The first step is to assess your records inventory and determine which records are eligible for disposition. You can use a records inventory tool or software to help you identify and classify your records according to their type, format, location, ownership, and retention schedule. A records inventory also helps you discover any duplicate, obsolete, or redundant records that can be removed or consolidated. By assessing your records inventory, you can establish a baseline for your disposition process and prioritize the records that need immediate attention.
-
Most organizations are months and sometimes years late on their disposition. Especially with electronic records. Just catching up... It will go a long way.
-
One of the big things here is the un-commingling of files that have different disposition schedules. This is a very labor intensive task. Then the key is to make a better process moving forward. I feel the digitizing of records will be a huge future component for success.
-
Pour une entreprise telle que la notre, qui s'est engagé il ya moins d'une année dans le processus de dématérialisation et d'élimination, le défis est grand. Inventorier la documentation dont la DUA est atteinte ensuite passer à la numerisation et procéder à une élimination par tonne tout en respectant les règles et principes édictés en la matières
-
What Jen Hill Sullivan is true. However for those files not co-mingled proceed with the destruction. We have found it helpful to run the disposition process thru the records management program and push boxes eligible to the business records managers for approvals. Once approved work with the offsite vendor to destroy.
The next step is to review your disposition policies and procedures and ensure that they are aligned with your legal and regulatory obligations, as well as your organizational goals and needs. Your disposition policies and procedures should define the roles and responsibilities of the records management staff, the records custodians, and the stakeholders involved in the disposition process. They should also specify the criteria, methods, and frequency of disposition, as well as the documentation and reporting requirements. By reviewing your disposition policies and procedures, you can ensure that your disposition process is consistent, transparent, and compliant.
-
Highly recommend using a NAID certified service organization to destroy documents and media securely. Chain-of-custody, certificates of destruction, and third-party audits are major features.
The third step is to communicate and coordinate with the stakeholders who are affected by or involved in the disposition process. These may include the records owners, the users, the legal counsel, the auditors, the IT staff, and the external service providers. You should inform them of the objectives, scope, and schedule of the disposition process, as well as the benefits and risks involved. You should also solicit their feedback, input, and approval on the disposition decisions and actions. By communicating and coordinating with stakeholders, you can foster collaboration, trust, and accountability in the disposition process.
The fourth step is to execute the disposition actions according to your policies and procedures. Depending on the type and format of the records, you may need to transfer them to another location, such as an archive or a repository, or destroy them using an appropriate method, such as shredding, degaussing, or incinerating. You should also ensure that the disposition actions are performed securely, safely, and efficiently, and that they do not compromise the integrity, authenticity, or availability of the records. By executing the disposition actions, you can achieve your disposition goals and outcomes.
-
Je pense que la méthode la plus efficace dans la destruction des documents est l'incinération vu sa procédure et son efficacité dans la sécurisation des informations confidentielles qu'elle protège.
The fifth step is to document and report the disposition results and verify that they are accurate and complete. You should create and maintain a disposition log or report that records the details of the disposition actions, such as the date, time, method, location, and personnel involved. You should also retain the evidence of the disposition actions, such as the transfer receipts, the destruction certificates, or the audit trails. By documenting and reporting the disposition results, you can demonstrate your compliance, accountability, and performance in the disposition process.
-
Keep a secure back-up of your purge reports in CSV format. Keep them all together and well organized. You don't ever want to lose them, or have them locked within a vendors system. That's how you get Vendor Lock-In. Remember, without purge reports, nothing is defensible.
-
La production d'un rapport qui retrace l'ensemble des actions entreprise depuis l'inventaire, la numerisation, la sélection et l'élimination des documents. Toutes fois il faudrait aussi faire ressortir l'ensemble du processus, et les parties prenantes.
The final step is to evaluate and improve the disposition process and identify any gaps, issues, or opportunities for improvement. You should measure and analyze the effectiveness, efficiency, and quality of the disposition process, as well as the satisfaction, feedback, and expectations of the stakeholders. You should also review and update your disposition policies and procedures, as well as your records inventory and retention schedule, to reflect any changes in your legal and regulatory environment, organizational context, or business needs. By evaluating and improving the disposition process, you can ensure its continuous improvement and optimization.
-
Data doubles every 2 years. Completely stopping this growth, that's your ultimate goal. It's unachievable, but the closer you get to it, the more defensible your organization will be as a whole. The more data you have, the more risk you carry. And there is no reason for your data to grow that fast.
-
I agree, we should always ensure that we are looking for new ways to renovate current systems to make them better than the condition that we found them in.
-
You have to match your risk to your execution cost. When disposal is a $10 solution to a 10c problem, your executive will treat it like that, and you'll never get it done. This is the core problem with electronic disposal, and the reason it's not being done in most places. Overcoming natural risk aversion to the finality of destruction (i.e. the tendency to retain for the what-if) means you need to build disposal up to be a 10c solution to a $10 problem. Doing it means achieving both efficient practice, but also realistic appraisal of the risks of not doing it. Sometimes it will also mean you just can't get it done - which is OK, as long as you can get it done where it's important, where it truly is a 10c solution to a $10 problem.
-
Excellent points. I would add that the retention schedule is a key element. A schedule should not only take into account records found on formal schedules but records not specifically included in schedules but which may fall under prudent man" or best practices to make sure your schedule is as inclusive as possible. Also, stakeholder knowledge of schedule, process and practice is important but so also is formal adoption but whatever governing bodies apply with the caveat that the retention schedule, policies and practices are subject to change as regulatory, legal, or other factors impact a retention and disposition program.
-
Would a paranoid judge buy it? That's the definition of defensibility. Try to delete as aggresively as possible while following that definition. That's how you minimize risk and costs.
-
Great points. I would add that another level of approval for disposal is given by the top most decision making organ of an organization so as to seal decisions for disposal made by other Stakeholders. This ensures that there is high level of accountability especially to records that are destroyed completely!
更多相关阅读内容
-
Case ManagementHow can you manage outdated or obsolete records?
-
Case ManagementHow can you correctly classify records in case management?
-
Administrative AssistanceHow can you maintain a positive relationship with clients while enforcing records management policies?
-
Information SecurityYou suspect a data leak in your organization. How do you ensure transparency during the investigation?