New bailout plans for archivists

Updated DOD records standard gets governmentwide nod as possible solution to a growing problem.

A benefit of the Information Age is the supposed ease of finding information. A task that once meant a trip to a dusty paper archive now can be handled from a computer on any desk. But all revolutions carry the potential for self-destruction. The Achilles’ heel of this digitized era might be overflowing e-mail inboxes, especially as e-mail messages replace in-person meetings and telephone calls as a primary method of communication. Extracting e-mail messages for preservation is becoming an ever more vexing problem.The volume of electronic records is one of the challenges facing the archivists charged with ensuring that government keeps a full accounting of its functions, activities, decisions and other important transactions. Another part of the problem is that responsibility for making sure that archives receive copies of relevant e-mail messages lies with government employees who often consider recordkeeping to be a nuisance. Many agencies still rely on printing e-mail messages for archiving purposes.The combination of those factors has created a black hole of lost data that swallows countless records. In an attempt at rectification, the House voted July 9 to ask the National Archives and Records Administration to draft regulations that require federal agencies to electronically capture, manage, and preserve e-mail messages. The bill, the Electronic Message Preservation Act, sponsored by Rep. Henry Waxman (D-Calif.), is now under consideration by the Senate Homeland Security and Governmental Affairs Committee.The House bill would also require NARA to develop mandatory minimum functional requirements for electronic records management applications. The Defense Department has a set of such requirements that, since their introduction in 1997, have become the de facto federal records management application standard. The standard, numerically denoted as 5015.02-STD, recently underwent revision with DOD officials releasing Version 3 in April 2007. DOD’s Joint Interoperability Test Command began certifying software products against the standard in January. Last month, NARA endorsed Version 3 of DOD 5015.02-STD for civilian use. NARA’s endorsement means “we’ve analyzed it to our satisfaction, and it covers all of [civilian agencies’] statutory responsibilities,” said Mark Giguere, head of information technology policy and planning for NARA’s modern records program. The major changes from Version 2 include optional work processes to support Freedom of Information Act and Privacy Act requests. When such a request reaches records managers, they can create a new meta-records for managing it, said Jana Gallatin, the DOD Joint Interoperable Testing Command official in charge of testing records management applications for compliance with 5015.02-STD. The meta-record tracks elements such as who requested the record and when, and it allows managers to annotate it as they come up with the documents that satisfy the request, keeping track of their progress, Gallatin said. The new standard also specifies that FOIA managers should be able to freeze germane records to prevent them from being altered or disposed until the request is resolved.Nonoptional changes for records management applications in Version 3 include a requirement for applications to create alerts that notify archivists of changes to records’ metadata fields and allowing only authorized uses to make changes to those fields. Also, systems must validate records’ integrity by checking the records databases against repository records and “pop an alert if something in the repository has changed,” said Gallatin. A lot of the testing Gallatin’s office performs is comprised of DOD employees attempting to get access to records they shouldn’t be able to get into, said Reed Ir vin, vice president of product management at CA’s information governance group.“Once it’s declared a record, it’s critical that the RMA control the security,” Irvin said. The standard somewhat addresses the problem of interoperability among records management applications, by requiring them to have the ability to “ingest and export to standard [Extensible Markup Language] schemas,” Gallatin said. The catch is that “we don’t have the standard schemas as yet, they’re still being evolved,” Gallatin added. Still, Version 3 is much more explicit about transfer functionality than its predecessor, Giguere said. “In Version 2, all it said was ‘RMAs shall be able to export records out of the repository,’ ” Giguere said.In all likelihood, two certified Version 3 RMAs “will not be able to, out of the box, seamlessly interoperate with each other. You just won’t be able to plug and play, but it’ll be a lot better, and it’ll involve a lot less integration work.” NARA helped fund research making those changes possible. One thing the standard doesn’t address is e-mail message archiving. “We consider e-mail archiving an IT issue, just like backing up your computer system,” Gallatin said. E-mail and records archives aren’t the same things, because not every e-mail is a record, she added.DOD officials are careful not to overstate what 5051.02-STD certification means. “Not every agency is going to use the same RMA,” said Ron Kelly, director of information policy and integration in the office of DOD’s chief information officer. “We can’t impose on people one size fits all.”In other words, “the DOD standard tells you where you need to be, it doesn’t tell you how to get there,” Irvin said. As a result, the degree to which certain features such as direct integration with e-mail clients and automatic tagging of e-mail messages for archiving can vary greatly from product to product. As for automatically selecting relevant e-mails for preservation, many experts agree that it’d be nice to make that as automatic as possible. “You try to make it as painless on the user as possible, but the user still has to be responsible for identifying the records and doing something with them,” Rawlins said. Some organizations have moved responsibility away from individuals to dedicated staff members who go through e-mail messages, saving and discarding as they go along. But this setup is not ideal.“That takes manpower and money,” Rawlins said.  Records management applications  can’t automatically capture every single relevant e-mail message, no matter how good its underlying logic is, Irvin said. “Users need to be able to explicitly declare records as well,” he said. “You’ve got to have both ways to do it.” E-mail was never meant to drive recordkeeping to the disorganized state it is in today, experts said. “E-mail is simply a delivery mechanism,” Gallatin said. “Whether a record is transferred by e-mail, transferred by the Post Office, transferred by carrier pigeon, it’s still a record.” Perera () is a freelance writer.

Smart uses

The National Archives and Records Administration in September endorsed civilian agencies’ use of electronic records management applications that comply with Version 3 of the Defense Department’s 5015.02-STD. Those products meet the provisions of the Federal Records Act and NARA regulations with respect to the creation, maintenance and use, disposition of federal records and the transfer of electronic records to NARA.

In its endorsement, NARA offered these examples of how agencies can use records management applications to facilitate electronic records management.

  • Managing records from desktop applications where the electronic version of the record will be the recordkeeping copy.

  • Maintaining electronic records in a format suitable for recordkeeping purposes.

  • When automating a business process that necessitates the records to be collected, organized, and categorized to facilitate their retrieval, use, disposition, and preservation, including records generated in e-government processes, if records management capabilities have not otherwise been built into the design of the system.

  • Source: National Archives and Records Administration

    Better security

    Don’t blame the message