>> From: Larry Medina <[log in to unmask]>
>> Subject: Re: Records Management under IT - Yes or No?
>>
>> Would anyone like to put their 2 cents in on the following topic....
>>
>>>
>>> Why a document control/records management/knowledge management
>>> function...
>>>
>>> *...SHOULD NOT be placed under the information technology group???
>>>
>>> *...SHOULD be placed under the information technology group???
>>>
Given the risk involved now, I would think that each unit should
report to a C-Level Officer, preferably the CFO or to the CLC.
another food option is for both to report to the Head of the Internal
Aiudit Committee that reports to the Board. That would give the
Board the transparency they require to comply with the new Federal Laws.
As for selecting vendors for offsite, the whole concept of pursuing
an entity as one capable of providing one invoice is ridiculous. You
should set your criteria, such as:
The vendor shall deliver substantial return on investment through
reduction in corporate risk, lower operational costs, and improved
productivity.
The security of the records must be demonstrated and the Storage
Contract shall describe records storage as secure by providing the
following:
1) Bonded employees in the management and delivery system for all
types of records
2) The Records Center shall comply with NFPA 232 and a license fire
protection engineer shall so state
3) Vital Records and Media shall be stored within a vault complying
with NFPAS 232 requirements.
4) Computer media that is destroyed at temperatures as low as 125º F
shall be protected with a Class 125 Media Rated
Vault.
5) The software shall capable of tracking the media at every phase
of the movement of the media
6) Insurance shall be by an outside carrier and payment of claims
shall be determined by that insurance company. (Self
Insurance shall not apply in the case of the records collections.
This coverage must be independent.)
7) Perimeter Alarms, Card Access, Video Surveillance (transmitted
offsite to a separate location), Aisle and Vault motion
Detectors and other security equipment as specified in the RFP
8) Vans designed to transport media with secure locking mechanisms
per Babaco or others to prevent break-ins,
continuous environmental control, automatic relocking devixes when
the drive is absent the vehicle, GPS tracking and
caged back end for security. Van must have alarm and klaxon.
Antitheft mechanism for the engine.
9) ANSI Standards for Environmental Control to meet the type of
media being stored and to increase the longevity of the
media/digital records.
10) Responsible management on site to oversee operations equivalent
to an Owner Manager.
Now that you have criteria, then see who wins this bid. ARMA has a
great guideline for selecting vendors with a List there as well.
So what if you have three invoices or 20, the advantage is that you
have an Owner Manager at each site. The Owner of that site has his
entire life's work in that one facility. Each facility has its own
insurance. In no way can you lose everything due to one vendors
failure or software crash. To the Owner Manager to lose it, costs him
everything. For the national entity the loss is merely an
inconvenience. It causes a temporary drop in revenue.
You have to ask yourself why you are not hearing about a lost tape in
Cedar Rapids or Toledo and so on?
Your goal should be to write a contract that ensures your survival
and the survival of your records. After you do that, you then let
whoever wins, win. Bonding eliminates certain high risk employees
from the mix.
There are many companies out in the offsite storage industry that
take what they do as very serious business and spend the money for
the infrastructure to protect their clients records. Others rely on
slickly worded contracts that promise you nothing. In many of them
they thrust all liability back on the client and force the client to
remain silent about the terms of the settlement of their loss.
California once again leads the way with upcoming legislation that
makes those who lose data responsible for the costs of notification
to the damaged parties. Do you hear a big sound like someone gasping
for breath? I do. Big business against big business. CLANG!
Lose a tape. Pay the cost of notification to 280,000 damaged
parties. Whoa!
Software just became so important. Managing email is very important.
If I had 20 sites, I would want 20 Owner Managers watching my records
where you can immediately trace an event right down to the core and
where there is someone on site who can answer a question. The last
thing you want when you are trying to trace something is to hear "I
can't divulge to you how we run our operation. Someone from our
headquarters will be in tomorrow to respond to you."
How does that help you find the tape that is missing right now.
There are some people in our industry that complain about their
service and crazy events but when you ask them if they will seek out
a more responsible vendor(s) they reply "Oh, that would be too much
work!"
Right now IT is moving towards more responsible vendors. There is a
revolution going on over there.
Maybe it is time for records managers to get excited about the level
of protection you receive. It will be a frightening day when they
call you into the CFO's office and they ask you to explain your
strategy on records unless you have one.
Hugh Smith
FIRELOCK Fireproof Modular Vaults
[log in to unmask]
(610) 756-4440 Fax (610) 756-4134
WWW.FIRELOCK.COM

This message (including any attachments) is confidential and may be
privileged. If you have received it by mistake please notify the
sender by return e-mail and delete this message from your system. Any
unauthorized use or dissemination of this message in whole or in part
is strictly prohibited. Please note that e-mails are susceptible to
change. Banc Technic Inc. dba FIRELOCK shall not be liable for the
improper or incomplete transmission of the information contained in
this communication nor for any delay in its receipt or damage to your
system. FIRELOCK does not guarantee that the integrity of this
communication has been maintained nor that this communication is free
of viruses, interceptions or interference.
On Jul 7, 2007, at 12:02 AM, RECMGMT-L automatic digest system wrote:
> WLL covers the vendor themselves. It actually results in DECREASED
> coverage
> for clients. This type of coverage is fine for storage of
> commodities that
> can easily be replaced, but you're talking about INFORMATIONAL
> ASSETS here,
> something that your organization is storing because of a business need
> and/or to be in compliance with laws, statutes, or regulations.
List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]
|