recommended reading

White House overhauls electronic records requirements

Digital Genetics/Shutterstock.com

Federal agencies have until the end of 2019 to adopt systems that store and manage all electronic records in formats that will keep them safe and searchable for future generations, according to a White House directive released Friday.

Currently, many agencies print paper copies of the documents and other records they are legally required to maintain due to concerns that existing file formats won’t be viable 30 years down the road when they must turn the records over to the National Archives and Records Administration.

Agencies have until the end of 2016 to store all email in electronic formats and until Nov. 15, 2012, to appoint a senior official responsible for beefing up their electronic records management programs, Friday’s memo from Office of Management and Budget acting Director Jeff Zients said. Those officials must undergo National Archives training themselves and in turn must develop training programs for agency employees, the memo states.

The Office of Personnel Management also must establish a formal career path for records management officials by the end of 2013, according to the memo.

The memo is a result of six months of correspondence between agencies, OMB and the government transparency community.

“Records management just isn’t given enough priority within agencies and it differs from agency to agency,” said Anne Weismann, chief counsel at the Center for Responsibility and Ethics, a major transparency group. “The concept here -- and the same thing was done with [Freedom of Information Act compliance] -- is to elevate it to a senior level, to stress its importance and to have more accountability, and I think that’s a great step.”

Overall, Weismann said, she’s very pleased with the directive’s contents but disappointed by the deadlines.

“They could have said 2014 and that still wouldn’t have been fast enough for me, but I could have lived with it,” she said. “But this is a very long deadline. I think it’s very easy for agencies not to do this. It’s an area where agencies don’t want to spend their limited dollars and I think they need a huge push.”

The memo also includes a 2013 deadline for the Archives to issue revised guidance on permanent storage of electronic records, including the metadata agencies should include in those records. Metadata is information about the creation of a document or other digital product such as the last edited dates attached to a Word document or the date and time stamp on digital photos.

That guidance also must include strategies for making electronically stored records searchable.

The memo directs the federal Chief Information Officers Council to work with the Archives and with industry to find open source technology that meets the government’s records management requirements and to incorporate records management requirements into future cloud computing acquisitions.

The government is in the midst of a major push to transfer as much of its computer storage as possible into off-site computer clouds, which can pack information more tightly and cheaply than on-site data centers.

Obtaining cloud storage that’s not only economical but searchable as well is the key to an effective records management regime, Weismann said.

“When agencies like mine file a FOIA, not infrequently the response from the administration is ‘we just don’t have a good way to look for that,’ ” she said.

The government’s early adoption of cloud storage has not focused enough on making sure stored material is accessible to the public, Weismann said.

“Imagine a closet where you open it up and throw a bunch of papers in,” she said. “You’re preserving everything, but you can’t find everything and that’s a concern.”

About 95 percent of agencies fail to meet current statutory requirements for maintaining their electronic records, according to a NARA estimate based on agency self-assessments.

Agencies aren’t required to turn over most records to NARA until 30 years after they are created. That has made storing records in electronic formats such as Word documents or PDFs difficult because the technology to read them may be prohibitively expensive or nonexistent in 30 years, or less.

Archivist of the United States David Ferriero has suggested moving up the deadline to turn data over to the Archives to the end of the presidential administration during which the document was created.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download
  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download

When you download a report, your information may be shared with the underwriters of that document.