In my opinion .. just because you can create a million retention policies, that doesn't mean you should. So create as few policies that you need to be successfull.

Excellent post. Please cut and paste to the blog of the Archivist of the United States! ...then move to DC and help lead the movement...

Hmmmm ...

Firmly on the side of tear it down and re-build.

Change the focus from records to information.

Compliance is a constraint - it never helps in getting the job done.

Allow workers to focus on the purpose of the information, not on how long to keep it.

Understand and embrace the difference between principle and practice, policy and procedure.

Understand the difference between a classification category and a retention period.

If the policy is not supporting corporate objectives, the policy is flawed.

I’m not certain what actually needs to be done, but I am fairly confident that it ought to start with an analysis of how information is used and what information is required to achieve business objectives, instead of the old focus on records inventories and compliance and risk mitigation. I’m not advocating that compliance and risk be ignored, but they do need to be critically analysed with a view to establishing who exactly is being protected and what they’re being protected from. Too often the compliance and risk factors have been the end points, which I just don’t believe add enough value in the long term. It’ll help you in legal situations, but it won’t help you run your core business.

We also need to come up with an holistic approach that accommodates for the new channels of communicating (the E2.0 world) and ties everything together into an Information Management Strategy. We need to recognize that information is part of corporate infrastructure. I think that we also need to approach this as an opportunity to be better and do better, and we need to approach this from the various stakeholders’ points of view. We need to treat information as an asset and apply principles of asset management to it.

Interesting.

My view from the UK is that no-one (well, hardly anyone) actually does retention and disposal at all.

Business practice is to keep everything, if possible, and usually the only time things are deleted are for practical reasons of space (electronic or physical).

Although legislation requires retention and disposal in some cases, this is usually quietly ignored.

At some stage, I think someone's going to point out that business practice is quite different to records management policy and legislation, and why doesn't everyone forget the whole thing. But no-one's really saying this, and perhaps no-one can easily say it. It reminds me of the story of the emperor's new clothes.

This is just my observation of what's going on, rather than what I believe should perhaps be going on, as an information management practitioner.

Julie

Your comments are not unheard of. Regrettably, I have been reading similar views more than I would like. Of course, one problem we would face is that if we aren’t confident we can be successful, we generally won’t be.

Records management is not “just” records management (I am becoming convinced that we need to get rid of this term and we are seeing compliance, business risk and information governance being used, instead). Records management is the administrative function responsible for the information assets of the organization. As such, it has the same roles, responsibilities and tools as HR, that manages the human resources, and Finance, which manages the capital assets of the organization. I think it is very, very important to take a broader perspective of what we do.

After the Second World War, we achieved centralized control of HR, power was taken away from the managers and staff, and centralized control of Finance. I wish this had happened with records management but, back then, our work processes were pretty much paper based. Gaining control now is not easy, but as we need to manage electronic records and content, there is no choice.

HR was told that staff would leave the organization or, simply “die”, if they could not use their own job titles and had to prepare formal job descriptions. Yet, the organization chart, with supporting approved job descriptions, is now generally taken for granted. Many of the comments that you present in the case against retention were used to argue why staff could not possibly collect all their expense receipts, organize them and complete the expense report. Yet, if we want to be reimbursed for our travel expenses, we do just that. I remember my days at Rockwell International when central word processing was at its prime. Staff at all levels, from senior vice presidents to the lowly clerks, were adamant that they were never going to learn the keyboard – “that was a secretarial function”. Who is now not comfortable with keyboards (I’m still having problems with using my thumbs, but, guess what; I’m going to have to get used to it). We are to expect push back to change even if it will help the users. I love the quote from an anonymous ERM consultant who asked the question: How do you know you have successful implementing an ERM solution? The answer is when “staff starts to question how they got anything done, in the past, with the old ways of working”. That should be our goal.

You mention the compliance issues with “recordkeeping laws”. With my broader perspective, a logical extension of this is that HR should discard their policies and activities to ensure fair hiring practices and prevent sexual harassment, hostile work environment charges – the users aren’t interested and it’s not important for the organization. An observation I have made over many years is that policies and disciplinary action, up to termination, have seemed to be important for HR and Finance, but not when it comes to records management (again, the management of the information assets of the organization). I disagree with this. And severe sanctions are now being set for the mishandling of records and poor ediscovery practices.

Thank you for mentioning the Big Bucket retention approach. There’s something strange here. In all my years of preparing annual budgets, I have never had a person from the budget group tell me that they were going to consolidate some accounts, to make my life easier. The level of granularity was based on the need to manage the capital assets of the organization. In the same way, the level of granularity with the records series must be set to satisfy the records management business drivers of compliance, effectiveness, efficiency, and business continuity.

An argument for the Big Bucket approach is that an organization could have hundreds, if not thousands, of records series. This sounds like a records management professional’s problem, not a user issue. Using an ERM product, I would look to configure the tight integration between this product and the other business applications by having only those records series associated with the user’s role appear automatically for their use. Without the technology, I would take the typical department file plan and break it down further to the different roles within that department, if needed, to help the users. Also training and discussions with the users are important.

You provided the idea that: “organizations now must look to end users to be an army of records managers”. Because I do performance reviews, does that mean I am now a HR professional? Because I have to do my annual budgets, does that mean that I am now a Finance professional? Absolutely, not! They are just part of my responsibilities. Hopefully, I am provided training but know that I will get feedback until I get it right.

Most users are not good enough to be records management professionals! (OK – they don’t have the specialized knowledge and analytical skills required). Users do not need to know about metadata (we’ll call them tags, anyway), ownership, security and retention formulas. What they need is a broader perspective of their office work.

I use the analogy of a worker on an automotive assembly line. Do we just take that person to their work station, hand them an air gun and lug nuts to put on the new wheels, or do we educate and give the broader perspective to that person – that if they do not do their job properly it could lead to a customer incurring property damage and/or suffering injury or death and the employer could be sued (and, if the vehicle passes your work station and you still have two lug nuts in your hand, hit the stop button).

Users need to know that they are creating and working with important information assets of the organization and that there are proper places to capture/store their various records. Users of SharePoint need to know that there are particular sites and content types that they need to use. I am aware of one Federal Government Department that is having professionally developed online training created, with test questions, to serve this purpose. Staff will be required to take this training annually.

Although push back to change is to be expected, I would argue that the problem is not with the users. I have a good friend who was a partner with a law firm that was introducing a document management system. His sole reaction was: “I just want to be able to find my records” – that’s fair enough and we need to make sure that that happens.

The problem is with senior executives who still do not appreciation the importance of managing their information assets, for: preventing WikiLeaks; ensuring cost effectiveness, including ediscovery; compliance; protecting confidential and proprietary information; addressing privacy issues and business, and reputational, risk. I have found that when senior management wants something done, it usually gets done. A current example is the wide-spread use of SharePoint. I have not heard large numbers of users asking for SharePoint. Senior management has decided that it will be used and it’s happening.

With senior management support, we have the capability to set up a system to identify and manage the records series that are required. We have the change management skills to be successful. We do have the answers to “What’s in it for me” for the users and managers. And we now have the technology to support the users, whether it is an ERM product or the content organizer capability within SharePoint 2010.

I am all for using technology and, perhaps, artificial intelligence, to help the users and meet the needs of the organization. But organizations cannot wait until these tools are in place to gain centralized control of their information assets.

Julie, you feel that uprooting your previous position so deeply seeded isn’t easy, or comfortable. Clearly, I feel that our records management practices are sound and that we can be successful. Thank you for bringing up some good points that are worth discussing.

What are your thoughts?

When you boil it down, information management (or whatever you want to call it) is about communication. That's it, there is nothing else. Information is an asset that needs to be managed as such and does require governance.

No matter how you slice it, governance is a constraint that detracts from getting the job done. If you take a beautifully elegant and efficient business process and then throw in tons of rules about complying to legislation, regulatory requirements, risk management, ediscovery preparedness, and business continuity, you burden the process with extraneous steps that have nothing whatsoever to do with the core objective of the process.

As an analogy, think about driving your car. If you could just get in and drive, without worrying about speed limits, traffic lights, cross walks, pedestrians, and cyclists you'd reach your objective a lot faster. Hopefully nothing goes wrong and you do actually reach your objective in one piece. So yes, governance is absolutely necessary.

I don't think that anyone would say that we should get rid of governance. I think the gist is that some of us are stating that we re-examine why and how we implement governance, and hopefully make it work as a value add to make our organizations better. For the record, the value add that we have realized from the tools we've chosen to implement some of the policies and procedures required for governance have been realized because of the tools, not because of governance.

When it comes to governance, we're still in the dark ages as far as I'm concerned. When we're writing and reading information management related policies that almost no one but a lawyer can comprehend, it is time to make a change. We need to get to the point where the policies and procedures are able to adapt at least as quickly as technology and how people use it changes. Governance needs to be nimble. Right now governance is about as nimble as a three legged hippopotamus with arthritis.

Just an observation..........with the exception of one brief comment, this discussion is among vendors and consultants. It is like preaching to the choir, so to speak. How can we involve actual users who face the problem of having to classify a record, or even understand if a document is a record, let alone "authorize its destruction"? I think that without the actual participation of the user community, these discussions, while interesting and good, are somewhat academic.

How can we involve the user community more in these discussions?

I am of the opinion that while the complexity of retention schedules may contribute to lack of compliance - there are two fundamental issues affecting the success of RM in context of IM.

1) Effective application of ECM tools that allow transparent RM Classification: Workers need not understand retention and disposition (although not that complicated of concept) providing that they understand where and how to file their electronic information. There is no secret fix to this problem - it requires a simple and straight forward investment of time by organizations to allow RM workers the ability to develop a meaningful business taxonomy that maps to RM classification - and implementation of that scheme in an ECM tool. This is not well understood by those who making enterprise decisions, and further the risks are even less understood.

2) Infantilism: We live in a culture of passing the buck, and shirking personal responsibility. Technology has changed the office environment in which we exist, and with it the parameters for operation have changed. Workers are infinitely more productive in the electronic age than they were in the paper age, however, that comes with a small margin of personal accountability: an individual responsibility to organize and file electronic information pertaining to each worker's area of responsibility. The attitude that organizing the information you create is "someone else's responsibility" is one that is going to seperate organizations that succeed in the information age, from those that fail.

The implementation of truly managed information environments is like a study of Chaos Theory as it applies to phsychology, organizations and organziational behaviour. I found myself pondering this one evening when the example of Wikipedia lingered in my mind for some time. The tool was invented, and implemented. Clear rules were created for participation, and participation was made entirely optional...and look at the amazing result. Now if mature adults could only come together to make information management a daily 15 minute personal exercise for the betterment of their organizations, look at what we could achieve!

Just cottoned on to this recently, sorry. All the sentiments about obsolescence of records management as we know it I share completely. It may sound counter-intuitive, but I think we need to use archival concepts to "vault" into the future. What does that mean? Information governance values and policy are not applied directly to information assets (records series, boxes, databases,e-mails, bar napkins) but rather to functions and activities which are associated with the information those functions generate (sounds kind of snake-oily when I explain it like that). Privacy, access, security, e-discovery,SOX, even digital preservation are information regulatory and policy regimes that are interested first and foremost in function and purpose. From an archivist's perspective, functional association (loosely termed provenance) is the lynchpin for preserving the meaning of information.

Tied in with this is my conviction that the lifecycle concept isn't useful anymore and that, yes, users are now records managers and archivists -- they need support for what they need to capture and use, not compliance rules to support a records scheduling process built by and for records managers.

I'm starting to rant, so I think I'll stop now. Look forward to sharing my ideas with you and other like-mindeds in the future.