The continuous uptick of information and data flooding educational institutions shows no signs of easing up. With increasing use of technology platforms, it’s no surprise that institutions are desperate to manage the escalating flow of information. A key component to managing the inflow of records is to manage the outflow, in this case, record retention.
Increasing regulations and legislation from the state and federal level have also started to ensure that vigilance and retention policies aren’t optional. In addition to legal requirements, relevance and need also come in to play as it relates to retention policies, making it necessary to take a more global approach by developing a record management process based on the entire data lifecycle.
With many institutions making the move to electronic content management, taking that global approach is easier than ever. However, policies for retention and destruction of records must begin with policies on how to capture, organize and use records, whether they’re electronic or paper-based.
This quick-start guide offers an overview of where to start and what to consider in developing policies that can help an institution manage security and information flow.
1. Get Support
Effective record management starts at the top; that means an institution’s leadership has to understand the need for record management, put support behind it and make their support known. In a time where record retention can be handled automatically through the use of technology, resistance to comply is reduced. With the right backing, support to make sure policies are implemented, along with a willingness to work together, will follow.
2. Develop a Plan
Like any operational challenge, managing records and their lifecycle has a greater likelihood of moving from “problem” to “solution” with a plan. Rather than taking the “save everything” approach, digging into the work of developing a strategy gives personnel a roadmap to follow.
A retention policy also reduces risks. As the volume of retained records grows, so do legal risks—holding on to information longer than mandated time periods and deleting or destroying records before they should be, for example. A defined retention policy and schedule is an important component to establishing a good faith effort towards compliance.
A plan needs to:
- Define records–Determine what incoming information is a “record.” A record is technically something that needs to be captured and kept for regulatory, legal or business purposes. If an enterprise content management solution is in place, every indexed document is considered a record.
- Classify records–Organize records into classifications with related functions, process and retention requirements. Index classifications with keywords to make records accessible through search.
- Assign responsibility–Determine who is accountable for each record classification and who has access and authority to make decisions about actions taken with the records.
- Set rules–Configure and document retention and disposition schedules for each classification based on laws, regulations and business needs.
- Understand departmental requirements–A plan should be put in place based on the needs, requirements, and compliance for each department. For institution-wide retention policies, this means having a champion who is involved in developing this plan.