http://rhizomedigital.com.au/the-mysterious-dark-art-of-recordkeeping-analysis/
I have conducted quite a number of recordkeeping analysis projects over the last 7 or so years. Some people refer to the kind of analysis I do as functional analysis, but I find this term inaccessible to most non-records people and so I do not use it. I also use the term document risk analysis, but this is very specific and in my opinion does not clearly indicate the analysis involves systems, not just documents.
I have lectured at Monash on recordkeeping analysis using case studies and examples. I have also tried a couple of different ways to explain it. Not everyone gets it. In fact, when it comes to talking about the actual analysis work, it is very difficult to explain as it really is a brain process - my brain process.
Leisa the analyst
However, with having nearly completed a PhD and with understanding the importance of transparency of method and analysis for that, it has got me thinking about how to explain recordkeeping analysis in a more accessible and importantly, in a simple way. I have not solved the problem, but I thought I might write about it here and try and figure it out a bit more. I hope that others would contribute their ideas as well so that future teaching of this process might be more educational.
As I mentioned above this kind of analysis is an investigation of systems. Thinking about it now I would put forward that the systems that are analysed are:
- How individuals process information. This includes creating, storing/organising and how they (expect to) access it.
- Expectations around how information should be available in the present across a work unit. This refers to how information is recorded, shared, searched for and the processes involved in organising and managing it over time. This is an interesting analysis when done on email. In my experience most of the information about these first two systems are found in the heads of individuals, rather than in explicit procedures.
- How the business/organisation expects information should be recorded for present use. This starts to expand the parameters of expectation and moves away from individuals telling stories about their processes and starts to look at business policy, procedure and strategy. How information is recorded does not refer to explicit records management processes, but rather more to do with business requirements around the kinds of information that is needed to run the organisation and its business. Because this information is not just written down clearly it needs to be inferred from business documents.
- These first three processes also help me to identify the kinds of activities the organisation is involved in. I can also determine step-by-step business processes in key areas as well as identify the larger functions of the organisation. Identifying these areas helps in performing the next step.
- How the business/organisations expects information should be recorded for future use. This is where we start to look more closely at how information is captured and whether or not this is done in a way that matches criteria for 'record-edness'. I usually refer to AS ISO 15489 for the qualities of a record and provide feedback on whether or not the processes and systems fulfil these definitions. It is in this part of the analysis that I also begin to see if expectations for the business are actually being fulfilled in practice. This part of the analysis also includes a discussion about expectations around what should go into an organisational archive and why.
- Next is an assessment of how the business creates, captures and manages recorded information over time according to external requirements. There are many external requirements of course, including legislative & regulatory. There are also accreditation processes which refer to quality control processes which refer to ISO 9001:2008 etc. I include external audit outcomes as requirements in this section. Any external ruling, advice or authoritative mechanism that impacts on how an organisation creates, captures and manages their information is included here.
- Finally, I always provide advice to my clients on external community expectations and how this impacts on the creation, capture and management of records over time. This also includes reference to the people the organisation serves - their clients - and their potential individual and shared expectations. There are a few ways to figure these expectations out, however mostly I refer to what is happening in the news and how the media reports on issues such as a Royal Commission into abuse of children etc. I always encourage clients to ask their own clients in structured and unstructured ways (questionnaire, interview, focus group etc.) for feedback on this area, but I am yet to convince anyone that this is a worthwhile process.
During this process I look at the following groups of information:
- Employees/volunteers and their document filing systems. This is hard copy and on the computer. I check if people are using them, how they are using them and what they are doing when they are using them. I look at databases, email, folders and in drawers. I am thorough!
- Organisational policies, procedures, strategic plans and annual reports. Generally, an organisation's website contains the most insightful information about how the organisation sees itself. The structure of a website can provide really valuable information about construction and hierarchy of information/identity value.
- Regulatory and compliance authorities. There are many of these that are common to most organisations, but there are many that need to be read to ensure they do not apply. For example, the Corporations Act 2001 refers (a lot) to business that provides financial advice. However, organisations in the community sector providing financial counselling are exempt.
- News sources, Government reports and the Internet in general. I would also put my archives and records networks as a source of information as well. These sources help me to gauge what is happening now as well as to think about the potential for change into the future. Recently I heard that in the 1970s and 1980s adoption legislation focussed on the rights of the mother, but now it focuses more on the rights of the child. This is a social change and this needs to be taken more into account when thinking about access to records over time.
Hmmm. I have written all this information down, but I am still not sure if I have actually described how analysis is actually done.
For the last couple of days I have been reading the recommendations on various Royal Commissions and Inquiries related to child abuse to identify the recordkeeping elements. To do this I reviewed the recommendations to see if records, documents, reporting, access or process and procedures were mentioned. I then determined if these mentions were about recordkeeping in particular. This was very straight forward process. The criteria was set and the outcomes were easy to document.
I guess my entire recordkeeping analysis process circles around the quality of a record as an outcome of processes. This means that recorded information should be able to be identifiable as a record according to criteria (and I use AS ISO 15489). The processes that enable the recorded information to meet criteria are those that are under evaluation. How these are evaluated are based on the success of the organisation or business to create, capture and manage records.
Well, it does not seem so hard after all. Just involved. My first recordkeeping analysis done in an organisation a few years ago took me 3 months to complete. I was working full time at the time in this organisation. I used DIRKS as my methodology then (I have adapted it since). The outcome was a 90 page report of outcomes and recommendations, with a 45 page supplement outlining the data collected and the methodology. Nowadays this kind of analysis for clients does not take as long (who would ever pay me for that length of time?) and the reports are considerably smaller and much more focussed on the kinds of outcomes the clients have asked for.
I still wonder how it might be possible to teach this analysis process to new records managers. Is DIRKS still a relevant teaching tool? Is there an easier way to explain how and why this analysis needs to be done? There are many outcomes for this analysis as well, not just whether or not an organisation is compliant.
My process has been refined over time and I have become much more astute and insightful when evaluating business processes. Perhaps it is just something that comes with time and all we need to do is keep trying to teach the basics using the tools we have.
Comments
In my country – Russia – the situation with HR records is rather complex and changing. HR records are highly regulated by the legislation, with retention period of 75 years after file closure. “Official” electronic HR records are still a thing of the future (recently approved legislation allows for digitally signed work contract for remote workers). A lot of organizations are using electronic HR recordkeeping systems – but not as official records. The important records must be paper-based, that’s why deletion of electronic HR information at present shouldn’t have much impact. But the changes are coming :) I’d add that unofficial electronic information, in fact, must be deleted in compliance with data protection legislation (there is no legal need to keep or process it).
In regard to the example where we did away with the record - was where a department was creating a report for submission to another deprtment. The report was prepared each month and appropriately saved into the correct corporate filing area. When asked why it was created it turned out no one used the report. It wasn't created for any legislative need or any business need so it was stopped. Saved one day per month for one person! Good outcome all round I thought.
Unofficial files like your HR files are a problem for me too. Our HR dept locks them away and restricts access as they should. With the result that team leaders and managers maintiain their own electronic staff files. And these do get deleted without the involvement of the IM/Records team. However at this stage it looks like they are copies of hardcopy sent to HR but it is a concern. We are currently working with HR to move to a total electronic environment with a view to having one place to keep info about staff.
Thanks for your comment Natasha. It reminded me of the multiple outcomes of the recordkeeping analysis process I wrote about above. I am able to identify what records are being created and why, as well as what is not being created and why. I can identify poor practices and processes that can be improved or changed. This analysis also helps to identify the corporate culture and how it impacts on recordkeeping. It also helps to identify what external requirements control recordkeeping processes and yes, I agree with you - if it clearly states that a particular type of records needs to be kept in a particular way for a specific amount of time, then the organisation must comply. How they comply is another matter, which is part of the fun of the analysis (well for me anyway). An example might be: an organisation with a HR department creates staff files in hardcopy with a registration database. The hardcopy files are held in a lockable cabinet. However, other staff throughout the organisation create personnel records of staff in their department, which were found to often be incomplete. These 'other' staff records are created electronically as well as held in hard copy and are stored on the server or in a lockable cabinet. Is this organisation complying with Fair Work? If the electronic records are deleted when the employee leaves is that in compliance with Fair Work? Natasha I see you are are located in another country so might not be able to answer, but I do wonder what advice others might give in this situation?
IMHO as long as the legislation distinguishes records from all the other content, it's impossible to "do away" with them - and risky to try :)
Great comment Mary Ann! Thanks.
In the business analysis process above it is applied to information, but is really specific to recorded information and creating business records. Most clients have been asked to analyse and improve recordkeeping processes, so that is why it is a focus. It is a user-driven process.
I remember being told by an employee once in an interview about their recordkeeping that they could 'feel' what records needed to be made and retained. I asked them to describe how the feeling was put into practice and what decisions they made in this process - not surprisingly, they could not. Another example was when someone told me that they never put any documents into the shared network drive as they considered them to be confidential. But could not really explain whose confidence they were keeping. Asking why is a great way to explore assumptions and practice!!
I would love to hear more about doing away with the record - for what reasons and what was the outcomes?
Surely it's about business analysis applied to information? And maybe your assumption about a quality record being an outcome of the process is not quite right. In some analyses I have done we actually did away with the record. What I find lacking in people who say they have business analysis skills is that often they fail to ask the most basic of questions - why? Why is the information created in the first place? It seems that analysts know all about methodologies but sometime miss the obvious!