I have a customer that would like to query the experts to find out how others are protecting PII, OUO, and other sensitive records (excluding classified records) in electronic records systems.  This is for a large organization with several thousand staff that are creating electronic records.  For instance:

-          How are permissions managed on who can add/modify/delete/view sensitive records?

-          How are permissions kept up-to-date?

-          How are permission changes documented when employees terminate or change organizations?

-          How is permission managed for IT and RIM support employees that may have a need to access the records area, e.g., to develop programs, file plans, etc. but shouldn't generally have a need to see the data?

Any comments/suggestions on managing permissions for sensitive documents would be appreciated.

Deb Martin, CRM, CIP
DOE Integration Support
Lockheed Martin
825 Jadwin, Room 454
Richland, WA 99352
509-376-3771
[log in to unmask]


List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]