Minnesota Recordkeeping Metadata Standard: Use History Element
ELEMENT 16: USE HISTORY
|Definition:||The dates and descriptions of both legal and illegal attempts to access and use a record, from the time of its registration into a recordkeeping system until its disposal.|
To act as a cumulative audit trail of all significant (agency-defined) accesses to and uses made of the record over time.
To provide contextual information about the ways in which the record is or was used.
To provide a mechanism by which recordkeeping system security can be monitored.
|Rationale:||All agencies have a responsibility to ensure that their records are adequately protected from unauthorized or illegal access and use. This element provides, in conjunction with other physical, personnel and system access controls, a means of ensuring ongoing record and recordkeeping system security.|
|Applicability:||Applicable at the record level only.|
Use each time the record is used or accessed in a way an agency has defined (and documented) as 'significant'.
If used, only recordkeeping, systems administration, and auditing staff should have full access to this element. Other staff should be given limited (viewing and searching) access to this element.
This element should be used in conjunction with element 1. AGENT to document the agent responsible for making use of the record (see Comments under 16.3 Use Description for information on linking to/capturing agent details).
This element may be linked to element 2. RIGHTS MANAGEMENT.
This element shall be linked to elements 12. AGGREGATION LEVEL and 14. RECORD IDENTIFIER.
This element is meant to be implemented as a history 'log'. As such, it will need to incorporate linked information about agents and (depending on the implementation) the records themselves. Which particular information about agents and record IDs/titles etc is incorporated into this log is a system design decision that must be made by the agency.
As an 'audit trail', this element forms a record in its own right. The level of auditing and retention periods for the resulting logs are left up to individual agencies.
Agencies shall make decisions regarding these matters according to their business requirements and based on an assessment of the risks, costs, and benefits involved in keeping or not keeping detailed logs for long periods of time.
16.1 USE DATE/TIME
|Definition:||The date and time at which a defined use of or access to a record occurs.|
To indicate when records are accessed and used.
The dates and times at which a record was accessed or used may be essential information in a case of illegal access or record tampering.
|Use Conditions:||The system shall assign the date/time of the event when the corresponding event described under sub-element 16.2 Use Type takes place—i.e., the event itself is the trigger for the date/time to be generated by the system.|
|Default Value:||Current system date/time.|
|Schemes:||ISO 8601 standard for date/time encoding.|
16.2 USE TYPE
|Definition:||An event which relates to access to or use made of a record.|
|Purpose:||To provide a finite (but extensible) set of defined access and use events which can be used to describe and audit the use of the record over time.|
|Schemes:||Minnesota Recordkeeping Metadata Standard, agency-defined schemes.|
|Comments:||The extent to which an agency implements the auditing of these and other events is a risk-based business decision—e.g., an agency may choose to implement limited or no auditing of the action "Accessed" because it is such a frequent event, or because the agency's records are not classified or sensitive in any way.|
16.3 USE DESCRIPTION
|Definition:||Details of the event, such as information about where the record was downloaded to, the name and location of the document record contents were copied to, and the specific nature of any illegal action or security breach.|
To enable auditing of accesses to and uses made of agency records.
To ensure accountability for agency recordkeeping.
|Schemes:||Free text, Agency-defined schemes|
Some events, such as ‘Accessed’, may not require any extra level of description.
Information about the agent making use of the record shall be associated with the use itself. A decision will need to be made by individual agencies as to whether this association is implemented through links to separately held agent information, or whether the agent information is automatically captured into the Use Description.
USE HISTORY Examples
|16.1||Use Date/Time||2000-05-20T13:00-6:00||Scheme: ISO 8601|
|16.1||Use Date/Time||2001-09-23T16:30-6:00||Scheme: ISO 8601|
|16.2||Use Type||Checked Out|
|16.3||Use Description||To be returned in 2 weeks|
Minnesota Recordkeeping Metadata Standard: Version 1.1, July 2002.