When we talk about records management on this blog, we often use the “R.I.M.” or “RIM” acronym as a shorthand way to refer to the “records and information management” field. Records management (RM) is no longer a siloed discipline; RIM practitioners need to manage records within the entire information landscape of their organizations.
Beyond the retention of records, information managers need to consider information security, regulatory compliance with privacy laws, and the infrastructure we use to store and manipulate our raw data—regardless of the “record status” of the information (see 6 LGC 201.003 for what is included in the legal definition of a record, and what is not). In a nutshell, this is information governance.
ARMA defines “information governance” as “the overarching and coordinating strategy for all organizational information. It establishes the authorities, supports, processes, capabilities, structures, and infrastructure to enable information to be a useful asset and reduced liability to an organization, based on that organization’s specific business requirements and risk tolerance.”
That sounds great! But how is information governance any different than records management? After all, records management also involves security policies, regulatory compliance, and complete lifecycle management. The key difference lies in the distinction between the terms “information” and “record.” Records are always information, but information is not always a record. For example, a completed W4 form is a record, and it provides information about an employee’s tax withholding preferences. However, a blank W4 form is not a record, even though it provides useful information about tax withholding in general.
The Records Lifecycle
The records lifecycle is a key concept in records management. It describes the journey of a government record, from its creation to its final disposition. It is a useful tool that helps us consider how records might need to be managed differently, depending on their current purpose and function.
The lifecycle starts with the creation or receipt of a record. For example, you may write a report (creation), or you may receive a complaint via email (receipt).
Then, we have the retention and maintenance phase when the record is in active use. The length of this phase will vary widely. Some records (such as transitory information) may only stay in this phase for as little as a day, and some may be in active use for as long as 75 years (like employee service records)—it just depends on the administrative and historical value of the record.
The disposition phase is last. This is the part of the life cycle where the record is destroyed if it has met the minimum retention period or, if it is a permanent record or has historical value, it can be transferred to an archives for long-term preservation.
The Records Management Officer oversees records for this whole life cycle, from beginning to end.
The information lifecycle adds a few extra phases to the traditional records lifecycle. Specifically, it breaks the retention and maintenance phase into four distinct phases: collaboration, version control, retention/storage, and holds/discovery. The first phase is also adjusted to start with the capture of documents—this is the moment when a document is first stored in an information system (i.e., a new document is created, scanned, or uploaded into an information system). The information lifecycle applies to all documents created and received by an organization, in addition to government records.
After a document is captured, employees collaborate by adding data, editing information, approving or denying requests, adding metadata, etc.
Records managers must have a way to implement version control and easily distinguish drafts from final versions and revisions.
Retention / Storage
When documents are no longer being edited, they must be placed in appropriate storage for their full retention period (or useful life, if not a record). “Appropriate storage” means that you have the right infrastructure to keep your documents accessible, readable, and secure. This will depend on the file format, whether the information is confidential, how often the information needs to be accessed (and by whom), the value of the information, and any regulatory compliance requirements.
Holds / Discovery
When documents are in these maintenance phases, records managers must also have ways to identify and segregate records that are subject to any legal holds, discovery, audits, public information requests, or administrative reviews.
Information governance is more comprehensive than records management in many of these lifecycle phases. For example, responses to e-discovery must include all responsive information, regardless of its status as a record or non-record. Additionally, non-record data may have administrative value and may contain confidential information that must be safeguarded, even if it does not have any records retention requirements.
Secondary Uses for Information
What types of information might require extra consideration from an information governance perspective?
- Raw Data
- Generally, raw data may not be considered a record because it is not documenting any specific government business. It may be used to create reports, bolster planning studies, or drive management decisions (and should be retained as long as the related records are retained), but the data itself does not really “do” anything and may not document any specific government business.
- Still, you can put the data to work—it is an information asset! Mine that data for customer insights or share data to collaborate within your governmental entity, with other agencies, and/or with stakeholders.
- Raw data may not always be a record, but that does not mean you don’t have to protect it. Privacy laws and disclosure requirements apply to all data regardless of its record status. Safeguard any personally identifiable information (PII) or protected health information (PHI).
- Reference Collections and Subject Files
- Record and non-record photographs, videos, and sound clips can be used for public relations and engagement with the public.
- Having knowledge databases and “ready reference” collections on hand can decrease your customer service response times and improve your responses to requests for information.
- Physical artifacts that contain historical information, such as plaques or museum objects like flags, can be preserved and displayed as part of your public outreach efforts.
For more information about getting into the information governance mindset, check out ARMA’s free Information Governance Implementation Model (IGIM).