Good records management is essential for any corporate body to function effectively. The National Records of Scotland (NRS) is regularly asked for advice on records management by all sorts of bodies. Below is an introduction to records management looking at
- What is records management?
- Why is records management necessary?
- The benefits of records management
- The principles of good records management
- The definition of 'document' and 'record'
Records management is the systematic control of an organisation's records, throughout their life cycle, in order to meet operational business needs, statutory and fiscal requirements, and community expectations. Effective management of corporate information allows fast, accurate and reliable access to records, ensuring the timely destruction of redundant information and the identification and protection of vital and historically important records.
Information is every organisation's most basic and essential asset, and in common with any other business asset, recorded information requires effective management. Records management ensures information can be accessed easily, can be destroyed routinely when no longer needed, and enables organisations not only to function on a day to day basis, but also to fulfil legal and financial requirements. The preservation of the records of government for example, ensures it can be held accountable for its actions, that society can trace the evolution of policy in historical terms, and allows access to an important resource for future decision making.
Legislation is increasingly underlining the importance of good records management, in addition to being sound business practice. Compliance with Acts such as Freedom of Information and Data Protection is underpinned by effective records management: without properly organised and retrievable records, requests for information governed by statutory response timescales will be impossible to service. Indeed, section 61 of the Freedom of Information (Scotland) Act 2002 is the 'Code of practice as to the keeping, management and destruction of records'.
The Public Records (Scotland) Act 2011 places an obligation on named public authorities to prepare and implement a records management plan which sets out proper arrangements for the management of their records. More information and guidance about the Act is provided on our Public Records (Scotland) Act pages and we have also published the National Records of Scotland's own records management plan.
Organisations are also producing increasingly large amounts of information and consequently greater volumes of records, in both paper and electronic form. It is essential that information is captured, managed and preserved in an organised system that maintains its integrity and authenticity. Records management facilitates control over the volume of records produced through the use of disposal schedules, which detail the time period for which different types of record should be retained by an organisation.
The growth in electronic communications and data, from emails to databases, presents new challenges, but can be managed by the same records management principles that are applied to paper documents. Sound records management is also an essential basis for the transition to EDRM (Electronic Document and Records Management) that many organisations are embracing. In the public sector this has been driven in part by E-government targets, where public services are to be made available electronically. Where existing paper based systems are poorly managed, current problems will simply be migrated to a new electronic system unless they are addressed in the preparations for EDRM.
Modern society has rising expectations concerning the accessibility of information. People now expect efficient and speedy responses to requests for information, and a policy of 'open government' has been followed and developed by several successive governments.
Systematic management of records allows organisations to:
- know what records they have, and locate them easily
- increase efficiency and effectiveness
- make savings in administration costs, both in staff time and storage
- support decision making
- be accountable
- achieve business objectives and targets
- provide continuity in the event of a disaster
- meet legislative and regulatory requirements, particularly as laid down by the Freedom of Information (Scotland) Act and the Data Protection Act
- protect the interests of employees, clients and stakeholders
Records management offers tangible benefits to organisations, from economic good practice in reducing storage costs of documents, to enabling legislative requirements to be met. An unmanaged record system makes the performance of duties more difficult, costs organisations time, money and resources, and makes them vulnerable to security breaches, prosecution and embarrassment. In an unmanaged records environment, up to 10% of staff time is spent looking for information.
The dangers of corrupted records management have been illustrated in recent years through scandals such as those at Enron in the USA, which involved the destruction of vital records. Poor records management, with the unintentional loss of documents, has caused embarrassment to organisations from government departments to small businesses.
The importance of records can be put in context by events in South Africa where records of the proceedings of the Truth and Reconciliation Commission's hearing against President Botha about his actions during the period of apartheid have been destroyed, and therefore details of this historically important event lost forever in their original form.
The guiding principle of records management is to ensure that information is available when and where it is needed, in an organised and efficient manner, and in a well maintained environment. Organisations must ensure that their records are:
It must be possible to prove that records are what they purport to be and who created them, by keeping a record of their management through time. Where information is later added to an existing document within a record, the added information must be signed and dated. With electronic records, changes and additions must be identifiable through audit trails.
Records must accurately reflect the transactions that they document.
Records must be readily available when needed.
Records must be sufficient in content, context and structure to reconstruct the relevant activities and transactions that they document.
Records must document the complete range of an organisation's business.
Records must comply with any record keeping requirements resulting from legislation, audit rules and other relevant regulations.
Records must be maintained for specific purposes and the information contained in them must meet those purposes. Records will be identified and linked to the business process to which they are related.
Records must be securely maintained to prevent unauthorised access, alteration, damage or removal. They must be stored in a secure environment, the degree of security reflecting the sensitivity and importance of the contents. Where records are migrated across changes in technology, the evidence preserved must remain authentic and accurate.
In records management it is important to be clear about the difference between a document and a record.
A document is any piece of written information in any form, produced or received by an organisation or person. It can include databases, website, email messages, word and excel files, letters, and memos. Some of these documents will be ephemeral or of very short-term value and should never end up in a records management system (such as invitations to lunch).
Some documents will need to be kept as evidence of business transactions, routine activities or as a result of legal obligations, such as policy documents. These should be placed into an official filing system and at this point, they become official records. In other words, all records start off as documents, but not all documents will ultimately become records.