LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Intro and Electronic Records Question
From:	Larry Medina <[log in to unmask]>
Reply To:	Records Management Program <[log in to unmask]>
Date:	Fri, 23 Dec 2011 10:59:39 -0800
Content-Type:	text/plain
Parts/Attachments:	text/plain (81 lines)

Just an FYI for clarification purposes....

MOREQ is a "MOdel REQuirements" document, it is NOT a Standard (with a
capital OR lower case s)

GARP is a set of "Practices", also NOT a Standard (with a capital OR lower
case s)

Both may provide guidance that someone would want to consider or possibly
adopt in developing a set of protocols for the management of electronic
information assets, but neither contain information as authoritative or
developed using the rigorous principles or practices employed in the
development of Standards (especially those with a capital S)

My recommendation would be to determine first who sets the requirements
your entity must meet when it comes to the storage and retention of PII,
PHI, PII or any other sensitive information and then find out what
requirements they mandate you must meet.  At that point, it will be much
easier to locate 'standards' or other forms of authoritative guidance you
may need to develop your internal protocols, including training of staff
and establishment of policy/procedures.

Larry
[log in to unmask]

On Thu, Dec 22, 2011 at 3:06 PM, alex campbell
<[log in to unmask]>wrote:

> Hi Scott,
>
> Welcome to the Listserv and hello from a fellow alum of the IDRM program at
> Columbia!  Do you want to buy or build your database? I would take a hard
> look at both options and go with the one that best suits your organization.
>
> Next, I would have a look at the various standards that govern electronic
> records and make sure that your system is in compliance with those
> standards. I would look specifically at the MOREQ standards for Electronic
> Records and also at ARMA's Generally Accepted Records Keeping (GARP)
> standards for guidance (I can forward you information on both of these
> offline).
>
> Hope this helps and Happy Holidays to you!
>
> Best,
>
> Alexander Campbell, M.S.
>
>
> On Thu, Dec 22, 2011 at 11:46 AM, Skversky, Scott <
> [log in to unmask]> wrote:
>
> > Hello,
> >
> > I work for a Medical Center within a University in New York.  I'm
> > graduating this spring from Columbia University in the M.S. program,
> > Information and Digital Resource Mgmt.  I had an opportunity to take a
> > records management course, with a great professor, Fred Gravin so I have
> > insight and background on the topic.
> >
> > Question:
> >
> > Does anyone know the standard storing protocol for electronic data and
> > files, including databases that might be in association with PHI, PII,
> and
> > SNN information?  Obviously you cannot store confidential data on a
> secure
> > server alone without any further protection.
> >
> > Besides the basic HIPAA regulations, any advice would be grateful.
>

-- 
*Lawrence J. Medina
Danville, CA
RIM Professional since 1972*

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

ATOM RSS1 RSS2

LISTSERV.IGGURU.US