As a result of the exponentially expanding volume of information and the increasing need to manage information properly, ARMA released its General Accepted Recordkeeping Principles or "The Principles" in 2009. A summary of the eight principles are1:
- Principle of Accountability — An organization shall assign a senior executive to oversee the information governance program, delegate program responsibility to appropriate individuals, adopt policies and processes to guide staff, and ensure program auditability.
- Principle of Integrity — An information governance program shall be constructed so the records and information generated or managed by or for the organization have a reasonable and suitable guarantee of authenticity and reliability.
- Principle of Protection — An information governance program shall be constructed to ensure a reasonable level of protection to information that is personal or that otherwise requires protection.
- Principle of Compliance — An information governance program shall be constructed to comply with applicable laws and other binding authorities, as well as the organization’s policies.
- Principle of Availability — An organization shall maintain its information in a manner that ensures timely, efficient, and accurate retrieval of its information.
- Principle of Retention — An organization shall retain its information for an appropriate time, taking into account all operational, legal, regulatory and fiscal requirements, and those of all relevant binding authorities.
- Principle of Disposition — An organization shall provide secure and appropriate disposition of information in accordance with its policies, and, applicable laws, regulations and other binding authorities.
- Principle of Transparency — An organization shall document its policies, processes and activities, including its information governance program, in a manner that is available to and understood by staff and appropriate interested parties.
The full “The Principles”® is available for download at the ARMA website (www.arma.org).
If you are wondering if FileHold helps to support "The Principles", the answer is yes. Here's how:
- Principle of Accountability — While FileHold does not oversee our customer's information governance program, the implementation team does assist in identifying who will be the accountable person in the customer's organization during the initial implementation meeting. We encourage these individuals to create policies and procedures that will help their staff use and enforce the use of the document management software.
- Principle of Integrity — All records added into the repository are tracked by user ID and action. These logs can be viewed at any time using our built in reports such as the document usage log.
- Principle of Protection — FileHold has three levels of security so documents are always secure. Only those individuals who have access to the documents can view them. Permissions also define what users can do with the documents once they are in the library. Some may be able to only view the document while other users may be able to check out or delete.
- Principle of Compliance — While different organizations will need to comply with different rules of compliance (Food and Drug Administration, HIPAA, LGMA, and so on), retention rules allow for the archiving and deletion of documents from the system. The library structure and schemas are completely configurable to meet any compliance rules and regulations. Also full audit trails can confirm that the organization’s activities are conducted in a lawful manner.
- Principle of Availability — All records and documents can be searched once they have been successfully added into the FileHold library. Search results display only those documents that a user has access to. Saved searches, virtual folders, and linked documents can be created so that documents can be quickly retrieved.
- Principle of Retention — Retention periods can be set per document schema. These can include regulatory, fiscal, operational, and historical records rules. For example, retention rules may say certain types of regulatory records may only need to be kept for 6 years while historical records would never be deleted.
- Principle of Disposition — "At the completion of the retention period for an organization’s records, the records must be designated for disposition. In many cases, the disposition for records will be destruction. In other cases, the records may be returned to clients, transferred to another organization in connection with a divestiture, or transferred for ongoing preservation to an historical archives, library, or museum. In all instances, the organization must make a reasonable effort to ensure that all versions and copies of the records are included in the disposition. The organization must also document its disposition process."1 FileHold provides four types of document lifecycle events to support common retention policies: convert the document to a record, archive the document, delete the document, or notify users about an arbitrary condition which can help organizations comply with disposition rules.
- Principle of Transparency — FileHold has several out of the box reports that customers can use to keep their processes and activities transparent. Structured library and workflow processes provide traceable and verifiable information in support of the organization’s activities. As customers add their own documents and metadata they often have specialized needs for reporting. Some of these can be satisfied using the built-in saved search feature of FileHold, but some are more complex and require a highly configurable reporting capability. Microsoft SQL Reporting Services is a tool included with SQL Server and makes an excellent platform for custom reports. FileHold enables this capability by allowing custom built SQL reports to be integrated into the FileHold user interface. The support is further enhanced by integrating access to the reports into the normal user and group security of FileHold.
If you would like to see ARMA's "The Principles" in action, sign up for a free live webinar!
1 ARMA International, Generally Accepted Recordkeeping Principles “The Principles”®, February 20, 2009, http://www.arma.org.