LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Condense Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Sender:	Records Management Program <[log in to unmask]>
Subject:	Re: Human Resources Files
From:	Glenn Sanders <[log in to unmask]>
Date:	Tue, 25 Jan 2005 07:53:19 +1100
Content-Type:	text/plain; charset="us-ascii"
MIME-Version:	1.0
Reply-To:	Records Management Program <[log in to unmask]>
Parts/Attachments:	text/plain (65 lines)

It is a matter of trust. Somewhere in your IT is a super user who can
access every file, and probably has tools to access raw data even if they
don't have high level signon to the EDMS. Somewhere in any EDMS or RM
system setup is a super user who can access everything. Has to be, for
problem solving, bug fixing etc.

I've seen a couple of solutions:

1. High paranoia: don't put the HR stuff in the EDMS at all, they manage
their files entirely separately, probably on a self-contained, isolated
LAN not connected to the main company LAN. Cut them loose, hand over all
RM responsibility and all the work, buy them a separate EDMS / RM system
(costs lots), do a QA audit occasionally. Often also done for the Exec
suite.

2. Medium paranoia: a separate HR database, section or whatever within the
EDMS, with security locked down tight, the RM super user has two signons
(personalities), one of which is for everyday use and doesn't give access
to the HR stuff, the other is used only with someone else present (eg the
HR manager, internal auditor, chief legal counsel etc) to ensure that
problem solving doesn't extend to prying. Split passwords can be used to
ensure that the additional personality isn't used improperly. Obvious
drawbacks for urgent problem solving!

3. Normal paranoia (yes, it's an oxymoron, I know): trust the RM super
user. Draw analogies with managing all that paper in the warehouse. Refer
to the financial delegations and distribution of commercially sensitive
management info, and the building access controls, eg if I'm allowed to
wander around all parts of the building 24/7, if I can sign contracts and
approve payments up to $200,000 or whatever, if I'm on the distribution
list for confidential senior management weekly updates from the exec and
board meetings, if all the old HR files are in my warehouse, surely I can
be trusted not to pry?

Lots of variations too: maybe use the EDMS to manage HR stuff at the file
level but not go down to the document level, so the RM super user knows
that a file exists and where it is, but not what's in it. Implies most
likely that HR files exist primarily on paper, but it's a solution for
smaller organisations and those not geographically dispersed.

But basically it's a sales pitch for your EDMS and your professional
management thereof. don't focus on the paranoia, just give the decided
impression that it's a normal business need you manage effortlessly for
others every day, and push hard on the advantages of HR stuff being inside
your EDMS. What can you do for HR that they'd have to do themselves if
they opt for max paranoia? How many extra staff will they need? Talk about
risk management and probabilities. Be professional.

Cheers

Glenn

Glenn Sanders MRMA
[log in to unmask]
[log in to unmask]
Australia

These views are mine alone. They may or may not be those of any
previous or present employers or clients. I don't know. If I'd asked
and they'd agreed, I would have signed it "Bloggs and Co and
Glenn". Or whatever. But I haven't, so I didn't.

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance

ATOM RSS1 RSS2

LISTSERV.IGGURU.US