with temporary value that can be destroyed after the expiration of a specified time period or on the occurrence of a specific event.

2.6 Training
Basic records management training, also known as “Records Management 101” or “RM 101,” is currently provided to promote general awareness of RM. RM 101 is mandatory and should be taken annually. It is available on the Human Capital (HC) training site Online Learning Center (OLC) and the DOE Contractor Training Site.

3.0 Records Creation or Receipt
Records creation or receipt is the first stage of the records lifecycle. The objectives of this stage are to: Chapter Highlights

Create complete and accurate records that provide Identify Federal Records adequate information to document the organization, Capture of Records functions, policies, decisions, procedures, and essential transactions of the agency and that are designed to furnish the information necessary to protect the legal and financial rights of the Government and of persons directly affected by the Department’s activities.
Distinguish between record and non-record material through the appropriate application of
the definition of records to documentary material.

3.1 Identify Federal Records
Information in any format or media that is created or received while fulfilling duties as a federal employee or contractor, or conducting official business that evidences Departmental functions, organization, and activities is a federal record. Attachment 3, Determining Record Status provides a high-level checklist to assist with determining if a document is a federal record.

3.1.1 Essential Records
Essential records, also known as vital records, specify how the Department will operate in case of an emergency or disaster. These records are vital to the continued operations of the Department during and after an emergency or disaster, and are needed to protect the legal and financial rights of the Government and of the persons affected by its actions. For additional requirements not
included in this section, see DOE O 243.1b, Records Management Program and NARA’s Records Emergency Information guidance.

3.1.1.1 National Essential Functions
Essential records support two types of National Essential Functions which must operate under any kind of emergency and are critical elements of a successful continuity plan and program:

1. Mission Essential Functions (MEFs) are a set of department and agency level government functions that must be continued throughout or resumed rapidly after a disruption of normal activities; enable DOE to provide vital services, exercise civil authority, maintain safety of the public, and sustain industrial/economic base during disruption of normal operations.

2. Primary Mission Essential Functions (PMEFs) are mission essential functions that must be performed in order to support the performance of National Essential Functions before, during, and in the aftermath of an emergency. These functions should be continuous or resumed within 12 hours of an event and maintained for up to 30 days or until normal operations can be resumed

3.1.1.2 Emergency Operating Records
Emergency operating records are a type of essential records essential to the continued functioning or reconstitution of an organization during and after an emergency, such as:

Emergency plans and directives
Orders of succession
Delegations of authority
Staffing assignments
Selected program records needed to continue the most critical Departmental operations
Related policy or procedural records that assist staff in conducting operations under emergency conditions and for resuming normal operations after an emergency
Records necessary for the mobilization and protection of material, human resources, services, and systems
Records necessary for the maintenance of public health, safety, and order The conduct of essential civil defense activities

3.1.1.3 Legal and Financial Rights Records
Legal and financial rights records are essential to protect the legal and financial rights of the Government and of the individuals directly affected by its activities, such as:

Accounts receivable records
Social security records
Payroll
Leave
Retirement
Insurance
Records of significant amounts of money owed to the Department or to contractors and, if needed, supporting records such as periodic summaries of financial status
Valuable research records

3.1.2 Social Media Records
The use of social media websites, such as Facebook, Twitter, and Instagram, may result in the creation or receipt of records.
When determining if a social media post and/or the public comments received for a posting is a record, review the federal definition of a record as provided in 44 USC 3301 and review Attachment 3.

3.1.3 Email Records
Many of the records DOE federal employees and contractors create and receive in the course of their daily work are emails.
Email records are documents created or received on an email system including notes, formal or substantive narrative documents, and any attachments, such as word processing and other electronic documents, which are transmitted by electronic message. Records are defined in 44 USC 3301, and 36 CFR 1222.10.

Email records should be captured electronically, not simply printed out on paper and then deleted. Note that email systems may omit send, receipt, and recipient information from the hardcopies when printing; therefore, the hardcopies are not identical copies of the electronic version of the email.

3.1.4 Record Status of Copies
Whether a particular document is a record does not depend on if it contains unique information or if it is a copy. Multiple copies of the same document containing duplicative information, including messages created or received on email systems, may each have their own record status depending on how they are used to transact agency business. They may be stored and maintained in completely different filing systems, and may have different retention periods.

Exhibit 3-2 below is an example of when a record may meet different functions and be filed separately.

3.1.5 Working Files and Similar Materials
Working files, such as preliminary drafts and rough notes, and other similar materials must be maintained for purposes of adequate and proper documentation if:

They are circulated or made available to employees, other than the creator, for official purposes such as approval, comment, action, recommendation, follow-up, or to communicate with agency staff about agency business.
They contain unique information, such as substantive annotations or comments included therein, that add to a proper understanding of the agency’s formulation and execution of basic policies, decisions, actions, or responsibilities.

3.1.6 Non-record Materials
Non-record materials are government-owned documentary materials that do not meet the conditions of record status, or are specifically excluded, such as:

Duplicate copies of records kept only for convenience of reference
Library and museum material intended solely for reference or exhibition

If you are unsure that what you are looking at is a non-record, contact your local records officer
for verification and review 44 USC 3301 and Attachment 3.

3.1.7 Personal Papers
Personal papers are documentary materials belonging to an individual that are not used in the conduct of Department business (36 CFR 1220.18). Personal papers are excluded from the definition of federal records and are not owned by the Government. Examples of personal papers include:

Materials accumulated by an official before joining Government service that are not used subsequently in the transaction of Government business;
Materials relating solely to an individual’s private affairs, such as outside business pursuits,
professional affiliations, or private political associations that do not relate to agency business;
and
Diaries, journals, personal correspondence, or other personal notes that are not prepared to be used for, or circulated or communicated in the course of, transacting Government business. Materials labeled “personal,” “confidential,” “private,” or similarly designated, and used in the transaction of public business, are federal records. The use of a label such as “personal” is not sufficient to determine the status of documentary materials in a federal office (36 CFR 1222.34).

3.2 Capture of Records
Information that is received by Department personnel from sources external to the Department and that meets the definition of a record must be captured as a record, regardless of media. Paper records may be captured physically or can be scanned or digitized into an electronic format. Due to the rise of technology and electronic systems, converting paper to electronic records may
be a priority for many offices as it offers many benefits including, but not limited to:

Easy access to records, as electronic records may be accessed from multiple locations;
Effective use of resources, since electronic records may be stored or relocated using less expensive storage options; and
Improved customer service, with easier access to records.

Received electronic records may be captured in the original format in shared drives or electronic systems that allow records to be deleted according to approved records disposition schedules. Many electronic records are now received through email. Emails and any corresponding attachments should be retained in an electronic environment to the fullest extent possible, preferably outside of an email application, such as Outlook, as applications may not disposition records according to federal requirements. Printing emails, or any other electronic record, for the purpose of filing or storage should be limited as much as possible.

4.0 Records Maintenance and Use
Records maintenance and use is the second stage in the

Chapter Highlights
records lifecycle. The objectives of this stage are to:

Preserve the integrity of a record by ensuring it has not Records Inventory been altered after completion; File Plan
Planning and Arranging Files
Maintain usability of the record by those with a need for Records Storage & Maintenance the information; Requirements
Facilitate identification and retention of permanent records; and Maintain permanent and temporary records separately.

4.1 Records Inventory
A records inventory is a complete and accurate survey of business information, which identifies:

Ownership (office of creation)
Title
Location
Disposition identified in approved records disposition schedules
Volume (usually identified in cubic feet)
Media (microform, paper, electronic, etc.)
Arrangement
Special circumstances (classification, essential records, quality assurance, etc.)

An inventory may also provide an indication of other concerns such as the rate of file growth for storage planning. It will provide the foundation your program needs to complete a file plan and schedule your records. Your local records contact will be able to assist your program with inventorying its records.

4.2 File Plan
File plans specify how records are to be organized once they have been created or received, provide a “roadmap” to the records created and maintained by an organization, and facilitate the eventual transfer or destruction of the records. The file plan provides a standardized records classification scheme that improves filing, enhances access and retrieval, and supports the use of records
disposition schedules.

Although there are many approaches to developing file plans, they are typically organized hierarchically according to the functions of the organization. Each function is assigned a plan item number or file code and subcategories are identified by extensions of the main number. These may be determined by programs locally as needed, but there is no set requirement for the numbering of file folders or categories.

Table 4-1 represents a basic, two-level file plan outline. This is an example that programs can use to develop ideas for how to organize and label their own file plans.

In the file plan example above, the functional categories (e.g., 010, 0050, 0300) represent a folder (in an electronic filing system) or a filing guide (in a paper system). The subcategories then become a subfolder (in an electronic filing system), or a paper folder (in a paper system). It is at this subcategory level that records are dispositioned.

A comprehensive office file plan provides a “location” for every record in an electronic or paper filing system. Understanding the file plan helps users know where to file their records and helps others know where to find the records they need to complete their tasks. Linking the file plan categories and subcategories to the appropriate record disposition schedules enables users to implement the proper retention and disposal of the records.
Table 4-2 below is an example of a DOE administrative file plan.

While file plans assist in filing, accessing, and dispositioning records, file manuals may be needed for large filing areas to provide a greater level of detail on how each category or subcategory of record is managed. Information provided in a file manual often includes the following information about a record category:

Location – Where the electronic files or hard copies are physically maintained
Custodian – The person responsible for filing the record copy of the electronic file or hardcopy document
Content – A description of the documents that should be filed in order to ensure a complete and accurate record of the activity
Arrangement – How documents are organized within the folders
Labels – Instructions on how to identify the electronic or hard-copy folders
Disposition – Cut-off or transfer information from the records disposition schedule

4.3 Planning & Arranging Files
Regardless of the method used for filing, records must be easily retrievable and be separated by record status (i.e., record versus non-record), and by retention period (i.e., temporary versus permanent).

4.3.1 Official File Stations/Network Share Drives
Official file stations or network share drives are specifically designated organizational units where official file copies of documents are maintained. For electronic records, official file stations may be established on a network drive. File stations may be established at any organizational level necessary to provide a network of recordkeeping locations within an office or division to:
Provide technical control and supervision of official files;
Facilitate coordination between and among file stations; and
Ensure uniformity in filing and reference procedures.

4.3.2 Centralization & Decentralization of File Stations/Network Share Drives
Determining whether your office requires a centralized or decentralized file station depends on the office needs.
In centralized files, the files of a unit are maintained in one central location, controlled by a records staffer. For large centralized filing systems, several people may be required. Consider locating files to a centralized file station when:

More than one work unit has need for the same files.
Units are sufficiently near the central file for prompt service.
A centralized storage system can reduce duplication and provide clear roles and responsibilities regarding records management. However, this system has several disadvantages:
Full-time staffing may be required.
Records may become distant from staff and may be difficult to retrieve for use.
Significant investment in terms of facilities and filing equipment or additional technology for electronic records may be required.
A common example of a centralized storage system is a records holding area or network shared drive.

A decentralized filing system maintains records throughout an office or unit, generally at individual work stations and the records are usually controlled by the person who creates or receives them. Consider locating files in a decentralized file system when:

Files are of interest to only one person or office.
Centralized filing is too distant for efficient service.
Information must be immediately available to the creator.
Constant reference is made to the files by one person or office.

Additionally, a decentralized system can allow staffers to feel more comfortable knowing they are in control of their records. However, there are also a few disadvantages:

Confusion regarding where information can be found, especially when a staff member is out of office or has left the agency
Information may be duplicated or fragmented in multiple places as several individuals may be holding the same record.
Lack of education regarding file organization may result in improper maintenance and management of records, as well as a lack of uniformity or consistency in file organization.

4.4 Records Storage & Maintenance Requirements
There are a variety of requirements that should be considered when determining where and how to store and manage records.
For example, records should not be interfiled with non-record materials. Personal files must be clearly designated and maintained separately from the office’s official records. If information about private matters and agency business appears in a document, the document is a federal record. However, a copy of the document can be made with the personal information deleted or redacted,
and captured as the federal record. Below are some other requirements that should be taken into account prior to the storage of your
program’s records.

4.4.1 Security
Security should be considered when records are stored and maintained, whether locally or within a records storage facility (see Section 5.2, Records Transfer for more details on storage facilities).

4.4.1.1 Classified Records
Classification requirements must be followed as long as the information remains classified. For the security requirements and responsibilities affecting classified records, see DOE O 471.6, Information Security. Clearly identifying classified records on the records inventory may assist in complying with this Order. Within DOE, only persons who have been trained and certified as
Derivative Classifiers may determine if a document contains classified information. For information on the proper identification of classified records, see DOE Order 475.2B, Identifying Classified Information.

Every employee with a clearance signs the DOE F 5631.18, Security Acknowledgement, in which they agree to the appropriate protection of classified matter. Every person granted a security clearance by the U.S. Government must protect the classified matter with which they are entrusted. That means the person must control access to that information and ensure it is not disclosed to
unauthorized persons. There is a multi-part test to determine if classified information can be shared with another person:

1. Does the other person have a security clearance at the appropriate level?
2. Does the other person have the appropriate access authorizations to permit access to the classified matter?
3. Does the other person “need-to-know” that classified information? If the answers to these questions are “no” then the classified information cannot be disclosed to the other person.

4.4.1.2 Sensitive Unclassified Records
Official Use Only (OUO) is information which if released to an unauthorized person could damage Government, commercial, or private interests and may be exempt from public release under the Freedom of Information Act (FOIA). Information that is OUO includes, but is not limited to, Personally Identifiable Information (PII), proprietary information, and Export Controlled
Information (ECI).

An individual does not require a security clearance to have access to OUO. In general, OUO may be given to anyone who has a need-to-know. However, some types of OUO have additional access limitations. For example, foreign nationals must not have access to ECI.
For specific requirements regarding OUO, refer to DOE Order 471.3, Admin Chg 1, Identifying and Protecting Official Use Only Information and DOE Manual 471.3-1, Admin Chg 1, Manual for Identifying and Protecting Official Use Only Information.

Another type of sensitive unclassified information is Unclassified Controlled Nuclear Information (UCNI). Only persons who have been trained and certified as UCNI Reviewing Officials may identify documents containing UCNI. For specific requirements regarding UCNI refer to 10 CFR 1017 and DOE Order 471.1B, Identification and Protection of Unclassified Controlled Nuclear Information.

4.4.2 Records Storage Media
Records storage media refers to the material or platform used for the storage of the records. Records on specific types of materials often have some prescribed environmental conditions and/or product specifications to prevent information loss. Similarly, the file type of electronic records should be considered as certain file types may become unsupported when systems and applications
become obsolete.

4.4.2.1 Social Media Records
It is up to the individual office to capture and manage the records created or received through social media. Sometimes the social media website will allow for export of record content. This may be determined by reviewing the terms of use. Once social media records are captured, they should be managed like any other record within a recordkeeping system. For information on using social media, programs should conform to DOE’s Social Media policy. For more guidance on social media records, DOERM has released “Social Media Records and You.” For further guidance and assistance with capturing social media records work with your
local records contact.

4.4.2.2 Email Records
Records created or received on email systems must be managed in accordance with the provisions and following the standards outlined in 36 CFR 1236, and as it pertains to the adequacy of documentation, recordkeeping requirements, agency records management responsibilities, and records disposition (36 CFR parts 1220, 1222, and 1226). Specifically, email records must be
managed electronically (Managing Government Records Directive, OMB M-12-18). Email must be preserved for its approved retention period, along with all essential transmission and receipt data. Disposition of all email records will be made in accordance with authorized disposition schedules.

4.4.2.2.1 Short-Term Records
As part of NARA’s Records Management Initiatives to redesign federal records management, 36 CFR 1236.22c authorizes agencies to dispose of short-term email records (also known as transitory records) without creating a separate paper or electronic recordkeeping copy as was required under NARA’s old regulation. These emails can be held within the email application for 180 days or less
(GRS 23 item 7 and GRS 4.2 item 010).

If the “auto-delete” is set for 180 days, this may be applied to records with a shorter retention period as well; however, agencies are not allowed to use “auto-delete” for records with a retention period exceeding 180 days. This regulation provides agencies with an alternative process for managing transitory email; agencies may continue to create and file separate copies of all email records including transitory records in a recordkeeping system.

4.4.2.2.2 Temporary and Permanent Records
Besides the text of email messages, email systems may provide record transmission and receipt data. Transmission data should be preserved with all email items classified as federal records. Similar to a paper record, this information is necessary for a complete record. Email users should request receipt data when it is necessary for adequate and proper documentation of DOE activities. In such instances, when receipt data is associated with the record copy documenting these activities, the email message must be preserved.
Permanent and temporary email are maintained and made available for office use by filing the email electronically when an electronic recordkeeping system is used. Organizations that choose to manage emails in electronic recordkeeping systems must be able to perform all the requirements of preservation and disposition through the application system itself, or copy email records into an
electronic recordkeeping system that is able to perform all the functional requirements set forth in federal regulations.

4.4.2.2.3 Non-Records
Some emails will be non-records, including personal emails. DOE federal employees and contractors should use the tools in their email application (such as Outlook) to remove any nonrecords.

4.4.2.2.4 Capstone, a New Approach
In 2013, NARA announced a new approach to managing email, called Capstone, which was developed to address the overwhelming amount of email records currently being produced in the federal environment and the need to adequately capture and control them. The approach allows agencies to classify and manage their email records by the role of the email user, holding senior
officials record emails permanently and all other employees for varying periods.

The DOE Chief Information Officer (CIO) and Senior Agency Official (SAO) approved the Capstone approach for use at DOE. Email records captured and managed under the Capstone approach will be retained using GRS 6.1 following NARA’s approval of DOE’s NA-1005, Verification for Implementing GRS 6.1. For further information or updates, please contact your local records contact.

4.4.2.3 Electronic Systems
An electronic information system (EIS) contains and provides access to computerized federal records and other information. As EISs become more prevalent within the federal work environment, DOE must ensure that federal records in electronic information systems can provide adequate and proper documentation of agency business as long as the information is needed.

An electronic recordkeeping system (ERKS) is a type of EIS in which records are collected, organized, and categorized to facilitate their preservation, retrieval, use, and disposition. Some electronic recordkeeping systems use rules, which manually assign records disposition schedules to the emails based on specific metadata like sender or recipient, and auto-categorization, which uses a computer algorithm to identify patterns and elements within the email itself to assign a schedule. Some recordkeeping systems require a records professional to manually screen and identify records disposition schedules for each email or at a folder level.

4.4.2.3.1 System Development
Per 36 CFR 1236.6, DOE has three major responsibilities when it comes to electronic records management:
1. Incorporate management of electronic records into the records management activities;
2. Integrate records management and preservation considerations into the design, development, enhancement, and implementation of electronic information systems (see also: OMB Circular A130, par. 8a(1)(k)); and
3. Appropriately manage electronic records.
To meet these requirements, DOE must ensure that records management requirements are considered when systems go through the System Development Life Cycle (SDLC). The SDLC is a process that plans, creates, tests, and deploys information systems and should not be confused with the records lifecycle as outlined in Section 1.2 Records Management.

It is essential that the following records management considerations be incorporated into an EIS throughout the SDLC process (36 CFR 1236.12):

Records management controls must be planned and implemented in the system.
All records in the system must be retrievable and usable for as long as needed to conduct DOE business (i.e., for their NARA-approved retention period). Where the records will need to be retained beyond the planned life of the system, DOE must plan and budget for the migration of records and their associated metadata to new storage media or formats in order to avoid loss due to media decay or technological obsolescence.
Permanent records contained within the system must be accessioned to NARA and temporary records should be transferred to FRCs (see Section 5.0 Records Disposition).
Provision of a standard interchange format (e.g., ASCII or XML) should be made, when needed, to permit the exchange of electronic documents between offices using different software or operating systems.

Additionally, DOE must ensure the reliability, authenticity, integrity, usability, content, context, and structure of the records contained within the EIS system by implementing appropriate controls.

4.4.2.3.2 Maintenance of Records within Systems
Records maintained in or created by an EIS must be managed in the same way as hardcopy records. They must be identified, organized for access and use, and have a defined records disposition schedule to determine when they are no longer useful or needed for Departmental business.

4.4.2.3 Audiovisual Records
Audiovisual records must be managed and stored in accordance with 36 CFR 1237. Cooler temperatures and lower relative humidity are recommended for the storage of film to prolong the useful life of the film base and image. For example, color images and acetate based media should be kept in an area maintained below 40° Fahrenheit with 20%-40% relative humidity (RH).

4.4.2.4 Micrographic Records
Micrographic records are managed and stored in accordance with 36 CFR 1238 and include the formats of roll film, computer output microfilm (COM), and microfiche.

Permanent and unscheduled microform records must be stored under the extended storage conditions specified in ISO 18911:2010 and ANSI/PIMA IT9.22-1998, except that the RH of the storage area must be a constant 35% RH, plus or minus 5%. Non-silver copies of microforms must be maintained in a different storage area than silver gelatin originals or
duplicate copies.
Temporary records are stored under conditions that will ensure their preservation for their full retention period (ANSI/AIIM MS45-1990).

4.4.2.5 Magnetic Computer Tapes
Magnetic computer tapes must be maintained at a constant temperature of 62-68° Fahrenheit and a constant RH of 35%-45% (36 CFR 1237.18). In addition, magnetic computer tape containing permanent and unscheduled records are to be statistically sampled annually to discover and correct causes of data loss.

4.4.2.6 Direct Access Storage Media
Media, such as magnetic disks, CDs, DVDs, etc., are maintained at the constant temperatures and relative humidity levels based on recommended storage media or system manufacturers’ minimum standards.
For example:

Magnetic tapes should be stored in dust-free environments, at a constant temperature between 62° and 80° Fahrenheit and between 35% and 45% RH (NIRMA TG 15).
CDs should be stored in cool and moderately dry environments. Recommended conditions: between 39° and 68° Fahrenheit and between 20% and 50% RH (NIST SP 500-252).

4.4.2.7 Cartographic and Related Records
Permanent and unscheduled cartographic, architectural, and engineering records should be maintained in an environment that does not exceed 70° Fahrenheit and with relative humidity under 50% (36 CFR 1237.22).

4.4.2.8 Faxes on Thermal Paper
Facsimile (fax) transmissions are no longer a common means of office communication; however, recipients should still provide for proper handling of fax transmissions that satisfy the legal definition of federal records. To this end, records managers must ensure that all employees are made aware of and understand their responsibilities concerning the preservation of faxes.

Many legacy faxes were made using “thermal paper,” as opposed to plain paper. The images on thermal paper may begin to deteriorate in six months. Thermal papers are sensitive to heat and light, and will react with chemicals found in ordinary office environments (including markers, cosmetics, and some types of plastic folders), and may contain impermanent dyes. As a result, the text may fade, become illegible, or the whole paper surface may darken making the image indistinguishable. Thermal papers can be recognized by their smooth sheen and tendency to curl. All thermal paper faxes that are federal records should be xerographically reproduced on plain paper at the time of receipt, except in the case of transitory documents that do not need to be filed. Plain paper copies that are federal records should be filed in office recordkeeping systems.

4.4.3 Historical Value
Since technology has provided new media for recordkeeping, records maintained in various media, such as electronic or micrographic media, need to be scheduled so that those with historical value are preserved. Historically valuable records should be maintained in sustainable formats. Neglecting historically valuable records may cause them to become lost or unusable. NARA makes the official federal government determination that records are historically valuable by identifying them as “permanent.” Specific record series that contain permanent records are identified in approved records disposition schedules.

Permanent records will eventually be accessioned in their original form unless conversion is required or approved by NARA, in accordance with file format requirements in NARA Bulletin 2014-04, Revised Format Guidance for the Transfer of Permanent Electronic Records. Transformation of electronic records from one format to another could result in changes to the records content, structure, or metadata. Programs maintaining records in formats that do not conform to the Bulletin should coordinate with their local records contact (Section 2.4 Records Management Community) and the appropriate NARA office before migrating, converting, or altering permanent records to meet the NARA format requirements.

Additionally, unscheduled records have the potential to be permanently valuable, historical records. Until such time as NARA determines the records to be of either permanent or temporary value, they are required to be treated as if they are permanent. This will prevent those that really are permanent from being mistreated or lost during the period of time when they remain in the
category “unscheduled.”

4.4.4 Quality Assurance (QA)
Records for work licensed by the U.S. Nuclear Regulatory Commission (NRC) or an NRC Agreement State are subject to the QA requirements of that agency. 10 CFR 50 provides the applicable regulations.

Requirements regarding the preparation, issuance, revision, and maintenance of QA records is described in the DOE O 414.1D, Quality Assurance, or its latest version. It is important to note that the DOE O 414.1D applies all Departmental elements and their associated field elements except for the equivalency and exemptions in paragraph 3c of the order. Quality Assurance Rule 10 CFR 830.120, Subpart A, Quality Assurance Requirements, is applicable to records of the Department and its contractors conducting activities, which include providing items or services that affect or may affect nuclear safety of the Department’s nuclear facilities.

4.4.4.1 Specified Records
For operating and review purposes, maintain the appropriate citation requiring the maintenance and designation so that correlation of the requirement with its performance is clearly demonstrable:

Designation and Maintenance. Unless specifically exempted, the organizations affected by either of the two QA directives must designate QA records in accordance with the applicable directive’s requirements. Additional requirements for control, maintenance, storage, and retention should then be established and applied to the designated records.
Citation. Either the regulation or the directive will require the maintenance of the records series as QA records. Cite the applicable one in the records disposition schedule for each QA records series. Subsequent changes in requirements, if any, can be promptly implemented. In the event of an audit, the auditors may be concerned with reviewing implementation of the applicable
requirements.

4.4.4.2 Optical Disc Storage
NRC Generic Letter 88-18 provides for appropriate quality controls for QA records stored on optical discs:

The technology does not allow deletion or modification of record images.
The image of each record is written onto two discs.
The legibility of each record image is verified to ensure that the image is legible on both discs. If the image is illegible, the hard copy record is maintained as the record copy.
One disc is stored in the document imaging system for online retrieval.
The backup disc is stored in a records storage facility meeting the requirement of ANSI N45.2.9-1974 for single copy storage or in a separate remote location.
To ensure permanent retention, the records stored on an optical disc must be acceptably copied onto a new disc before the manufacturer’s certified useful life of the original disc is exceeded.
Periodic random inspections of images stored on disks must be performed to verify that there has been no degradation of image quality.
If the disk document imaging system in use is to be replaced by an incompatible new system, the records stored on the old system’s discs must be converted into the new system before the old system is taken out of service.

4.4.4.3 Training
Criteria 2, Management/Personnel Training and Qualification of the DOE Order 414.1D, Quality Assurance requires training and maintaining qualifications to perform assigned jobs. Competent designation and maintenance of QA records requires special training to maintain job efficiency. For further information see DOE Order 414.1D.

4.4.5 Senior Officials
Although senior official’s records should be managed and maintained like other records, some special circumstances and considerations must be addressed:

Records of senior officials must be incorporated into files or electronic recordkeeping systems, especially records that were generated electronically on personal computers.
Senior officials must only maintain records needed for current operations at their desks. When a record is finalized or when a case file is closed, the record must be incorporated into an appropriate recordkeeping system.
Policy and decision-making conducted by senior officials verbally (e.g., telephone) over the telephone or in meetings must be adequately and properly documented by preparing a dated and signed memorandum or form identifying the participants and summarizing the conversation or meeting. All personnel should ensure that records of policy and decision making made or received through email and faxes are retained in appropriate recordkeeping systems.
Supporting documents such as drafts and working files for reports, special studies, memoranda, and correspondence that contain high-level policies and decisions, policy formulation, and execution must be incorporated into office files. These supporting documents are needed to fully understand the alternatives and options considered for high-level program initiatives and provide the basis for deciding on a course of action.

4.4.6 Essential Records
DOE O 151.1C, Comprehensive Emergency Management System and 36 CFR 1223 establish the requirements for the Departmental emergency operating records protection. Emergency Operating Records must be available as needed at or in the vicinity of Emergency
Operations Centers (EOCs). Mechanisms should be in place to ensure access to records during emergency situations.
36 CFR 1236 establishes the requirements for the Departmental legal and financial rights records protection program.
Legal and financial rights records require protection, but storage locations do not have to be at or in the vicinity of EOCs. Federal Records Centers (FRCs) or other suitable storage facilities are used for the storage of legal and financial rights records.

5.0 Records Disposition
Records disposition is the third step of the records lifecycle. Disposition refers to the actions taken for
records that are no longer needed for current business. There are four actions that can occur during disposition.

1. Transfer. Records can be moved from one location or a custodian’s physical custody to another. This includes sending them to off-site storage or transfer to another office

Chapter Highlights

Records Schedules
Transfer & Retirement
Destruction of Temporary Records Accession and Pre-Accession of

Permanent Records or department. For transfers other than these two types, the Departmental Records Officer should provide approval.
2. Retirement. Records can be transferred to storage until ultimate destruction or accession. For example, the National Archives
and Records Administration (NARA) Federal Records Centers (FRCs) are storage facilities where federal records are commonly
“retired.”
3. Destruction (Temporary Records). Records can be physically destroyed or can be deleted, depending on the media format,
when they have met retention requirements in an appropriate NARA-approved temporary records disposition schedule.
4. Accession (Permanent Records). A record is considered ready for accession when it is required to be kept permanently and
has met the approved requirements to be given to NARA’s legal custody (and in most cases physical custody as well). NARA
determines which records are permanent through approved records disposition schedules. Accessioned records become the property
of NARA.

5.1 Records Schedules
Records disposition is only achieved after records disposition schedules have been drafted and approved by NARA, which can be
facilitated through your local records management contact.

5.1.1 Records Schedule Process
In brief, the scheduling process includes:

Review of the mission responsibilities and recordkeeping requirements;
An inventory of current files, regardless of media format, which helps identify records held by the program. Inventories are
covered in Section 4;
Matching inventoried records series with existing records disposition schedules; and
Drafting records disposition schedules for records series that do not match an existing records disposition schedule, and obtaining approval from NARA using the Electronic Records Archives (ERA) or DOE F 243.2 Records Scheduling Request

Even the records that are maintained within an Electronic Information System (EIS) (see Section 4.4.2.3) should be scheduled when
not covered by a GRS (44 U.S.C. 3303). As such, all EISs and the associated records must go through the scheduling process (DOE
F 243.5, Electronic Recordkeeping System Questionnaire) as appropriate. Without an approved schedule, the records are not
authorized for destruction and must be held indefinitely until a schedule is approved by the Archivist of the United States. Holding
records indefinitely will expose the department to unnecessary risk of data compromise during a cyberattack, unintentional release
of Personally Identifiable Information (PII), or Freedom of Information Act (FOIA) requests.

5.1.2 Review of Records Schedules
Each program is responsible for complying with the provisions of records disposition schedules and confirming that all of the
program’s records are covered by appropriate disposal instructions. Files should be checked at least annually, by comparing them
with a previously completed records inventory to determine that it is still accurate and that the applicable records disposition
schedules are adequate and are being followed. File plans should be updated as well.
Any program that is the primary office of interest for a program-specific records disposition schedule should review that schedule at
a minimum of every three (3) years to ensure it meets current business needs.
In some cases, the program may determine a schedule needs to be drafted or revised. Some of the reasons that an office or program
may recommend drafting or revising a schedule include:

Records are unscheduled;
The schedule should be cancelled, because the records involved are no longer being created or maintained; and
Retention periods should be updated because relevant business, legal, or historical needs and requirements have changed.

Revisions to current records disposition schedules should be submitted to the Departmental Records Officer through established
channels including your Program Records Official (PRO), or other appropriate records liaison. DOE federal employees and
contractors should contact their local records contact if they notice a schedule is not correct, should be revised, or does not exist for
a particular set of records. DOE employees that are subject matter experts in the area for which a new or revised schedule is being
drafted may be consulted for comments, concerns, and suggestions.
Only after approval by NARA do records disposition schedules become legal disposition authority.

5.2 Transfer & Retirement
Active records should be maintained on-site when the volume of the records is consistent with efficient operations or space allows.
They can be “retired” or transferred to storage when they are no longer active, the project is closed, and are not eligible for immediate
destruction.
Transferring records is the process whereby records are moved from one location or custodian’s physical custody to another. This
includes sending them to off-site storage. Records are usually transferred to off-site storage to retire them, or because a disposition
schedule mandates that they be transferred after a specified period of time or action occurs. The vast majority of federal records that
are transferred are sent to one of the many FRCs, using the Working Capital Fund.
Records should only be transferred to off-site storage when:

Reference rate is low. Transfer files to storage if they are not referred to more than once a month per file drawer, provided that
the cost of shipping them to storage does not exceed the savings to be achieved by reducing the current, more expensive, storage
space used. Files that meet this criterion should be transferred regardless of how urgent the need for reference, important the
records are, their classification, or the extent their use is restricteded.
Retention is more than one year. Ordinarily, files should not be retired to an FRC if they will be destroyed within one year of
the transfer. However, occasionally files with a retention of less than one year may be retired to an FRC if the files are bulky,
continued retention in office space is costly, and the local FRC agrees to the transfer. To determine if records are eligible for
immediate destruction prior to transfer within the next year, review the disposition schedules as noted in Section 5.1.
Volume is more than one cubic foot. Small amounts of records (less than one cubic foot) should not be retired as a sole transfer
action. NARA considers the standard box, measuring approximately 15 X 23 X 10 inches, used to transfer records to a FRC as
measuring one cubic foot. This should be considered the minimum volume to initiate a transfer for the retirement of records.
Records should be retired at annual intervals except when the volume involved warrants more frequent transfers.
No litigation hold or Freedom of Information Act (FOIA) requests cover the records being transferred. Sending records
under a litigation hold or FOIA request to an FRC or off-site storage facility may delay or hinder the response time and increase
the amount of work required.

5.2.1 Types of Records Storage Facilities
Programs must ensure that the storage facility selected for transfer of records is economical and efficient, in order to meet the role
and responsibility of being a good public steward. Fortunately, there are many different types of records storage facilities available
for the housing of DOE records that can be considered:

5.2.1.1 Federal Records Center (FRC)
The Federal Records Centers (FRCs), operated by NARA, provide storage, processing, and servicing of Government records.
Regional FRCs are located throughout the United States. In addition, there are two National Records Centers: The Washington
National Records Center (WNRC), located in Suitland, Maryland, is available for the use of federal agencies in the Washington, D.C., area; the other is the National Personnel Records Center (NPRC) in St. Louis, Missouri
Normally offices will transfer eligible records to the nearest center. Sometimes records may be transferred to another facility based
upon storage capacity of the nearest center or other circumstances. More detailed transfer procedures and information is available from NARA in the FRC Toolkit.

5.2.1.2 National Personnel Records Center (NPRC)
The National Personnel Records Center (NPRC) houses the personnel and pay records of all federal employees. Official Personnel
Folders and related payroll records are transferred to the NPRC’s legal custody, as prescribed in the records disposition schedules.
The records housed at the NPRC will be destroyed in accordance with applicable regulations without clearance from the Department,
as DOE no longer has legal custody or control of the records.

5.2.1.3 DOE Records Centers
DOE programs may maintain their own records centers, as long as they conform to NARA records center standards (36 CFR
1234.30). These records centers may store records for other programs for free or a nominal fee. These DOE records centers are a
potential alternate to storing records in an FRC.

5.2.1.4 Commercial Storage Facility
Some companies provide commercial storage options for agencies. However, caution should be used when contracting with a
commercial storage center as the center should meet NARA standards (36 CFR 1234) and be certified for use by NARA.

5.2.2 Preparing for Transfer
When records become eligible for transfer, it is important that the records custodian coordinate with their Program Records Official
(PRO) and Records Liaison Officer (RLO) (Section 2.4, Records Management Community) and inform them of the nature and
quantity of the records proposed for retirement as well as any additional information that may be required. The PRO or RLO will
coordinate with the records custodian and the DOE Records Management Program (if appropriate) through the entire process.
Some items that should be considered when preparing for transfer of your records:

Screen materials to eliminate non-records, extra copies, and material authorized for immediate destruction. Also remove all
binders or binder clips before boxing the records.
Records should be packed in the appropriate size box, which can be obtained through normal supply channels. Each container
measures approximately 15 X 23 X 10 inches and can hold approximately one cubic foot of records.
Records should not be packed too closely and should be packed upright, like in a file drawer.
Records with different disposal dates should be packed in different boxes.

Additionally, Personally Identifiable Information (PII) should be identified and noted when preparing for transfer.
A box list or index must accompany any transfer. DOE Records Management Program office has provided DOE F 243.6, Box List,
for program use if a local box list is not available. A box list will typically identify the records folder-by-folder within each box of
the transfer. Without a box list, trying to find a record in a box may be costly and time-consuming and may require the temporary
withdrawal of every box within the transfer. Additionally, a box list is required for review during the disposal process to ensure the
records are appropriate for destruction.

5.2.3 Transfer Approvals
Following coordination with your local records official to prepare your transfer, your program may use one of the following methods
to gain approval to transfer your records:

5.2.3.1 ARCIS
ARCIS is an online system, owned by NARA, which allows DOE to conduct all transactions with the FRCs online, including the
transfer process. The system also allows tracking of transactions electronically, giving instant access to information about DOE’s
records housed at the FRCs. Access to the system is controlled by DOE Records Management Program Office, and access is only
granted to designated records contacts.
ARCIS is not yet able to transfer electronic records to an FRC electronically. For more details on how to transfer electronic records
to an FRC, see Section 5.2.5, Transfer of Electronic Records.

5.2.3.2 Standard Form (SF-135), “Records Transmittal Form”
A Standard Form (SF-135), “Records Transmittal Form,” is a legacy form used to transfer records from a federal agency to an FRC.
This form is no longer required but is still available for use should ARCIS access be limited or not available locally.
Currently, records transfers coordinated through the DOE Records Management Program office should be requested via SF-135 to
the DOERM@hq.doe.gov mailbox.

5.2.4 Physical Transfer of Records
The most economical means available should be used to ship files to an FRC. The preferred method of shipment at DOE
Headquarters is through the DOE Courier or Office Movers who will transport your records directly to the appropriate FRC or
records center. If you are shipping from a field site or laboratory, discuss the shipping requirements and processes with your local
records contact.

5.2.5 Transfer of Electronic Records
36 CFR 1235 Subpart C identifies specifications and standards required for transfer to NARA. Some of the standards provided within
36 CFR 1235 include:
5.2.5.1 Transfer Media
NARA accepts most standard media including CDs, DVDs, external drives, etc. However, work with your local records contact prior
to transferring electronic records; NARA should be consulted to ensure that the media is acceptable. Otherwise, delays may occur.

5.2.5.2 Formats
Records shall be in a format that is not dependent on specific hardware or software, written in American
Standard Code for Information Interchange (ASCII) or Extended Binary Coded Decimal Interchange Code (EBCDIC) with all
extraneous control characters removed (except record length indicators for variable length records, marks delimiting a data element,
field, record or file, or Standard Generalized Markup Language (SGML) tags). Records should not be compressed unless NARA has
approved the transfer in the compressed form in advance.
Data files and databases shall be transferred as flat files or as rectangular tables, that is, as twodimensional arrays, lists, or tables. All
records in a database or rows in a relational database should have the same logical format. Each data element within a record should
contain only one data value. A record should not contain nested repeating groups of data items.
Documentation in electronic format shall be transferred as separate files, and the transfer format standards for electronic records
apply also to files that contain documentation. For more information, please review 36 CFR 1235.48.
Permanent records formats should conform to the requirements found in Section 5.4.2, Accessioning Electronic Records.

5.2.6 Reference Requests
Even though records are physically stored in records storage facilities, they are readily accessible to the offices that transferred them.
If records are housed in the FRCs, records staff will request records using ARCIS or the Optional Form 11 (OF-11), “Reference
Request Federal Records Center.”

5.3 Destruction of Temporary Records
Destruction of temporary records should only occur when the records have met or passed the timeframe, or retention, of an
appropriate record schedule (see Section 2.5, Records Schedules). Records that have not met the retention should not be destroyed.
Non-record material should be destroyed when no longer needed for reference. There is no need to obtain approval to destroy nonrecords.

5.3.1 Requirements Prior to Destruction
Regardless of where DOE records are destroyed (whether it is in an FRC, commercial storage facility, or in house), programs should
work to ensure that there is no continuing business need. Sometimes projects can be extended or circumstances not anticipated may
delay the destruction of records. In these cases, the disposition schedule assigned to the records should be re-evaluated to determine
if the approved retention is still applicable to the records or if schedule revision is needed due to new legal, regulatory, or business
requirements. In rare instances, one particular file may have permanent value obviously lacking in the other records found in a series
or system that is already scheduled as temporary.
Additionally, the temporary records should be evaluated for the following considerations prior to destruction.

5.3.1.1 Litigation Holds
Records that are pending for destruction should be reviewed to ensure that no legal holds apply to the records. A legal hold requires
that the Department suspend any disposition of records that affect litigation actions reasonably anticipated or currently in progress.
Holds are identified and issued by General Counsel (GC) and are mandatory. If records under a litigation hold are destroyed, it is
considered an unlawful and/or accidental destruction (44 CFR 1230.3) and the Department must promptly report it to NARA.
Destroying records under a litigation hold can result in severe consequences both for the DOE and the individual. Consequences
include, but are not limited to, fine, imprisonment, and negative media attention.

5.3.1.2 Destruction Moratoriums
A destruction moratorium suspends disposal of affected departmental records. A disposal moratorium of epidemiological records
(also known as the EPI Moratorium) is currently in place within DOE. Any records regarding radiation or toxic exposure must not
be destroyed. Further, it should be understood that documentary evidence of non-exposure, also, may not be destroyed. This latter
aspect (nonexposure documentation) only applies to employment where the potential for exposure exists.
The Department is currently reevaluating and identifying appropriate retention periods for the various epidemiological records that
contain information and data required for epidemiological or other health studies.

5.3.1.3 Freedom of Information Act (FOIA) Requests
Records that are pending for destruction should be reviewed to ensure that no FOIA requests apply to the records. A FOIA request
requires the full or partial disclosure of previously unreleased information and documents, with certain exceptions. Records affected
by a FOIA request must not be destroyed. If records subject to FOIA are destroyed, it is considered an unlawful and/or accidental
destruction (36 CFR 1230.3) and the Department must promptly report it to NARA. Destroying records under a FOIA request can
result in severe consequences both for the DOE and the individual. Consequences include, but are not limited to, fine, imprisonment,
and negative media attention.

5.3.1.4 Security
Classified records should be destroyed according to DOE requirements within DOE O 471.6, Information Security. The decision to
dispose of any DOE document, whether it contains Controlled Unclassified Information (CUI) or not, must be consistent with the
policies and procedures for records disposition.
A document marked as containing CUI must be destroyed by using a strip-cut shredder that produces strips no more than 1/4-inch
wide or by any other means that provides a similar level of destruction that has been approved by the local security office. Some
sites, including DOE Headquarters, require destruction by cross-cut shredders producing particles no larger than ¼-inch wide and 2
inches long. CUI may also be destroyed using methods approved for classified information. CUI must not be placed in recycle bins.
For specific requirements regarding CUI, refer to DOE Order 471.3, Admin Chg 1, Identifying and
Protecting Official Use Only Information and DOE Manual 471.3-1, Admin Chg 1, Manual for Identifying and Protecting Official
Use Only Information. For specific requirements regarding UCNI refer to 10 CFR 1017, Identification and Protection of Unclassified
Controlled Nuclear Information and DOE Order 471.1B, Identification and Protection of Unclassified Controlled Nuclear
Information.

5.3.1.5 Storage Media
When records reach the end of their lifecycle, as identified in an approved records disposition schedule, it is important that DOE
ensures documented information, especially documents with security requirements do not get into the wrong hands (see Section
5.3.1.4). The National Institute of Standards and Technology (NIST) has provided guidelines for media sanitization (NIST SP 800-88) of both
hard copy and electronic media (soft copy). Below are specific storage media types that may have different requirements for destruction.

5.3.1.5.1 Hard Copy
Hard copy media are physical representations of information, most often associated with paper printouts. However, printer and fax
ribbons, drums, and platens are all examples of hard copy media. The supplies associated with producing paper printouts are often
the most uncontrolled. Hard copy materials containing sensitive data that leave an organization without effective sanitization expose
a significant vulnerability to “dumpster divers” risking unwanted information disclosures.
Destruction of hard copy media varies depending on the media used.

5.3.1.5.2 Electronic Media (Soft Copy)
Electronic media are devices containing bits and bytes such as hard drives, random access memory (RAM), read-only memory
(ROM), disks, flash memory, memory devices, phones, mobile computing devices, networking devices, office equipment, and many
other types.
Destruction of electronic media varies depending on the media used. Three main methods of destroying electronic media records
include:

Secure shredding for electronic media such as CDs, DVDs, diskettes, magnetic tapes, cartridges, and microfilm;
Degaussing, which makes data stored on magnetic media unreadable by changing the magnetic properties on the media surface.
Degaussing can be used for hard drives and certain types of removable electronic media, such as backup tapes and digital tapes;
and
Hard drive destruction, (punching/crushing) physically destroys standard computer hard drives, including laptop drives, using
crushing machines.

5.3.1.5.3 Emails
Like any other record, after email is determined to be a federal record, the retention period is governed by NARA-approved records
disposition schedules. Temporary records are held for defined periods of time awaiting destruction and permanent records are
accessioned to NARA for permanent preservation.
Although DOE use of GRS 6.1 is pending NARA approval, via the NA-1005, Verification for Implementing GRS 6.1, it is expected
that all email records will be covered by GRS 6.1 and will be managed and disposed of through a DOE-wide or local recordkeeping
system (see Section 4.4.2.2). Emails that should be kept longer per previously approved case file retention or other record retention,
may be saved in the appropriate location or on appropriate electronic recordkeeping system and disposed of according to those
approved schedules. Government employees and contractors who are uncertain about the disposition of email messages should
contact their local records contact.

5.3.1.6 Quality Assurance (QA)
Although the completion of the Quality Assurance (QA) records maintenance and retention requirements specified in Section 4.4.4,
Quality Assurance must be met, final disposition must be provided for, authorized in, and obtained from records disposition schedules
approved for Departmental application.

5.3.1.7 Donation
In accordance with 36 CFR 1226.26, when the public interest will be served, a Departmental organization may propose the transfer
or donation of records eligible for disposal to an appropriate person, organization, institution, corporation, or government (including
a foreign government) that has requested them. Records must not be transferred without prior written approval of the Secretary or
their designee(s) and NARA. If NARA determines such a proposed donation is contrary to the public interest, the agency must
destroy the records in accordance with the appropriate disposition authority.

5.3.2 Local Destruction of Records
Records may be destroyed locally. Programs should review their file plans and inventories annually to identify records eligible for
destruction and go through the appropriate processes to destroy eligible records. However, the local records contact should always
be consulted prior to destruction to ensure all records considerations are taken into account. Destruction of records locally should be
documented.

Additionally, unclassified records authorized for destruction by NARA-approved records disposition schedules may be:

Placed in secured waste or recycling containers;
Destroyed by any method considered appropriate to ensure confidential destruction, should this action be required to avoid disclosing information having imposed disclosure restrictions;
Erased and reused, if appropriate, when the record consists of magnetic tape or comparable media.

5.3.3 Destruction of Records in an FRC
FRC personnel track the destruction authority for all the records stored at their respective facility. When the approved destruction
date approaches, the FRC will complete and send National Archives Form 13001 (NA-13001), “Notice of Eligibility for Disposal”
to the program with ownership for the record, with a courtesy copy to the DOE Records Management Program Office. The NA13001 details the records eligible for destruction and the authorized destruction date, among other information.
If the records require further clearance before disposal, the FRC will request written concurrence from the Department prior to
destroying the records.
If unusual circumstances require that records be kept longer than their scheduled retention, written justification and an identified time period to retain the records must be provided to NARA as required by 44 USC 2909. If NARA approves the request, the FRC with
custody of the records will hold the records. NARA will not destroy the records until they receive a completed NA-13001.

5.4 Accession and Pre-accession of Permanent Records
Permanent records will never be destroyed and should be accessioned to NARA for continued preservation when they are eligible,
based on the NARA-approved schedule or if they are more than 30 years old (36 CFR 1235.12). NARA accepts legal custody of the
records once they are accessioned and they become NARA’s property.

There are two types of accessions:
1. Direct Offers. These occur when DOE has records on-site. DOE submits a transfer form and, after approval, the records are
accessioned directly from DOE to NARA.

2. FRC Accessions. NARA will notify DOE of records eligible for accessioning as permanent records stored at an FRC. DOE
will submit the transfer form and the records will be accessioned during regularly scheduled moves from the FRC.
Sometimes, in order to preserve permanently valuable records and assume physical custody of permanent records before the records
are scheduled to legally become part of the National Archives, NARA will pre-accession records. In these cases, DOE retains legal
custody until the retention period is met, as set forth in the records disposition authority. Pre-accessioning permits DOE to protect its dissemination program while turning preservation over to NARA. NARA is more likely to pre-accession records when the records:

Are part of an active agency dissemination program; or
Contain highly sensitive information over which DOE wants to maintain access control.

If you think records are appropriate for pre-accessioning, please coordinate with your local records contact.

5.4.1 Requirements Prior to Accession or Pre-Accession
The records should be evaluated for the following considerations prior to accession or pre-accession.

5.4.1.1 Litigation Holds
Records that are pending for accession to NARA should be reviewed to ensure no legal holds apply to the records. A legal hold
requires that the Department suspend any disposition of records (including accession) that affects litigation actions reasonably
anticipated or currently in progress. Holds are identified and issued by General Counsel (GC) and are mandatory. Accessioning
permanent records under a legal hold may result in legal complications or delays.

5.4.1.2 Freedom of Information Act (FOIA) Requests
Records that are pending for accession should be reviewed to ensure that no FOIA requests apply to the records. A FOIA request
requires the Department to provide records, with certain exceptions, at the request of the public. Accessioning permanent records
under FOIA may result in legal complications or delays.
NARA does not consult with agencies regarding the release of unclassified accessioned records. Further, NARA does not apply
FOIA exemption (b)(5) to accessioned records. If DOE believes the records would have to be redacted or withheld in full under
FOIA, the records may not be good candidates for early transfer (NARA Bulletin 2015-01).

5.4.1.3 Loan
Loans of permanent or unscheduled records between federal agencies or non-federal recipients require prior written approval from
NARA, as it increases the risk of the records becoming lost, misplaced, or incorporated into other files. To obtain approval, programs
must work with their local records contact and the Departmental Records Officer to provide NARA with a loan agreement and
request. 36 CFR 12228.12 lists the information required prior to approval.

5.4.2 Electronic Records Archives (ERA)
When accessioning or pre-accessioning records to NARA, the Electronic Records Archives (ERA) should always be used. ERA is
an online system, owned by NARA, designed to preserve and manage NARA’s electronic records and to manage the lifecycle of
paper records and other holdings, including support for records retention schedules and the accessioning process for all federal
records.
Access to the system is controlled by NARA, with review and approval provided by the Department of Energy Records Management.
As access is limited to designated records contacts, employees or contractors looking to accession federal records should work with
their local records contact.

5.4.3 Accessioning Electronic Records
While ERA can accession paper and other physical media of records, ERA can also assist with the transfer of electronic permanent
records. However, NARA has identified some standards for permanent records that may affect or delay accession if the standards
are not implemented.

5.4.3.1 Minimum Metadata Elements
NARA Bulletin 2015-04, Metadata Guidance for the Transfer of Permanent Electronic Records, established minimum metadata
elements that must accompany accessions of permanent records.
In brief, metadata is the “data within the data,” or details that provide the “who, what, where, when, and why” of electronic records.
Some of the metadata items required by the NARA Bulletin 2015-04 are:

Transfer-Level Metadata Elements
Transfer request number – A unique identifier assigned to each accession
File/Item-Level Metadata Elements
File Name – Complete name of the computer file and its extension (example: Document_v1.pst)
Record ID – Unique identifier assigned by an agency or a records management system
Title – The name given to the record
Description – Narrative description of the content of the record
Creator – The agent primarily responsible for the creation of the record
Creation date – Date the file met the definition of a federal record
Rights – Information about any rights or restrictions held in and over the record including access rights, such as national security classification, personally identifiable information (PII), or FOIA Other metadata and related documentation may be provided or may be required by the Bulletin.

5.4.3.2 Recommended File and Folder Naming Conventions
Also within NARA Bulletin 2015-04, Metadata Guidance for the Transfer of Permanent Electronic Records, NARA recommends
careful consideration of the structure and meaning given to file and folder names before accession. Consistently and meaningfully
named folders, sub-folders, and files facilitates the maintenance, identification, and transfer of electronic records. Some of the
guidelines NARA provides for file and folder naming includes:

File paths and file names should not exceed a total of 255 characters.
Folder hierarchy should not be more than eight levels.
Folder titles should not contain a period and file names should not include more than the period (.) , which is generated by the
system extension (example: .pst).
Folder titles and file names should only include combinations of the characters a-z, 0-9, and underscores (_) and hyphens (-).
File names should not have spaces.

5.4.3.3 Formats for Accessioning
NARA has identified specific file formats that are acceptable when accessioning permanent electronic records to NARA in Bulletin
2014-04, Revised Format Guidance for the Transfer of Permanent Electronic Records.
Accessions, however, can be in different formats. NARA assumes that accessions will be permanent records described by schedule
items and will include files that are encoded in a format identified as preferred or acceptable as listed in this guidance. NARA does
not require embedded files, attachments to email messages, or other subsidiary files included in the transfer to conform to the format
categories under which they would fall if they were transferred on their own.
Transformation of an electronic record from one format to another could result in changes to the record content, structure, or metadata.
Anyone maintaining records in formats that do not conform to the Bulletin should contact their local records contact to discuss with
the appropriate NARA office before migrating, converting, or altering the permanent records to meet the NARA format requirements.

Attachment 1 – Definitions
The terms and definitions listed below directly reflect the major topics contained within this handbook.

ACCESSION. Process during which permanent records are transferred from an agency to the legal and physical custody of the
National Archives. May also be referred to as “Transfer of permanent records.”

ADMINISTRATIVE RECORD. Information that is needed for day-to-day operations within the Department, typically of a
housekeeping nature.

ADMINISTRATIVE RECORDS SCHEDULE. DOE scheduling guidance products designed to be customized listings of records as
they pertain to the Department of Energy. Contain both NARA General Records Schedules (GRS) as well as any NARAapproved DOE specific records disposition schedules of an administrative nature.

CAPSTONE APPROACH. NARA-sponsored approach that offers agencies the option of using a more simplified and automated
approach to managing email, allowing for the categorization and scheduling of email based on the work and/or position of
the email account owner.

CASE FILE. Type of file, regardless of media, that documents a specific action, event, person, place, project, or other matter.

CLASSIFIED INFORMATION. Material that is categorized as sensitive information, requiring protection of confidentiality,
integrity, or availability. Access is restricted by law or regulation to particular groups of people, and mishandling can incur
criminal penalties.

CONTRACTOR-OWNED RECORD. Information that is received, created, or compiled by contractors that is considered the
property of the contractor and does not fall within the scope of governmentowned records. Typically outlined within the
contract.

CONTROLLED UNCLASSIFIED INFORMATION (CUI). Material that is categorized as unclassified but requires certain levels
of control. CUI replaces categories such as For Official Use Only (FOUO), Sensitive But Unclassified (SBU), and Law
Enforcement Sensitive (LES) categories.

CURRENT RECORD. Documented information used on a daily basis and is necessary to conduct the business of an office and,
therefore, is generally maintained in office space, unless space is at a premium.

CUTOFF. Direction contained within a records disposition schedule that recommends when records in a file, series, or system
should be cut off, or broken, at regular intervals, usually annually, to permit their disposal or transfer in complete blocks
and, for correspondence files, to permit the establishment of new files. Cutoff may also be referred to as: “file cutoff” or
“file break.”
DISPOSITION. Stage of the records lifecycle that encompasses multiple actions:

Destruction of temporary records
Offer and accession of permanent records accepted to the National Archives
Retirement or transfer of temporary or permanent records to a records storage facility
Transfer of records from one office or agency to another
Donation of records to a Government or non-Government entity

DISPOSITION MORATORIUM. Departmental or agency requirement that suspends disposition of affected departmental records.
May also be referred to as “records moratorium.”

DOCUMENTARY MATERIAL. Collective term for records, non-record materials, and personal papers. Regardless of the media,
method, or circumstances of how the information is recorded.

ELECTRONIC INFORMATION SYSTEM (EIS). System that contains and provides access to computerized federal records and
other information.

ELECTRONIC MAIL (EMAIL). Type of electronic format in which a digital message is distributed from an author to one or more
recipients, via a network and computer system.

ELECTRONIC RECORD. Information that is recorded in a form that only a computer can process and that satisfies the definition
of a record.

EMERGENCY OPERATING RECORD. Type of essential record that is essential to the continued functioning or reconstitution of
an organization during and after an emergency.

ESSENTIAL RECORDS. Information that is essential to the continued functioning or reconstitution of an organization during and
after an emergency and also essential to protecting the rights and interests of that organization and of the individuals directly
affected by its activities. May also be referred to as: “vital records.”

FEDERAL RECORDS ACT. Statute that details the preservation storage, and management of federal records.

FEDERAL RECORDS CENTER (FRC). Facility that was established for the receipt, maintenance, servicing, and disposition of
records that are retired in accordance with NARA-approved records disposition schedules. NARA operates a system of FRCs
that DOE is authorized to use.

FILE CUSTODIAN. Individual responsible for the establishment, maintenance, and operation of file stations within their
organizational units. Also referred to as: “record-keeper,” or “record custodian.”

FILE STATION. Organizational unit where records are maintained.

FREEDOM OF INFORMATION ACT. Law that allows for the full or partial disclosure of previously unreleased information and
documents, with certain exceptions, at the request of the public.

FROZEN RECORD. Information that cannot be destroyed per the NARA-approved schedule because special circumstances, such
as a court order or a legal investigation, requires the temporary extension of the approved retention period.

GENERAL RECORDS SCHEDULE (GRS). NARA-drafted and approved disposition schedules for records common to federal
agencies. All agencies are required by law to follow the GRS disposition instructions, unless an agency has received an
exception to a schedule item from NARA.

GOVERNMENT-OWNED RECORD. Information that was received, created, or compiled by the officers and employees of the
Department and contractors for the use of government or contractor in performance under contract.

INACTIVE RECORD. Information that is no longer required for regular reference and access to conduct DOE business. May or
may not be eligible for disposition as identified in the DOE and GRS schedules. Records that have not met the required
retention period are usually transferred to a storage area or facility. May also be referred to as: “Noncurrent record.”

LEGAL AND FINANCIAL RIGHTS RECORD. Type of essential record that is essential to protect the legal and financial rights of
the Government and of the individuals directly affected by its activities.

LITIGATION HOLD/FREEZE. Mandatory requirement issued by the DOE General Counsel (GC) that the Department suspend any
disposition of records that affect litigation actions reasonably anticipated or currently in progress. May also be referred to as
“legal hold” or “legal freeze.”

MEDIA. Physical form of recorded information. Includes paper, film, disk, magnetic tape, and other materials on which information
can be recorded. May be used interchangeably with “format.”

MISSION ESSENTIAL FUNCTIONS (MEF). Set of department and agency level government functions that must be continued
throughout or resumed rapidly after a disruption of normal activities; enables DOE to provide vital services, exercise civil
authority, maintain safety of the public, and sustain industrial/economic base during disruption of normal operations.

NON-RECORD MATERIAL. Information, contained on any media, which has no documentary or evidential value and does not
meet the definition of a record.

OFFICIAL USE ONLY (OUO). Information that, when released to an unauthorized person, could damage Governmental,
commercial, or private interests and may be exempt from public release under the Freedom of Information Act (FOIA).

PERMANENT RECORD. Information appraised by NARA as having sufficient historical or other value to warrant continued
preservation by the federal government beyond the time needed for administrative, legal, or fiscal purposes.

PERSONAL PAPER. Information belonging to an individual that is not used to conduct official business. Relates solely to the
individual’s own affairs and is used exclusively by the individual for personal convenience. May also be referred to as:
“personal files” or “personal records.”

PERSONALLY IDENTIFIABLE INFORMATION (PII). Information that may be used on its own or with other information to
identify, contact, or locate a single person, or to identify an individual in context. Examples of PII include: Full name, home
address, email address, national identification number, social security number, passport number, driver’s license, face,
fingerprints, or handwriting, etc.

PRE-ACCESSIONING. Process during which NARA assumes physical custody (for preservation purposes) permanently valuable
electronic records, before the records are scheduled to legally become part of the National Archives of the United States.

PRIMARY MISSION ESSENTIAL FUNCTIONS (PMEF). Mission essential functions that must be performed in order to support
the performance of National Essential Functions (NEFs) before, during and in the aftermath of an emergency. These functions
should be continuous or resumed within 12 hours of an event and maintained for up to 30 days or until normal operations can
be resumed

PRIVACY ACT. Code of fair information practices that governs the collection, maintenance, use, and dissemination of information
about individuals that is maintained in a system of records by federal agencies.

PROGRAM RECORD. Information that documents the unique and substantive functions for which DOE is responsible, in contrast
to administrative records.

PROGRAMMATIC RECORDS SCHEDULE. Approved records disposition schedule that covers the unique program records held
by any DOE or contractor office.

QUALITY ASSURANCE. Standard or requirement that ensures products and services meet or exceed DOE’s quality objectives.

RECORD. Recorded information, regardless of form or characteristics, made or received by a federal agency under federal law or
in connection with the transaction of official business, and preserved or appropriate for preservation by that agency or its
legitimate successor as evidence of the organization, functions, policies, decisions, procedures, operations, or other activities
of the U.S. Government or because of the informational value of data in them.

RECORD DISPOSITION SCHEDULE. Approved schedule that identifies mandatory instructions for what to do with records
when they are no longer needed for current business. Authorizes the final disposition of recurring or nonrecurring records.
May also be referred to as: “records schedule,” “records retention schedule,” “records retention and disposition schedule,”
”schedule,” or “records schedule.”

RECORD HOLDING AREA. On-site record storage area or space, often staffed on a part-time basis, for the economical storage of
inactive records pending their destruction or transfer to an FRC.

RECORD LIFECYCLE. Management concept that records pass through three stages:
1. Creation/receipt
2. Maintenance and use
3. Disposition

RECORD MANAGEMENT. Planning, controlling, directing, organizing, training, promoting, and other managerial activities related
to the creation, maintenance and use, and disposition of records to achieve adequate and proper documentation of federal
policies and transactions and effective and economical management of agency operations.

RECORD SERIES. File units or documents arranged according to a filing system or kept together because they relate to a particular
subject or function, result from the same activity, document a specific kind of transaction, take a particular physical form,
or have some other relationship arising out of their creation, receipt, or use, such as restrictions on access and use. Records
within one series are generally handled as a unit for disposition purposes. May also be called a “file series.”

RECORD STORAGE FACILITY. Specifically designed for the storage of records. Can include DOE and commercial storage
facilities and FRCs.

RETENTION. Length of time in which records should be kept or retained. Retentions must be approved by the National Archives
and Records Administration (NARA).

RETIREMENT. Process during which inactive records are transferred to an agency storage facility or an FRC (See also: “Transfer”).

SENIOR OFFICIAL. Heads of departments and independent agencies; their deputies and assistants; the heads of program offices and staff offices including assistant secretaries, administrators, and commissioners; directors of offices, bureaus, or equivalent; principal regional officials; staff assistants to those aforementioned officials, such as special assistants, confidential assistants, and administrative assistants; and career federal employees, political appointees, and officers of the Armed Forces serving in equivalent or comparable positions. May also be referred to as “High Level Official.”

SEMI-ACTIVE RECORD. Information that is seldom required to conduct business and can be moved to a holding area or directly
to an off-site records center.

SENSITIVE BUT UNCLASSIFIED (SBU). Designation of information in the U.S. federal government that, although unclassified,
requires strict controls over distribution.

SITE-SPECIFIC RECORD SCHEDULE. Schedule that covers records held by a specific Departmental or contractor office. Only
the site identified in a site specific schedule may use it, unless an exception has been granted by the Department of Energy
Records Management Program and/or NARA.

SOCIAL MEDIA. Web service or application that enables users to create and share information, ideas, or other content.

SYSTEM OF RECORD. Systems that hold records that contain Personally Identifiable Information (PII) and can be retrieved.

SYSTEM DEVELOPMENT LIFECYCLE (SDLC). Process that plans, creates, tests, and deploys information systems.

TEMPORARY RECORD. Information that is approved by NARA for destruction, either immediately or after a specified retention
period.

TRANSFER. Process during which records are moved from their current location to an off-site records storage center, whether FRC
or commercial, or other office or program.

UNSCHEDULED RECORDS. Information that cannot be matched to any currently approved records disposition schedule and for
which final disposition has not been approved by NARA

(Visited 573 times, 1 visits today)

Written by MJ