Electronic Records: Legal Chal Barclay T. Blair Director, Technology Practice Co-Author, “Information Nation” bblair@Kahn. Consulting. Inc. com
I. A New Era for Records Management 2
What is Happening Out There? 3
What is Happening Out There? 4
What is Happening Out There? 5
Agenda 6
A New Era for Information Management 7
The Landscape Has Changed: Why 8
The Landscape has Changed: Why? 9
What Has Changed? 10
Why Have These Events Happened? 11
II. Legal Foundations 12
E-Records Laws and Regulations Across the Globe Data Protection Act of 1998 Dublin Core FERC Part 125 Rev. Proc 97 -22 SEC 17 a-3 UK Metadata Framework Freedom of Information Act of 2000 CRFB - France SEC 17 a-4 HIPAA NASD 3010 Mo. Req BSI DISC PD 0008: 1999 DICOM 21 CFR Part 11 The National Archive (TNA) Basel II ISO 15489 -1 US Patriot Act Sarbanes-Oxley FSA SYSC Do. D 5015. 2 GLBA e. Sign Act NARA Part 1234 ISO 15489 -2 Ba. Fin – Germany 13 Common Criteria CDPA
Ongoing Evolution 14
State and Local Government 15
Where Are We? 16
What Are These Laws Trying to Achieve? Authenticity Confidentiality Record Paper Records and Signatures Linkage Integrity Permanence Intent 17 Non repudiation
Authenticity 18
Confidentiality 19
Nonrepudiation 20
Document Integrity 21
Signature Intent 22
Permanence 23
Signature Linkage 24
Legally-Recognized Record 25
Trustworthiness: What We Are Trying to Achieve 26
Challenges to Trustworthiness 27
Risk Category Relationship Between the Parties Transaction Value Future Need for Accessible, Persuasive Information on the Transaction Low Intra-Agency Transactions where no funds are transferred, no financial or legal liability is involved and no privacy or confidentiality issues are involved (electronic signatures are least necessary in these transactions and should not be used unless specifically required by law or regulation). Transactions where the information generated will never be needed again. Low to Moderate Inter-Agency Transaction fulfills a legal duty enforced by criminal or civil liability. Transactions where the information generated may later be subject to audit. Moderate With Agency in another level of government (i. e. , federal to state agency, state to state agency) Involving information protected by Privacy Act or other statutes required restrictions Moderate to High With a private organization or individual with whom the agency has an ongoing relationship Involving contracts or commitments giving rise to financial or legal liability Transactions where the information generated may later be subject to dispute by one of the parties (or alleged parties) to the transaction. Transactions where the information generated may later be subject to dispute by a nonparty to the transaction. High One-time transaction with a private organization or individual Involving transfer of funds Transactions where the information generated may later be needed as proof in court. Assessment Model adapted from OMB Guidance on federal agencies implementing GPEA 28
Practical Issues 29
Practical Issues 30
E-Records Challenges for State Government 31
III. Classifying and Managing E-Records 32
IT Challenges 33
Email Alone is a Massive Problem 34
How Users View E-Mail 35
Classification and Management 36
Take Action: #1 37
Take Action: #2 38
Take Action: #3 39
Take Action: #4 40
Take Action: #5 41
III. Providing Access: Inspection, Examination & Copying 42
Providing Access to Records 43
Search and Retrieval 44
Methods of Access: Onsite Computers 45
Methods of Access: Onsite Computers cont’d 46
Methods of Access: Controlling Fees 47
Methods of Access: Accountability 48
Methods of Access: Consistency 49
III. Public Records & Personal Privacy in the Email Environment 50
Email Must Be Managed 51
Do Organizations Get It Yet? Email Policies 52
Just What is a “Personal” Email Message? 53
Take Action: #1 54
Take Action: #2 55
Take Action: #3 56
Take Action: #4 57
Case In Point: The Used Black. Berry The Situation Implications 58
Conclusions 59
Questions and Discussion Barclay T. Blair Director, Technology Practice Co-Author, “Information Nation” bblair@Kahn. Consulting. Inc. com 250 -686 -9619
Скачать презентацию Electronic Records Legal Chal Barclay T Blair Director
eedf39122ae9c5213531cb669e377601.ppt