Sunstar Company, Inc.

800.663.5523

  • Enterprise Content Management (ECM) is a formalized means of organizing and storing an organization’s documents, and other content, that relate to the organization’s processes.The term encompasses strategies, methods, and tools used throughout the lifecycle of the content.
  • trusted system is a system that is relied upon to a specified extent to enforce a specified security policy. A trusted system is one whose failure may break a specified security policy.
  • AIIM (Association for Information and Image Management) is the global community of information professionals, with a mission to help organizations thrive in an era of Information Chaos led by mobile, social, cloud and big data.

Nexsan Content Addressable Storage will address these requirements:

How do you manage the risk of growing volumes of content?
How do you automate your contentintensive business processes?
How do you use content to better engage and collaborate?
How do you gain business insight from all this information?

For more info call (800) 663-5523

www.sunstarco.com

California is leading the way in defining how local governmental agencies should maintain official records in an electronic format in order to ensure they are reliable and trustworthy.  The state adopted regulations specifying that official electronic records must be maintained in a trusted system, as defined by AIIM/ANSI standards, specifically meaning AIIM’s Recommended Practices

The regulations, which went into effect this week, give clarification to the legal requirement that has been the law in California since 2000.  Local agencies are not required by either the regulations or the law to maintain their official records electronically, but if they chose to do so they must be sure the system in which the information is stored is considered trusted under ARP1 (2009).

At its core, ARP1 (2009) requires a trusted ECM system to have the following components:

  • A combination of hardware, media and software storage to prevent unauthorized alterations
  • Verifiable through independent audit processes
  • Write at least 1 of the 2 required copies to a safe and separate location
  • Policies and procedures for proper records handling.

Both the AIIM and ISO (ISO 15801 adopts similar concepts) recommendations recognize that there are too many variations for how each organization constructs its system to select just one methodology.  Therefore, those bodies recognize that the ultimate goal is to prevent unauthorized alterations to the records and use that concept as the central theme to constructing a trustworthy system.  Having redundancy and transparency are two additional components, as is the need to clearly state how the records will be handled through the adoption of policies and procedures, so that the staff members are consistently trained and understand the roles and responsibilities.

Unfortunately a greater number of official records are never transformed into any type of physical document, so the regulations do apply to those records created by the government.  Public agencies should be mindful of this trend and comply with California Government Code section 12168.7 and California Code of Regulations, Title 2, Div. 7, chapter 15, sections 22620.1 through 22620.8.  Failure to store and manage official government records in a trusted system could leave the public agency without a solid answer to the question of how it knows the information on those official records is true, accurate and reliable.

12168.7.

(a) The California Legislature hereby recognizes the need to adopt uniform statewide standards for the purpose of storing and recording permanent and
non-permanent documents in electronic media.

(b) In order to ensure that uniform statewide standards remain current and relevant, the Secretary of State shall approve and adopt appropriate standards established by the American National Standards Institute or the Association for Information and Image Management.

(c) The standards specified in subdivision (b) shall include a requirement that a trusted system be utilized. For this purpose and for purposes of Sections 25105, 26205, 26205.1, 26205.5, 26907, 27001, 27322.2, 34090.5, and 60203, Section 102235 of the Health and Safety Code, and Section 10851 of the Welfare  and Institutions Code, “trusted system” means a combination of techniques, policies, and procedures for which there is no plausible scenario in which a document retrieved from or reproduced by the system could differ substantially from the document that is originally stored.**
(d) In order to develop statewide standards as expeditiously as possible, and until the time that statewide standards are adopted pursuant to subdivision  (b), state officials shall ensure that microfilming, electronic data imaging, and photographic reproduction are done in compliance with the minimum  standards or guidelines, or both, as recommended by the American National Standards Institute or the Association for Information and Image Management for recording of permanent records or non-permanent records.

** This can be achieved by implementing the Nexsan Assureon , a logical fit to address any organizational gaps that an organization may have with the AIIM Standards.

For more information call (800) 663-5523