Legal Archiving & Records management, existing technologies and
Legal Archiving & Records management, existing technologies and solutions Marc Vandeveken - I.R.I.S. Agenda Definition Key drivers and objectives The actual picture Impact on IDR, ECM and ICT. Q&A Definition Archiving is the process of collecting, classifying and preserving
information for future reference . Legal archiving is archiving for legal and regulation purposes. Key Drivers and Objectives E-docs replace P-docs 80% of the information is located in e-mails, e-docs and web. Most of the key-business transactions are now processed electronically. Volume of p-docs is decreasing. Paper archive : expensive, no added-value.
but what about the legal value of E-docs ? Legal value of p-docs is obvious (signature), not the case for e-docs. The Key objective of Legal Archiving is to legitimate electronic information by conferring it the same legal value as paper information). Key Drivers and Objectives Legal and regulation pressure is growing Increasing requirements for documents traceability, retention and disposition + Emerging requirements for private information protection implies :
Proven destruction of private information after retention period expiration. Ability to prove the usage of private information (traceability). Need to protect organizations key information against : Unauthorized access, usage and alteration by internal users. Erroneous deletion or alteration by technical or business staff. The actual picture Original P-doc is considered as a proof. E-doc can be considered as a proof when :
Its origin and author can be undoubtedly proved. The document has been electronically signed (the author is known). A third-party certificate guaranties the undoubtable link between the signature and the content of the document. This certificate must be qualified (i.e : must rely on approved technologies, provider and must contain enough information). No alteration has been made possible since the moment it has been created in its final form. The actual picture To be used as a legal proof, an E-doc must be: authenticated (electronic signature + certificate)
not altered (integrity) Secured and auditable process in the organization : End-to-end (from documentation creation/scanning to archiving) Traceability (who has done what ? When ?) Contextual information : Date, time, place of creation -> time stamping (Horodatage) would reinforce value of proof. Secured long-term storage Concepts and criteria No real legal text to define what a reliable legal archiving system must be. Different norms exist : AFER 16/2008 (E.T.112.081) dd. 13.05.2008:
Condition and terms for storing and archiving the e-invoices and e-data based on the VAT law Legal context on the production and the archiving of e-docs NF Z 42-013 (AFNOR France 2001 new version in 2008) : Set of technical and operational measures to ensure a proper long-term storage and retrieval of electronic documents (scanned or produced by an IT application). Recommends optical storage - physical WORM-, new version also admits logical WORM. ISO 15 489 + MoReq : Dedicated to the records management. MoReq is the operational approach of ISO 15 489 MoReq 2 : European Directive
New version of MoReQ Concepts and criteria Authenticity : Signature Time stamping Non alterability : Through the use of non-rewritable storage Physical WORM (optical juke-boxes) Logical WORM magnetic disk bays (IBM DR550, EMC Centera)
Based only on the signature Normal magnetic disk (reinscriptible) Authentication through PKI Durability: Technological cycle : < 10 years (minus the retention rules)
Storage durability : 5-10 years (magnetic), 10-50 years (optical) Plan periodical upgrade of the systems Regularly verify storage media / perform duplicates through a validated procedure (use of masters). For magnetic disks, use RAID + hot-swappable disks. Use standard file formats (PDF/A-1A) Concepts and criteria Retention period Based on document type. When does it start : On creation date After the last event date (example : account closing, death etc)
The retention delay can be freezed : Example : an account has been reopened. Legal archiving is a process, not a product Impact on IDR, ECM and ICT Impact on IDR (Legal Scanning AFER regulation) : Endorsing (small print on scanned document : timestamp + operator ID). Identification of the scanning operator + scanner ID + date/time) Electronic signature + certificate during scanning process (pay attention to certificate management as they expire). Scanning application must be secured :
No graphical editor authorizing the alteration of the image file. Use of non-alterable image format (TIFF group 4). Authentication of operator through sign-on. Use of dedicated network for scanning process. Image file associated with all meta-data released to ECM. The release process generates log files. Log files must be stored and controlled on a regular basis. Legal Scanning
Impact on IDR, ECM and ICT Impact on ECM No alteration of the original document is allowedonly annotation on a separate layer. No image editor is available not technically possible to alter original document. Every operation on the original document is logged (search, read, annotate etc). Should a modification of the original document is authorized, this is done through the use of versioning and strictly logged. Documents are encrypted and stored in specific legal hardware.
Documents are stored according to retention rules (date-based or event-based). Impact on IDR, ECM and ICT Impact on ICT (Storage) Use of specific legal storage hardware (ex : IBM DR550; EMC Centera). No illegal operations allowed (removal impossible). Management of retention period expiration (flag for destruction).
Access data only from ECM solution (no file-system-like browsing). Possibility of logical data segregation Data security tools (mirroring, replication etc) How to face your major challenge: Do more with less, while reducing your carbon footprint Do more with less Automate processes Reduce workload Legal Archiving is GREEN! Reduce paper volume Decrease square meters for archiving
Printing no longer an obligation Questions? Thank you !!
Which invention from the 17th century allowed for the development of modern cell theory? A. X-rays. ... Cell Song. Key Points. Cells can be categorized into prokaryotic and eukaryotic cells. Cells have specific structures that each carry out specific functions...
Vaikka koko populaatio tasolla näyttää siltä, että käyttäisimme laajasti eri koiria, niin alapopulaatioittain yksittäisillä koirilla edelleen iso vaikutus. Ns. matadoreja (erityisesti uroksissa) edelleen suosittuja, miten voisimme laajentaa urosten käyttöä?
Jean Francois Millet (1814-1875) Vincent Van Gogh (1853 - 1890) www.vitanoblepowerpoints.net Fue a sus 22 años cuando Vincent Van Gogh descubrió por azar la obra de Millet, pocos meses después de la muerte de éste, pero su admiración por él...
Citibank, N.A. ATTN: RFCC GROUP, 11500 NW Ambassador Dr. 4th Floor, Kansas City, MO 64153. Or fax the documentation to: (877) 825-1726 Attn: RFCC (Recovery Fraud Claim Coordinator) Citi will complete its investigation within 60 days. Note: The Firm is...
The main deliverable of this project is a Beta version of the Transportation Data portal for internal use. During the first month of this project we scoped different solutions and the cost of different solutions. We assessed how well ESRI's...
The Free Application for Federal Student Aid (FAFSA) is the form you must complete to be considered for all federal student aid - grants, employment, loans. Virtually every college requires that you complete the FAFSA. Apply on-line at www.fafsa.gov
Rhetoric: The art of analyzing all the choices involving language that a writer, speaker, reader, or listener might make a situation so that the text becomes meaningful, purposeful and effective; the specific features of texts, written or spoken, that cause...
(2013). The National Survey of Children with Special Health Care Needs Chart book 2009-2010. Rockville, Maryland: U.S. Department of Health and Human Services. ... Pゴシック Franklin Gothic Medium Franklin Gothic Book Wingdings Open Sans Angles 1_Angles 2_Angles 3_Angles 4_Angles ...
Ready to download the document? Go ahead and hit continue!