How to keep emails - Society of American Archivists
Download
Report
Transcript How to keep emails - Society of American Archivists
Electronic Records
Management at VMFA
Courtney Yevich
VMFA Archivist
February 2008
[email protected]
What is a public record, and why
do you need to care?
“The detailed warrants gave the agents
broad authority to search the museums'
galleries, offices, storage areas and
computer archives. They were looking for
objects and records related to the
primary targets of the investigation.”
Los Angeles Times, January 25, 2008
Virginia Public Records Act (VPRA)
• Recorded information that documents a transaction or
activity by or with any public officer, agency or
employee of an agency
• The medium upon which such information is recorded
has no bearing on the determination of whether the
recording is a public record
Source: Virginia Public Records Act, Code of Virginia,
Section 42.1-77
Are e-mail messages public
records?
ABSOLUTELY!
• More and more business is conducted by e-mail,
replacing memos and letters
• State agency employees are responsible for managing
all of their e-mails, including messages sent and
received
Is e-mail subject to FOIA?
ABSOLUTELY!
• E-mail records are subject to the same accessibility
requirements as other public electronic records – they
are exempt from access only if they fall within the
exemptions provided under FOIA
• Requests from the public for e-mail records must be
honored in the same manner as other public records
• E-mail records must remain accessible during their entire
retention period and should be maintained in such as
manner as to permit easy access and timely retrieval
Exemptions from FOIA
•
•
There are many types of state agency information that are exempt from FOIA
discovery, including:
– Personnel information
– SSNs and other indentifiable personal information
– Security information (system plans, codes, etc.)
– Identifying financial information (account numbers, etc.)
– Legal counsel
– Minutes from closed session trustee meetings
– Unpublished scholarly research
Additionally, the museum is committed to protecting:
– Values of art (appraisals, insurance, etc.)
– Dealer correspondence
– Conservation evaluations
– Insurance policies for art
– Terms of anonymous gifts
– Sales transactions
– Other sensitive donor information (especially of a financial or contractual nature)
Employee responsibilities
• As an employee of a state agency, you must manage all
of your information assets, both paper and electronic. If
you don’t, you can create serious legal, operational and
public relations risks from the museum
• Moreover, you can lose your job, be bought to trial, or
even go to jail for up to five years…
“If any person steal or fraudulently secrete or destroy
a public record or part thereof, he shall be guilty of a
Class 6 felony.”
Source: Code of Virginia, Section 18.2-107
What is a public record?
• Administrative records
-Correspondence, annual reports, calendars,
meeting agendas, meeting minutes, org charts
• Financial records
- Contracts, budget materials, reports
• Personnel files
• Research files
• Fundraising / grant records
-Reports, expenses, applications
• Policies and procedures
• Publications
-Final drafts, production files
• Program files
-Course listings, descriptions, logs
What is not a public record?
• Reference materials
-Articles, booklets, flyers, newsletters
• Blank forms or templates
• Copies of materials for distribution*
-Policies, procedures
• Transactional e-mail / announcements
-Meeting times, lunch dates, staff association
events, holiday schedules
• Listserv messages
• Personal e-mail
• Personal electronic files
-Photos, errand lists, itineraries
*If you are not the original distributor
Records appraisal
All of the values below will be considered when determining
which records are permanent or temporary, and if so,
how long to keep them:
• Administrative: continuing utility in the operation of the agency
• Fiscal: documents and verifies financial authorizations, obligations,
and transactions
• Legal: documents actions taken in the protection and proving of
legal or civil rights and obligations of individuals and the agency
• Historical: contains unique information, regardless of age, that
provides understanding of some aspect of government and
promotes the development of an informed and enlightened citizenry
Records retention schedules
Schedule
Number
Series Name
and Number
GS-102
Series
Description
Checks and Checking – 012096
This series contains reports, cancelled checks, returned
checks, check registers, checking statements, and
other records relating to the agency’s checking
accounts.
Retain 3 years or until audit, whichever is longer, then
destroy.
Disposition
Statement
Retention
Statement
Record
Did you create it?
Is this a copy
of a record another
dept. keeps?
Did you receive it?
From outside
agency
Is your department
the official
record creator?
From inside
agency
You
changed it
Delete when no
longer needed
You didn’t
change it
Delete –
sender
should file
Determine type of record
Informational
or reference
Delete when no
longer needed
Temporary
record
Permanent
record
File and delete
according to
retention period
Print or file for
permanent retention
Storage and destruction of
paper records
• Separate temporary records from permanent records
and box them separately; remove hanging files and
make sure file folders are labeled; label the boxes well,
including dates
• By state law, all original records destruction must be
documented and signed off on by the records officer and
the COO
• If you do destroy any duplicate copies of records and it
contains sensitive, personal information, it MUST be
destroyed properly to avoid identity theft. Treat it as if it
was your own personal information!
Recent changes to the VPRA –
timely destruction of records
• Temporary records created after July 1, 2006 must be
destroyed in a “timely manner,” within one year of the
retention period expiring
• Records that contain identifying information must be
destroyed within six months of the expiration of the
records retention period
• Identifying information is defined as the presence of any
one or more of the following:
–
–
–
–
–
–
–
–
Social security number
Driver's license number
Bank account number
Credit or debit card number
Personal identification number (PIN)
Electronic identification codes
Automated or electronic signatures
Passwords
Electronic records
management challenges
• The ease of copying and modification – the great
advantage of digital media – is a major liability
• Media degradation and obsolescence (hardware)
• Format obsolescence (software)
• Uncontrolled accumulation and duplication
• Ease of uninformed and unintentional destruction
• Maintaining records in a way that will enable retrieval of
all records relevant to a transaction when they are
needed in the future
Solution: cooperation between records management staff,
administration, legal counsel, information technology
staff, and all agency staff
Good electronic
recordkeeping practices
• Do not save permanent records to your hard drives!! Overall, save
everything you can to your shared network drive, which is secure
and backed up daily
• Ensure that consistent descriptive information is found in each file
(title, author, date, etc.) to create context
• Model your folder structure on your departmental retention schedule
and/or on your paper files
• Do not duplicate files on your networked drive that also reside on
your department’s shared drive
• Do not create a folder structure based on the program used (Word
files, Excel files) because that doesn’t tell you anything about the
content of the files inside
File naming tips
File names must be unique so that if they are moved from one location
to another, they will not be confused with another file (i.e. don’t
create two folders called “Spr08” and “Win08” and just name the file
in each “Report”)
Common elements of file names:
•
•
•
•
•
•
Version number (v1, vers1)
Date of creation (021408, 02_14_08, 20080214)
Name of creator (RBSmith, RBS)
Description of content (Medkit, Report, Corr)
Intended audience (Pub, Int, Conf)
Name of group associated with record (CommABC, Trustee)
Always include the date (at least the year) in file or folder names for
temporary records because that will make destruction compliance
much easier!
Storage media options
• The best place to store any electronic record is on the
museum’s server spaces because they are secure and
backed up daily.
• Portable storage media (CDs, DVDs, USB drives, etc.)
all pose security and data loss risks.
• Even when properly cared for, all storage media has
limited life expectancy – affected by quality, age,
condition before and after recording, handling, frequency
of access, and storage conditions.
• If you do need to put information on storage media, you
should only save temporary information there, anything
that has a lifespan of less than 5 years.
• CD-Rs are the preferred storage media right now – they
are more stable than CD-RWs and DVDs and USB
drives are still rapidly changing technologies.
E-mail is managed by
its content, not its format.
You will not find “e-mail” on any retention schedule
When is e-mail a record?
• Approve or authorize actions or expenditures
• Formal communications between staff, such as
correspondence or memoranda relating to official
business
• Signify policy change or developments
• Create precedents, such as messages issuing
instructions or advice
• Involve negotiations on behalf of the museum
• Have enduring value for other people or the museum as
a whole
What is e-mail not a record?
Delete messages with short-term value, such as:
• Reference materials
-Newsletters
• Copies of materials for distribution*
-Policies, procedures
• Transactional e-mail / announcements
-Meeting times, lunch dates, staff association
events, holiday schedules
• Listserv messages
• Personal e-mail
• Spam
*If you are not the original distributor
(1) From: Wally
To: A1 Asphalt
Subject: Contract clarification
Message: This is a good question. The intent of that item in the contract is to…
(2) From: Commissioner Patterson
To: All Staff
Subject: E-mail policy
Message: Please read carefully and comply with the following e-mail policy…
(3) From: Kevin
To: Daniel
Subject: Re: Draft for review
Message: Sorry about the delay. See what you think about this draft and get back to
me by Thursday…
(4) From: Brad
To: Mindy
Subject: Committee appointment
Message: You have formally been appointed to the Department Improvement
Committee…
(5) From: Laura
To: Staff on the 9th Floor
Subject: Party Announcement
Message: Join us on December 18th for our annual holiday celebration. This year
we hope…
(6) From: Hugh
To: Sarah
Subject: Fwd: Joke
Message: Here’s a good one! A giant grasshopper goes into a bar…
(7) From: Sandra
To: Jane
Subject: Information for annual report
Message: Here are the statistics I gathered for the annual report. Let me know if…
(8) From: Leon
To: Roger
Subject: Letter of complaint
Message: Dear sir, I feel compelled to send you this complaint about the people
working in your department…
(9) From: Kelly
To: John
Subject: Not feeling well
Message: Sorry I’ve been out of the office, but I have been battling this terrible cold
for days now. Can you please let me know what…
(10) From: John
To: All Managers
Subject: Instructions for travel form
Message: Here are the instructions for filling out the newly updated travel form…
What to do with e-mails
that are records?
• Do they have enduring value?
At this point, truly important permanent e-mail should be
printed and stored with other paper files, or kept in
Outlook
• Do they have temporary value?
Store on acceptable media for required length of time –
in Outlook, on storage media (CDs, DVDs, flash drives,
etc.), or on a networked hard drive
When in doubt, print it out!
A word about printing
Print version must include:
• Addresses of specific recipients (including Cc and Bcc
fields), not names of distribution lists
• Address of the sender
• Date and time the message was sent and/or received
• Subject line
• Body of e-mail message
• All attachments
How should you organize
your e-mail?
(1) No filing system: creating no folders, keeping all emails in inbox
(2) Filing system: simple filing scheme based on subject
areas, keeping no e-mails in your inbox
(3) Combination of filing system and inbox: e-mails that are
lingering and require resolution stay in the inbox, the
rest are filed
How should you organize your sent
mail?
(1) Manage it like your inbox, deleting those that you don’t
need to keep, and filing those that you would need to
keep (e.g. you’re the originator of a record, you offer a
decision or solution to a problem)
(2) Always Cc or Bcc yourself when you know you’re
sending an e-mail you will need to keep so once it
arrives in your inbox, file it away. Then you can safely
delete your sent mail at regular intervals.*
*If you’re sending e-mails with sensitive or personal information, they will need
to be destroyed properly
Sample mailbox
organization
Permanent
e-mails
Retain in
Outlook for now
Retain until no
longer needed or
superseded
Reference
e-mails
Temporary
e-mails
Retain for
6-12 months
Inbox as
to-do list
So do I really need to clean out
my inbox?
ABSOLUTELY!
• Our e-mail system will be moving to a central storage
server space with VITA in about 18 months. At that point,
the size of our mailboxes will be greatly decreased and
many of you will exceed your limit immediately.
• When we move to central storage, simply archiving all of
your old e-mails with no regard to content is not advised.
Electronic records destruction
• Just like paper records, all electronic records destruction
will be handled by the Archives.
• Once temporary electronic records in various
departments have been identified and they become
“inactive” records for a department, they will be moved to
a specific location on the servers to await destruction at
the expiration of their retention period.
• All documentation for electronic records destruction will
be signed off on by the records officer and the COO.
• Destruction of any electronic records with sensitive or
personal information must be done by the Archives.
Auditing for timely destruction
• The state will be auditing state agencies for compliance
with timely electronic records destruction.
• Organizing records in folders according to subject area
and then fiscal or calendar year allows for easy
monitoring of retention periods and disposal of records at
the appropriate time without manually sifting through
hundreds of e-mails or files.
• Once your department’s retention schedule has been
updated to include electronic records, regular destruction
will occur (e.g. each summer, financial records will be
destroyed).
Archiving e-mail
Three methods of archiving e-mails outside of Outlook:
(1) Print e-mails and maintain them with your paper files
(2) Save e-mails as text files on the secure network server,
not on your hard drive
(3) Create personal archive folders (.pst files) and store
them on the secure network server, not on your hard
drive
The best system is a combination of methods 1 and 2:
• Print and file all permanent e-mails
• Store all other e-mails in folders based upon subject
and date and destroy records routinely based upon
retention schedules
Issues with .pst files
• Backup issues (the default setting is to save them to
your hard drive, so you must remember to put them on
the networked drive)
• Messages takes up more space in a .pst file than in
Outlook or as other type of electronic file
• Security issues
• Hard to apply retention schedules because all folders are
saved together
• Global searches no longer possible, making discovery
very difficult
• Uses a Microsoft proprietary format
What to do with attachments?
Three options for preserving attachments:
(1) Save the e-mail and attachment together in Outlook
(2) Save the attachment on your hard drive or shared drive
and delete the e-mail (this is when the e-mail simply
says something like “Look at this attachment.”)
(3) Print the e-mail and attachment and save them in paper
format
If attachment should be kept permanently, method 3 is the
best.
Other electronic record types
All of these types of records have special needs and can
be discussed individually with departments:
• Databases – a born digital record type that has no
functional paper equivalent
• Web content – agency websites are public records and
need to be managed as such
• Digital images – our digital image archives are our on the
museum’s most valuable information assets
Electronic records and e-mails
do not manage themselves!
You must become a proactive manager of your inboxes
and desktops. You must manage your messages and
files in a way that is most effective for you.