HOW IS A RECORD CREATED RELIABLE IN THE ELECTRONIC ENVIRONMENT?
The reliability of any record depends on its degree of completeness, degree of control on its creation procedure, and/or its author's reliability.
An electronic record is to be considered complete when it includes the eight elements of intellectual form.
However, for purposes of reliability, some of those elements, together with others, need to be also included in attachment to the record, called the document profile. For an electronic record, the document profile is the container of all annotations, but also of some elements of intellectual form, as follows:
The elements related to the control of creation procedure that have been identified for traditional records are:
- every record made, in order to be considered complete and transmitted internally, must include in its document profile:
- every record received from outside, in order to be either filed or further transmitted, must include in its document profile:
- date of receipt
- time of receipt
- date of further transmission
- time of further transmission
- classification code
- registry number (if applicable)
With electronic records, the second of the above requirements is satisfied in the document profile, while the first requirement must be preceded by a series of other controls, as follows:
- the express regulation of three procedural phases, that is, of initiative, deliberation, and execution, and
- the required addition to the record of at least three annotations, that is, name of recipient, date of receipt, and classification code.
In addition, it is essential to distinguish within each creating context between those procedures that can be embedded in the electronic systems as automated workflows, and those that can only be regulated by a code of administrative procedure external to the electronic system. Reliability is served by either or both methods of procedural control.
- identification of the communication networks, electronic record system and software to be used
- identification of the users of the electronic record system and of their individual privileges within the system on the basis of the administrative competence of each of them and of the organization of their work
- definition within the system of the boundaries of general space, group space, and individual space
- general space = that part of the system that is accessible to all members of the organization, managed according to established record making and record keeping rules by the competent staff, and that contains the central filing system of the organization, including the linkages with related records in other media. The primary characteristic of the general space is that no record that has crossed its boundaries can thereafter be manipulated.
- group space = that part of the system that is accessible to all the individuals who share the same competence, horizontally or vertically, temporarily or permanently.This is the space containing many draft versions of the same record, comments, notations, etc.
- individual space = that part of the system that is accessible only to individual members of the organization. The individual space within the organization's records system must be distinguished from the personal, private space of the individual, which should have also a different electronic address. This private space may lie beyond the concerns of the organization
- identification of a secure way of entering the system, such as cards with magnetic stripe, voice print, finger print, etc.
As mentioned earlier, the document profile can be used as a primary instrument for making a record reliable. A complementary instrument to the document profile is constituted by the metadata, that is, data on the creation and use of the records within the system that are automatically generated and preserved by the system and transparent to the user.
The elements related to the author's reliability are procedural ones, which are expressed in traditional records by the signature of the author.
With electronic records, the procedural elements that guarantee the author's reliability are best expressed in the control of the access by the users--as said earlier. This control is exercised by limiting and identifying the persons who can have access to the system, and, once inside it, who can read what, who can interact with what and in which way, etc. This control is also exercised by enabling the electronic system to keep an audit trail of the uses made of the system.
As it has been seen, when procedures of creation control are in place, the control on user's access to specific applications is an integral part of them.The control on user's access has the purpose of making the persons competent for the actions in which the records take part responsible for generating them, and accountable for their contents. This is because reliability is linked to administrative competence for action, not to security, which is an authenticity issue.
If you are experiencing any difficulties with this page, please contact