Electronic Records as Documentary Evidence

Standard (CAN-CGSB 72.34)

A Case Study from The A Case Study from The University of CalgaryUniversity of Calgary

By Regina Landwehr By Regina Landwehr ©©

University ArchivesUniversity Archives

Presented at ARMA Canada Presented at ARMA Canada Conference, Winnipeg, 6 June 2007Conference, Winnipeg, 6 June 2007

Agenda

Reasons for choosing the standardReasons for choosing the standard Overview of standardOverview of standard Applying the standardApplying the standard Assessment findings and recommendationsAssessment findings and recommendations Future stepsFuture steps Comments on the standardComments on the standard

NOT MY JOB!

Reasons for choosing standard

Who’s responsibility is it?Who’s responsibility is it? Continuum of Care model at UofCContinuum of Care model at UofC

The issue: e-records replaced paper records in the The issue: e-records replaced paper records in the admissions processadmissions process

Can e-records take the place of paper records?Can e-records take the place of paper records? Legislative research: Electronic Transactions Act Legislative research: Electronic Transactions Act

(ETA), Alberta Evidence Act(ETA), Alberta Evidence Act

Reasons for choosing standard

The Acts:The Acts: UofC must always be prepared to UofC must always be prepared to

produce its records as evidenceproduce its records as evidence Core requirements for admissibility:Core requirements for admissibility:

Authenticity of the recordAuthenticity of the recordIntegrity of the information systemIntegrity of the information systemTruthfulness of the record’s contentTruthfulness of the record’s content

THE VOTING MACHINE

Reasons for choosing standard

The Acts:The Acts: Follow national standard(s) Follow national standard(s)

Microfilm and Electronic Images as Microfilm and Electronic Images as Documentary Evidence Standard Documentary Evidence Standard (CAN/CGSB-72.11.93)(CAN/CGSB-72.11.93) Conversion from paper to scans onlyConversion from paper to scans only

Surprise: more than scans –Surprise: more than scans – Email and EDMS record annotationsEmail and EDMS record annotations

Overview of standard (GGSB 72.34) Published in 2005Published in 2005 Applies to public and private sectors, to profit and not-for Applies to public and private sectors, to profit and not-for

profit activitiesprofit activities Purpose: Purpose:

To ensure records can provide reliable support for To ensure records can provide reliable support for business decisionsbusiness decisions

To maximize admissibility and weight of recordsTo maximize admissibility and weight of records To protect the value of e-records in documenting the To protect the value of e-records in documenting the

content and accountability of decisions and transactionscontent and accountability of decisions and transactions

Overview of standard

Provides structure and principles for developing a Provides structure and principles for developing a comprehensive e-records management programcomprehensive e-records management program

Defines best practicesDefines best practices Sections 5-8 are the ‘meat’ of the standardSections 5-8 are the ‘meat’ of the standard

Legal requirements for e-records as evidenceLegal requirements for e-records as evidence Components of an e-records management Components of an e-records management

system program incl. system requirementssystem program incl. system requirements QAPQAP Audit trail requirementsAudit trail requirements

Overview of standard

Technology neutralTechnology neutral ISO 15489-1 and 2, ‘Records Management’ ISO 15489-1 and 2, ‘Records Management’

standard (2000) is its foundationstandard (2000) is its foundation References:References:

Fisher, Paul. Fisher, Paul. Electronic Records as Evidence: The Electronic Records as Evidence: The case for Canada’s new standardcase for Canada’s new standard (Information (Information Management Journal, March/April 2004)Management Journal, March/April 2004)

Gurushanti, Vigi. Gurushanti, Vigi. e-Evidence Standard: Proving the e-Evidence Standard: Proving the integrity, reliability and trust of electronic recordsintegrity, reliability and trust of electronic records (ARMA/CIPS conference, 2002)(ARMA/CIPS conference, 2002)

Key records concepts

Records in whatever format serve as evidence of Records in whatever format serve as evidence of activitiesactivities

Characteristics of records to act as evidenceCharacteristics of records to act as evidence Trustworthy-stand for the facts a record is Trustworthy-stand for the facts a record is

aboutabout Trustworthy over time-not altered, falsified, Trustworthy over time-not altered, falsified,

substitutedsubstituted Authoritative-capable of generating Authoritative-capable of generating

consequencesconsequences

Records are trustworthy if….

Contain complete informationContain complete information Date written and/or receivedDate written and/or received Author and title of authorAuthor and title of author Sender and title of senderSender and title of sender Recipient and titleRecipient and title Type of recordType of record Body of textBody of text Content description-re: subjectContent description-re: subject File code/classification #File code/classification # Comments/notes on recordComments/notes on record AttachmentsAttachments Stamp for copy/draftStamp for copy/draft Signature(s)Signature(s)

Records are authoritative if…

Authority given through permission Authority given through permission Permission is defined by positionPermission is defined by position Positions reflect competence for a Positions reflect competence for a

function/activityfunction/activity Functions are mandated in business planFunctions are mandated in business plan

Records are trustworthy over time if… Placed and kept in a file that relates to the Placed and kept in a file that relates to the

matter (classification)matter (classification) Access to file remains privilegedAccess to file remains privileged Track whereabouts of files if removedTrack whereabouts of files if removed Check for completeness upon returnCheck for completeness upon return Keep records only as long as required by Keep records only as long as required by

retention authorityretention authority

ENSURING COMPLIANCE

Functional and Procedural Requirements to Ensure Compliance with the

Freedom of Information and Protection of Privacy Act, the Electronic Transactions Act, and the Alberta Evidence Act as per the Electronic

Records as Documentary Evidence Standard (CAN-CGSB 72.34)

Information System Requirements Existing?

Yes No 1. The system must be capable of authenticating the author of a record.

2. The system must be capable of capturing IT metadata.

3. The system must be able to create audit trail information consisting of a record of all historical activities or events associated with the system and the records that may need to be reconstructed in the future as additional evidence to support stored records.

4. The following security features must be provided: a. Protection against unauthorized access b. Processing verification of data and information in

records c. Safeguarding of record transmission over time and

space d. Maintenance of backup copies of records e. Establishment of a business continuity plan for

electronic records and associated data

5. A set of procedures must be developed to allow for monitoring and assessing the system’s quality.

6. The system must not permit records to be altered once they are saved as complete, official records.

7. The system must be able to support records retention and disposition requirements.

8. The system must be able to record comments (notes and annotations) related to a record.

University of Calgary Archives, June 2007

Check list-requirement 1: authenticate the source of a record Identify/verify the author of recordIdentify/verify the author of record Identify/verify the operator of the systemIdentify/verify the operator of the system Identify/verify the system/software from Identify/verify the system/software from

where record originateswhere record originates

Check list-requirement 2: ability to capture IT metadata System design architectureSystem design architecture Entity and attribute definitionsEntity and attribute definitions Description of how to use the operating Description of how to use the operating

system and program application system and program application

Beware!Beware! Issue of proprietary systems preventing Issue of proprietary systems preventing

effective testing and maintenanceeffective testing and maintenance

Check list-requirement 3: ability to create audit trails Record of all historical activities/events performed Record of all historical activities/events performed

on the records and the records systemon the records and the records system System and operator generated logsSystem and operator generated logs

Initial capture Initial capture Changes to access privilegesChanges to access privileges Nature of processing eventsNature of processing events Changes to record formatsChanges to record formats Destruction/erasures and their attemptsDestruction/erasures and their attempts

Audit trails must be kept as long as records exist Audit trails must be kept as long as records exist and stored separately from systemand stored separately from system

Check list-requirement 4: security features a. Ability to assign permissions must be a. Ability to assign permissions must be

protectedprotected b. Processing verification must be availableb. Processing verification must be available c. Safeguarding of communication and c. Safeguarding of communication and

transmission linestransmission lines d. Maintenance of backup copies of recordsd. Maintenance of backup copies of records e. Business continuity plan for system and e. Business continuity plan for system and

recordsrecords

Check list-requirement 5: quality testing Quality Assurance Program (QAP)Quality Assurance Program (QAP) Regular testing of:Regular testing of:

System operabilitySystem operability Completeness of recordsCompleteness of records

Documentation that testing took placeDocumentation that testing took place Independent audit of QAPIndependent audit of QAP

Check list-requirement 6: non-alterable official record Records are locked:Records are locked:

Scans: unchangeable format-pdfScans: unchangeable format-pdf Email: correspondence sent is fixedEmail: correspondence sent is fixed Annotation records-no overwriteAnnotation records-no overwrite

Check list-requirement 7: support records retention and disposition Schedule recordsSchedule records Notification of destruction readinessNotification of destruction readiness Generate disposition listsGenerate disposition lists Log dispositions completedLog dispositions completed

Check list-requirement 8: record annotations/instructions Capability to create legible annotationsCapability to create legible annotations Associate annotation with recordAssociate annotation with record Inseparability of annotation from recordInseparability of annotation from record Unalterable annotationUnalterable annotation

THE FIRST IT HELP DESK

ENSURING COMPLIANCE

Functional and Procedural Requirements to Ensure Compliance with the

Freedom of Information and Protection of Privacy Act, the Electronic Transactions Act, and the Alberta Evidence Act as per the Electronic

Records as Documentary Evidence Standard (CAN-CGSB 72.34)

Information System Requirements Existing?

Yes No 1. The system must be capable of authenticating the author of a record.

2. The system must be capable of capturing IT metadata.

3. The system must be able to create audit trail information consisting of a record of all historical activities or events associated with the system and the records that may need to be reconstructed in the future as additional evidence to support stored records.

4. The following security features must be provided: a. Protection against unauthorized access b. Processing verification of data and information in

records c. Safeguarding of record transmission over time and

space d. Maintenance of backup copies of records e. Establishment of a business continuity plan for

electronic records and associated data

5. A set of procedures must be developed to allow for monitoring and assessing the system’s quality.

6. The system must not permit records to be altered once they are saved as complete, official records.

7. The system must be able to support records retention and disposition requirements.

8. The system must be able to record comments (notes and annotations) related to a record.

University of Calgary Archives, June 2007

Assessment findings

No satisfactory back-up proceduresNo satisfactory back-up procedures No system’s maintenance/testing planNo system’s maintenance/testing plan No scheduling and disposition functionNo scheduling and disposition function No audit trail is kept of record deletionsNo audit trail is kept of record deletions No business continuity plan No business continuity plan

Assessment recommendations

Paper records where exist will remain the official Paper records where exist will remain the official recordrecord

E-records in Synergize will be reference copiesE-records in Synergize will be reference copies Annotations and e-mail records as yet unresolvedAnnotations and e-mail records as yet unresolved Develop a Procedures Manual for this systemDevelop a Procedures Manual for this system Develop a vital records system planDevelop a vital records system plan Develop a disposition tool with vendorDevelop a disposition tool with vendor

Outlook

Record making systems are difficult to Record making systems are difficult to convert into record keeping systemsconvert into record keeping systems

DoD compliant enterprise wide ERS in its DoD compliant enterprise wide ERS in its pilot phasepilot phase

Strengthen the policy framework around Strengthen the policy framework around system security and quality assurancesystem security and quality assurance

Continue assessing other record making Continue assessing other record making systems using this standard systems using this standard

Comments on standard

Strengthen significance of business process Strengthen significance of business process analysisanalysis

Add system requirement for annotationsAdd system requirement for annotations Add system requirement to specify a Add system requirement to specify a

retention for audit trail of destruction retention for audit trail of destruction Clarify some definitions and termsClarify some definitions and terms

Records vs. information vs. dataRecords vs. information vs. data