What is Electronic Document and Records Management
Whereas the older term ‘Document Management System’ (DMS) referred only to the capture and management of electronic documents, Electronic Document and Records Management System (EDRMS) refers to a system encompassing both physical and electronic records.
Please refer to the paper ‘What is Records Management’ for an explanation of what that involves. This paper will deal just with electronic documents.
Obviously, any good records system will manage both physical and electronic documents using the same rules and procedures because both are valuable company records and both are evidence of business transactions. For example, a contract is a contract whether it is in paper or electronic form and the law treats both exactly the same. This behoves you to do likewise.
Opt for electronic rather than paper
Because of printers and fax machines and copiers, records are often in two formats, electronic and paper. For example, some customers print out an important email and then file it as a record. This results in there being an electronic copy in the email server and a paper copy in a file folder. They may also do the same thing with important electronic documents created in Word and Excel. Once again, there will be at least two copies, one paper and one electronic. This is not a good practice, particularly with electronic documents because there may also be updates and different versions of the electronic document that end up being different to the saved paper copy.
Tip: Wherever possible, capture and save the electronic copy only. Paper duplicates are unnecessary and may be dangerous for your organization.
The Paperless Office
The industry, sometimes called ‘Records Management’ or even ‘Enterprise Content Management’ (ECM) has been predicting the advent of the Paperless Office for over 30 years and we are still waiting. The problem initially was that the technology wasn’t up to the job. The problem now is not technology, it is cost, culture and will.
There are literally hundreds of ECM systems that include all of the functionality required to operate a truly paperless office but customers using these systems rarely implement a Paperless Office, instead managing both paper and electronic documents. The choice is yours, the technology is now up to the job.
Most EDRM systems can capture electronic documents from local drives (e.g., C:) but it is a bad practice to store documents on your local drive. Every well managed enterprise has strict rules about where electronic documents are created and stored and well managed shared drives with structures that mimic your classification system, or, the way your business works.
Tip: Enforce rules and procedures to stop the creation and storage of electronic documents on local or USB drives. If you don’t, you will never have control of your organization’s electronic documents and you will put your organization at risk.
Most commercial ECM systems have an option to force the storage of electronic documents only in their databases and not in shared drives. Like most things, this approach has pros and cons but it is generally unpopular with end users who find it too restrictive and inflexible. However, this question is more about culture than technology so the choice is yours.
Shared drives are an organization-wide resource where important company information is created and stored. Security is normally applied and access and rights (i.e., Add, Modify, Delete, etc) are usually controlled under policies defined by IT.
Tip: Ensure that your shared drive structure is clear, logical, not too complex and well managed otherwise you will end up with a mass of confusing duplicates and confusing versions. A shared drive system also requires ongoing maintenance otherwise it becomes fragmented and unwieldy.
We use the term silo to refer to a ‘collection’ of electronic documents. In this context, an organization usually has multiple silos of information. For example, in SharePoint, in shared drives and in multiple other systems that store electronic documents. There is an ongoing debate in the industry about multiple silos versus a single silo. However, managing electronic documents from multiple sources in a single silo is still a difficult and expensive thing to achieve though, eminently desirable.
Image and Document Repository
In general, when someone talks about having an image and document repository they are either talking about a ‘single silo’ approach to document management or the database of their document management or enterprise content management system. In either case, it means that they have the technology to store and manage all electronic documents and images in a single repository and then enable multiple applications to access them.
Check-in and Check-out
Check-in and check-out are common terms used in document management systems. It usually means that you have a DMS, EDRMS or ECM system where all electronic documents are stored and where end users are required to ‘check-in’ (add to the database) new and modified documents they have created (say in Word) and then ‘check-out’ (e.g., open in Word) documents they require to work on.
There are two basic models (but many variations or hybrids):
- All documents must be saved to the EDRMS repository and cannot be saved to shared drives; and
- mixed model where documents can either be saved direct to the ECM repository or to shared drives and, usually after being finalized and approved, then saved to the ECM repository as a ‘record’.
Versioning refers to the practice of recording and numbering every version (update) of an electronic document. This doesn’t mean that the EDRMS takes a copy every time you change something in Word as you are working, it means that it captures a new version every time you make changes and then save your final version.
Tip: Versioning relies on you not changing the filename as you save an update. If you change the filename the EDRMS will see it as a ‘new’ document, not a new ‘version’.
Maintaining versions is an important legal requirement. If for example, your company is involved in a legal dispute and a judge orders ‘discovery’ of a range of electronic documents, the order refers to all versions, not just the final published version.
An organization should have and apply a Retention Schedule to all records, not just physical records. This means that you should be applying the same Retention rules to electronic documents as you apply to physical documents because in the eyes of the law they are all ‘records’.
An organization should have and apply a Classification system to all records, not just physical records. This means that you should be applying the same Classification rules to electronic documents as you apply to physical documents because in the eyes of the law they are all ‘records’.
A request for an electronic record or a collection of electronic records is handled differently to a request for physical records. With physical records, you have to physically ‘move’ the records to the desk of the requestor. With electronic records, they should all be stored in a single repository (database) and you just need to provide the requestor with access to these stored electronic records (permission to read or check-out). You don’t have to ‘move’ anything to their desk, they just open it up on their PC, accessing the database server over the network.
Your enterprise-wide security system should apply equally to electronic records and physical records. In both cases, you need to enforce the ‘right to know’ by managing access rights. With electronic documents however, you have additional responsibilities. As well as providing access you also need to control the functionality (rights) available to an end user. For example, can they read (view) it, can they modify (change) it, can they delete (destroy) it? So, with electronic documents, not only do you have to control who can access it but you also need to control what they can do with it.
For legal and compliance reasons as well as risk management, you should be capturing records of all the transactions of your EDRMS. This means for example, that every time an end user views a document or creates a document, modifies a document or deletes a document that you should capture the history.
Access to the Audit Trail should be strictly controlled such that an end user cannot ‘erase’ evidence of say a view, modification or deletion of an electronic record.
It will be impossible to meet any kind of compliance legislation without a complete and secure Audit Trail function in place.
Electronic documents created in authoring systems such as an email system (e.g., Exchange) or applications like Microsoft Office comprise the bulk of ‘records’ created today by business and government. Some industry estimates put emails for example, as being more than 80% of all transactional business records. It is therefore nonsense to assume that you can have a compliant records management system in place for your organization if you are not capturing and managing electronic documents as well as physical records. Because the law sees both physical paper and electronic records are ‘records’ of equal weight and importance it is vital that you apply the same rules, processes and procedures to both. This is the reason we need Electronic Document and Records Management Systems (EDRMS).