Oct 23, 2008

Records Management - where does it fit & where is it heading ?

There has been a lot of comment about increasing records management requirements eg retention schedules etc. Internationally these are covered under ISO 15489 Parts 1 &2 - these have been adopted into Australia. .

Many would argue that these have place imposts on businesses and stifled innovation. However increased strictures on Records Management processes are here to stay, and have been driven in the USA by the Sarbanes Oxley legislation, following the Enron furores. In Australia, Records Management requirements have been accelerated, following the Rolah McCabe vs BAT case in Victoria... According to Lawyers Weekly, "As at common law, there is a shift at the legislative level. The Crimes (Document Destruction) Act 2005 (Vic) amends the Crimes Act 1958 (Vic) and creates a new criminal offence in relation to the destruction of documents likely to be required in legal proceedings. An employee or officer attempting to delete a ‘smoking gun’ email, who therefore knows of the reasonable likelihood of litigation and intends to prevent the document from being used, could be prosecuted for document destruction. Both individuals and companies can be prosecuted, potentially facing large fines and imprisonment. .. A company may be vicariously liable for an officer who breaches the document destruction provisions of the Crimes Act. "

So it is really a case of "get over it and get on with it". Many legal firms are providing advice that could be quite challenging for some organisations, eg Freehills & Blake Dawson Waldron.

In fact, as part of their ISO 9001 quality management document control systems, organisations will have Records Management covered in their Quality Management Manual, or Department Handbook. This is the peak document in their quality system. Records may be either hard copy or electronic - and both should be covered in more detail in individual operating department quality management manuals.

Similar records management requirements exist for ISO 14001 Environment Management Systems. They also exist for also OHSMS systems - and as required for Workers Compensation Self Insurer's status under WorkCover NSW.

Some companies have also establised an Information Management standard. This may provide guidance on records management, eg including Records Disposal standards, as informed by the Australian Records Retention Manual.

This standard may be complemented by an Information Security Policy Statement, eg Victorian context. And there may also be an Information Management Governance Policy/Strategy, which will also address information security issues, eg such as information rights management.

Arising from Victorian State Government legislation, many organisations have developed very comprehensive records classification systems. These include records retention/disposal requirements, in accordance with Victorian and Australian federal legislative, relevant to businesses operating in Victoria. Ideally these would be developed with the involvement, and approval, from an organisation's legal counsel.

It can be very expensive to fall foul of the legislature on these issues : Failing to Keep Records is Expensive - Federal and New York regulators ordered the U.S. Trust Corporation to pay $10 million in fines to settle accusations that it violated bank secrecy laws and failed to keep complete records in a special trading unit.

It is interesting that e-technology is not always seen as providing positive improvements -
"Contrary to the conventional wisdom that technology is an aid to efficiency, the electronic age has made discovery of relevant documents an even lengthier and more expensive process than hitherto,'' Federal Court Justice Ronald Sackville's speech to the NSW Supreme Court conference, after hearing the Channel 7's C7 case, with a database compiled for the case consisting of some 86,000 documents, comprising nearly 590,000 pages.

No comments: