No matter where your company operates or how large it is, having a Disaster Recovery Plan (DRP) and Business Continuity Plan (BCP) is an essential component of maintaining and growing a successful business.
Your Document Management Knowledge Center
As I read more and more about the leaking of US government documents, I can’t help but wonder what type of security was in place. In recent times, WikiLeaks has gained access to 400,000 documents detailing the Iraq war and more than 250,000 documents from the state department. Given the volume of documents, it seems doubtful that the documents were stored in a document management system with multiple levels of security permissions.
Unfortunately pure belief in their cause is not enough. Doing “good” in the world requires funding. And funding always comes with strings attached. There are always expectations to meet and expectations to manage. How well an NGO manages these expectations directly relates to their success as an organization.
You would think that an NGO would be measured purely on their ability to carry out their mission. Well in many ways they are. However, when you consider the strings attached with funding, most funding sources want reports, not just on successful efforts, but also on how and where the money was spent. Saving lives or improving living conditions for people, whether it’s for 1 person or 1 million people, seems like that should be sufficient. But it’s not.
This is where compliance and reporting come in. By keeping accurate records of every transaction, NGO’s can report on exactly how money was spent. This reporting enables them to comply with the commitments usually associated with funding. Sadly, this is the one area where most NGO’s fail. They can report, and they can be in compliance, but they are missing a very big opportunity.
With the right reporting in place, NGO’s can become very, very efficient. Why is this a big deal? Every dollar not wasted can be used for the furtherance of their mission.
It’s not just a reporting problem. Truly understanding how money is spent and how services are delivered enables NGO’s to improve their processes. Improved processes translate directly into improved services and faster delivery times. And when you are saving lives or caring for those less fortunate, this is a VERY BIG deal.
What happens in many NGO’s is that they are focused on their mission. Everything they do is time critical and urgent. This means they don’t have time to focus on something as boring sounding as process improvement. Yet, when process improvement is focused on, less money is spent on non-essential activities which frees up capital for the truly important work.
For example, many NGO’s send urgent documents using FedEx. They use FedEx because they can track it and it’s fast. Over time, the number of FedEx packages increases to the point where the FedEx delivery person is making multiple trips using a hand truck to cart off the packages. The cost of this is staggering. Yet, this is not an exaggeration. We’ve seen the packages.
If instead, they spent the time to figure out how they could send these documents electronically, or better yet, use electronic signature, they would save much needed capital. This is where the reporting comes in. Yes, it’s used for compliance. But its true benefits come when NGO’s analyze the reports with a goal towards improving their processes so they can serve more people.
We often have conversations with companies who tell us that they want to implement electronic records management software. While that is certainly a good idea for a number of reasons, when we get deeper into the conversation we find out that what they were describing was electronic document management. In fairness though, most companies need both.
So what is the difference between document management and records management? Let’s start by describing the difference between documents and records. All of your paper, electronic forms, files, e-mails and faxes are documents. It does not matter whether they are contracts, leases, vendor communications, or even a thank you letter from a customer. These are all documents. Your business documents are what document your daily business activities.
When we think about records, they are the final, unalterable and legal recording of an event or a transaction. Many documents do become records. For example, a final, signed contract becomes a legal business record. However when you think about contracts, they don’t spring into existence without creation, revisions, collaboration and reviews. Iterations of a contract until it is finalized are not individual records. They don’t reflect the transaction.
Here is where the confusion typically comes in. You are required by law to keep certain records for specific amounts of time. This record retention period varies by the type of record and you should confirm what the record retention requirements are in your state. However, in addition to legal requirements, your organization should have a document record retention policy for all your business records. Failure to have one, and the failure to safely store and then destroy documents, leaves you in the position where all your business documents can be required in a legal action or an audit.
One of the items typically mentioned in a subpoena is your records retention policy. If you do not follow your own policy, then all of your records and documents are potentially “discoverable” and can be used in a legal action or audit. While documents can become records in the normal course of business, keeping documents past their retention schedule can enable them to become records when you least want them to.
With the documents and records more clearly defined, the difference between document management and records management also becomes easy to define. At the most basic level, document management is the storage and retrieval of documents. However, records management is not the storage and retrieval of records, at its base level, it is the administration of the record retention schedule.
What we find with most companies is that they are concerned about either efficiency or compliance when ideally is should be both.
When the discussion revolves around efficiency, typically they are looking to eliminate the storage of paper documents. They want their staff to be able to access any of their documents from any location via a web-based document management system. The issues they face arise from lost documents, time wasted, duplication of effort and the need to foster collaboration within their organization. Online document management addresses these issues and more.
When the discussion revolves around compliance they are worried about audit trails and the ability to track and keep records. We see this in government agencies, nonprofits and all regulated industries. However, compliance is an issue that affects all organizations. Government record requirements are not just for the organizations listed previously, all organizations must comply with governmental record requirements. Failure to do so can be costly in fines and, even worse, in legal actions.
One way that we’ve helped organizations overcome both the efficiency and compliance issues was to create a software platform with integrated document management and records management. By combining the two into one system, certain documents can be set to become records automatically. This means that only the documents that should become records do become records. Further, once a document becomes a record, it automatically gets assigned its appropriate record retention schedule. No one can modify or destroy your business records which ensure your compliance with government regulations. To take this one step more, once your records hit the end of their retention period, a combined system can enable the destruction or purging of expired records.
So when do documents become records? If you have a combined document management and records management system, they become records when they meet the legal definition of a record. Without a combined system, your documents may become records just because you kept them, which can lead to all sorts of unnecessary complications.
To learn more about how a combined online document management and records management solution can help your organization, please visit www.docuvantage.com.
Far from being a safeguard, uncontrolled duplication of records is expensive and risky.
Benefits of Electronic Records
Digitized or electronic documents require less physical storage, they’re easily searchable, and backup for business continuity can be automated. Although many organizations scan paper records as they arrive, most haven’t implemented a disposition policy to destroy the paper. Today, most documents begin life in electronic format, yet many people continue to print hard copies and add them to paper files.
It’s estimated that the volume of information generated by businesses is growing by 60 per cent each year. At that rate, it’s no longer feasible to keep every document forever, and it’s important to minimize duplication and adhere to legal retention requirements.
Multiple copies lead to unnecessary costs and risks associated with:
• Storage – multiple copies fill premium office space, off-site warehouses, removable media, and network hard drives.
• Mismanagement – multiple copies are more difficult to control, file and retrieve. They increase the likelihood of security breaches or inappropriate disposal. This can result in fines and other sanctions for non-compliance with regulatory requirements; and in the loss of competitive advantage if intellectual property or commercially valuable business intelligence is compromised.
• Litigation – multiple copies mean more places to search during the discovery phase (increasing time and costs). It may also raise questions about the evidential weight of records.
• Business Continuity – multiple copies make it more difficult to identify the subset of ‘vital records’ which must be protected at all costs. This can result in a higher risk of accidental loss, deletion or inaccessibility. Liability insurers are increasingly considering retention policies and discovery-preparedness in their underwriting decisions. Poorly managed records can affect the cost or availability of insurance coverage.
Why then are companies investing time and money to maintain parallel filing systems?
Some companies aren’t sure whether electronic records are legally admissible; or whether paper records carry greater evidential weight. Others are doubtful of the quality and reliability of scanned documents. Many are uncertain about the required retention periods for paper records, email and digital documents.
A records management program can clarify these questions and alleviate concerns – allowing an organization to maximize the value of its business information and minimize the associated cost and risks.
The Solution – a Records Management Program
Gaining control over corporate information can seem daunting. Yet it’s absolutely essential for regulatory compliance. A records management program is a key component to reduce the complexity and cost of any GRC (governance, risk management and compliance) initiative.
Reducing the volume of paper records that must be stored and managed is the first step to moving fully into an electronic working environment. If you don’t take the plunge today, it’ll be twice as challenging next year.
A records management program should include:
• An information management policy which sets out the overarching framework of rules and responsibilities for controlling corporate information. It demonstrates to a court of law that information management is part of normal business operations.
• A classification scheme that identifies the different types of records created or received by the organization. It groups similar records together into categories that are easier to find, use and manage. The classification scheme can be used to indicate which categories of records are suitable for scanning (and which are not), based on the regulatory requirements that apply to particular types of documents.
• A retention policy that’s developed through an analysis of the company’s specific legal obligations, business needs for information to support daily operations, and the interests of any additional stakeholders.
• The secure disposal of records should be carried out on a regular schedule, in accordance with an approved procedure. Local and international case law indicates that courts will approve routine destruction of records in accordance with established procedures. Developing a security policy helps to protect the integrity of corporate information and reduce the risk of a challenge to its authenticity.
Legal recognition and requirements for electronic records are contained in the Electronic Transactions Law and the Evidence Law. Your records management program should provide a framework of policies and procedures to maximize the evidential weight of scanned images, and reduce the risks associated with destruction of paper files.
Where records are required for legal or regulatory purposes, an electronic record is acceptable if it is maintained in an accessible, perceivable form. It must also be accompanied by contextual information (metadata) which substantiates the provenance of the record – confirming the time, place and the person(s) responsible for creating or receiving the record.
Companies should also examine their specific legal or statutory provisions to identify any requirements to keep records in their “original form”. Such requirements can be met by a record that was first generated as an electronic record. If a document was originally a paper record, some industries require that the paper record is safeguarded and retained for a certain number of years.
Organizations should seek legal advice with regard to the types of documents most likely to be disputed in court, and assess the risks associated with maintaining or destroying the original paper records that have been scanned.
Questions about the quality and reliability of scanned images can be addressed by implementing procedures and technical standards for the conversion process, for quality control and IT system administration. It’s necessary to demonstrate that the image is an accurate representation of the source document via:
a) clearly defining the conversion procedure, which explains any changes applied to the image (e.g. conversion from color to black-and-white, de-skewing, cropping, etc.),
b) capturing and managing the image in a system that can control and track its use and prevent any subsequent modification (establishing an audit trail), and
c) maintaining and operating the system properly.
An audit trail of activity for records, users and systems administrators is important for proving authenticity and demonstrating the record’s ongoing integrity.
As a critical corporate asset, information should also be addressed in plans for business continuity and disaster recovery. The classification scheme can be used to identify categories of records that are vital for ongoing operations. Appropriate strategies can then be devised to ensure the backup and long-term accessibility of those records.
Electronic records offer many benefits for business efficiency. However, they may also expose companies to significant risks, if they’re not pro-actively managed.
A robust records management program combined with an electronic document and records management application, with defined policies and implemented procedures, reduces the costs and risks associated with managing corporate information. It can be used to determine whether paper records are suitable for scanning into digital formats, and to enable the disposal of original hard copies – generating a range of potential savings for the organization, and mitigating the risks associated with retaining multiple, uncontrolled copies.
Bob Leonard, our guest blogger, is the managing director of acSellerant specializing in online, inbound, content and social media marketing for SMB IT providers.
Since businesses' growth opportunities aren't quite at their peak right now (to say the very least), many executive managers are spending more time and attention on internal processes. Many organizations have become more involved in disaster recovery (DR) strategies and DR budgeting initiatives for the remainder of this year and for 2010.
Your company has already suffered from budget cuts, and you have transitioned a portion of your employees to "virtual" home offices. The LAST thing you need is to feel insecure about where your business files and information are as they leave the company network...
So how do you protect your valuable documents with remote workers? Here's a checklist with the most important aspects to consider when looking for an affordable and secure solution for information access and file storage:
Tampa, Fla. (September 25, 2009) Document Advantage Corporation, (DocuVantage), a provider of online document, business process automation and records management solutions, announced today that its purchasing contract with the State of Florida was renewed. As part of this agreement DocuVantage's enterprise document and content management services may be purchased through the State of Florida's online exchange for buyers and vendors, MyFloridaMarketPlace (MFMP). This contract with the Florida Division of State Purchasing, listed under Information Technology Consulting Services, recognizes DocuVantage as an approved vendor within MFMP.Read More
Although most financial institutions are challenged by the current economic situation, credit unions are especially under pressure to make sound financial decisions. Credit unions are owned and controlled by their members. They want to ensure that the credit union is always making business decisions that will benefit the members, and that budgets are not exceeded. Because of this, credit unions hesitate to allocate money towards implementing the newest technology.
The economy has hit businesses hard and it's causing a ripple effect in the nonprofit industry. To save on costs due to a reduction in revenue, companies have not only cut the donations they have given to charities in the past, but they have reduced available volunteer hours due to a reduction in staff and the need to have more people working in the office driving revenue. This cut in donations and volunteers has left non-profits with a heavy burden.
While many organizations are built of teams that wear many hats, this could not be truer for a nonprofit. With fewer volunteers in the field, the staff in the office now needs to get involved outside the office, causing workflows to back-up.
Technology can play an integral role in making the job of these non-profits easier. However, most non-profits struggle with information technology because of the lack of resources; IT expertise and money to fund technology.
It's important for non-profits to allocate the time to research what software and hardware solutions may be available to help them better manage their business. Often times, spending a small amount on technology to improve your business can save you a greater amount of money in other areas, including hiring more staff. One of the greatest areas where savings can be realized is in workflow and processing of paper documents.
Many non-profit organizations spend extra time processing their paperwork in a traditional manner because their technology budgets just do not include the funds for expensive, up-to-date software which typically needs hardware as well. These organizations can benefit from an inexpensive and easy alternative in which they will not have to rely on an IT support team to properly function. An online application that includes document management and compliance management is an affordable, easy-to-use, alternative providing immediate ROI...
How would an electronic document management (EDM) system satisfy the needs of a non-profit organization (NPO)?