Records management (RM) refers to the practice of maintaining the records of an entity, enterprise, company, corporation, or organization (collectively referred to hereinafter as “organization”) from the time they are created up to their eventual disposal. RM is primarily concerned with a record of an organization's activities. RM functions may include classifying, storing, securing, and destruction (or in some cases, archival preservation) of records. In recent years, compliance regulations and statutes such as the Sarbanes-Oxley Act have created concerns among organizations regarding RM practices. Ideally, RM should be flexible enough to adapt to both existing and ever-changing regulations, statutes, standards, and best practices, however, in practice and with these lofty goals in mind, sufficient and effective RM can be quite a challenge for many organizations to achieve.
The general principles of records management apply to records in any format. Digital records, however, can raise technical challenges that can have important implications for the authenticity, reliability, and trustworthiness of records. For example, it is more difficult to ensure that the content, context and structure of records is preserved and protected when the records do not have a physical existence or counterpart. Additionally, these records may reside in data storage systems employing different architectures and/or having various levels of sophistication in lifecycle management, if any at all.
A record's lifecycle consists of discrete phases covering the lifespan of the record from its creation and inception to its final disposition and deletion. Once a record is created in an organization, controls may be set by its owner, a records repository, or an authorized user to regulate its access and distribution. For example, an administrator may set role privileges on a repository allowing users having certain roles access to particular records stored in the repository. Software such as lifecycle management systems and/or records management systems may identify the original record, versions of the record, copies of the record, and distribution of the record. Maintenance of the record may be carried out in many ways. For example, records may be formally and discretely identified by coding and stored in folders specifically designed for protection and storage capacity, or they may be informally identified and filed without indexing.
In an organization, those who are responsible for such software systems may be referred to as records managers. Records managers are charged in controlling and safeguarding the records of the organization and often use lifecycle management systems and/or records management systems to manage the creation, access, distribution, storage, and disposition of records in compliance with laws and regulations governing RM practices.
FIG. 1 offers a glance into the complex world in which a records manager operates. As illustrated in FIG. 1, records and information 90a-e owned by organization 100 may reside in various data storage systems 80a-e. This is due in part because the creation of such records and information may occur in response to different needs and/or organizational processes. Moreover, the control of organizational records and information is often distributed across departments and locations within an organization.
Additionally, these data storage systems may run on different platforms and utilize different architecture to store records. Consequently, records manager 10 may need to utilize separate software systems such as records management systems 30b, 30c, 30d, and lifecycle management systems 40a, 40b, 40e to enforce corporate policy 20 on content lifecycle and records compliance. For example, records manager 10 may use records management systems 30b, 30c, 30d to perform records management tasks on records/documents/files 90b, 90c, 90d stored on enterprise content repository 80b, file share 80c, and laptop 80d, respectively, and use lifecycle management systems 40a, 40b, 40e to perform lifecycle management tasks on records/documents/files 90a, 90b, and 90e stored on content server 80a, enterprise content repository 80b, and mobile device 80e, respectively.
It can be seen from FIG. 1, records manager 10 may perform these tasks in an ad hoc, sporadic, disjointed, and brute force manner as each lifecycle or records management system may be specific to a certain data storage system and may not be used to manage records and information stored on other data storage systems in the organization and so records manager 10 needs to address, control, and update each system separately.
Furthermore, as exemplified in FIG. 1, records manager 10 often would need to understand multiple records management and/or lifecycle management systems and know how to use them in order to manage records and information for an organization. As the organization continues to create records, data storage systems and machines employing new storage architectures and/or technologies may be acquired and used to store its records and information, adding new challenges and further pitfalls to records managers.