So, you’re ready to digitize your business records to maintain compliance with government and industry regulations. Should you be looking for a document management system or software that is exclusively for records management? Actually, document management enables you to digitize and archive both documents and records. Let’s explore the differences between the two to clarify the situation.
Records are evidence of a transaction, decision or commitment that an individual, company, nonprofit or government agency makes. A document becomes a record after a business process is completed. Records are stored in final form in case they’re needed as confirmation that an action took place rather than because they’re in active use. They cannot be edited or revised.
Proving compliance, limiting access to authorized personnel, ensuring security and enforcing retention schedules are among the main goals of records management. Easy storage and retrieval, time and cost savings gained through cloud office automation and data security are the primary objectives of document management.
The path from document to record
- Contract: When terms are agreed upon, it has been signed by all necessary stakeholders and is ready to be executed
- Invoice: When it is approved and paid
- Warrant: When an arrest is made or the warrant is recalled
- Financial aid application: When financial aid is awarded or the application is rejected
- Tax return: When it is submitted to the IRS and money is returned or taxes that are owed are paid
Monitoring retention schedules without an office automation system can get messy
Student records governed by the Family Educational Rights and Privacy Act (FERPA)
- Temporary student records like attendance data — at least 5 years
- Permanent records — at least 60 years
Business tax records
- Past tax returns — 3 years
- Receipts — 3 years
- Employee tax records — 4 years
- Deduction of the cost of bad debt —7 years
Sarbanes-Oxley Act (SOX)
- Audit and review documents — 7+ years
- Payroll records, tax records, ledgers and other records — 7+ years
- General correspondence, credit card receipts and employment applications — 3 years
- Consequences of noncompliance: include the potential for millions of dollars in fines and penalties brought against a company as well as removal from listings on public stock exchanges.
What are the primary components of records management?
- Archiving: A record must be saved in a secure repository with a unique identifier and indexed so that it can also be retrieved by name, date, keyword, fulltext search and other criteria that an organization defines.
- Retention schedule enforcement: A record must be stored and eventually destroyed according to a defined set of rules established for each document type.
- Access controls: Authorized users must be able to access, retrieve, and read the record – but make no changes to it. Occasionally, there is a reason to allow changes to the metadata associated with a record.
- Audit trail: The lifecycle of a record should be trackable from beginning to end.
- Security: Encryption and a robust access rights structure to prevent unauthorized changes.
- Disaster recovery and business continuity: Records must be stored in multiple locations in paper or electronic format.
How does document management encompass records management?
- Indexing transforms documents into manageable information by reading key portions of data and storing each data point as an index value. These index values describe the purpose and content of the document and are ultra-efficient for searching and organizing documents.
- Archiving and retrieval take place after records are routed to the correct location via automated workflows. The index data previously assigned to the record ensures clear organization and quick retrieval by authorized users.
- Digital workflows use predefined processes to automatically archive records and enforce retention schedules.
- Comprehensive security and backup measures include:
-
- Authentication via a unique username and password. This not only allows specific access rights to be assigned but ensures a complete audit trail of which document was accessed, by whom, and what actions were taken.
- Encryption of cloud-based communication through TLS, HTTPS and HSTS to protect against protocol download attacks and cookie high jacking.
- Geographically distributed digital backups, housed in high-security Microsoft Azure data center, safeguard vital information and ensure quick data recovery without unexpected expenditures.
DocuWare Cloud takes a New York State town into the digital age
Learn more about document management.