|
QUESTIONS TO ASK:
- What laws and/or regulations (state and federal) apply to the data within your system?
- What are your industry's standards for system security?
- What are your industry's standards for data security?
- What areas/records might lawyers target?
- What areas/records might auditors target?
- What data falls under the Minnesota Government Data Practices Act?
- What data is of
1. "The values, evidential and/or informational that justify the continuing retention of records as archives." (l)
permanent/historical value to you and/or to others?
|
What are the criteria for a trustworthy information system?
The following criteria outline the best available practices for
implementing a
1. An information system that produces reliable and authentic records.
trustworthy
1. "An electronic system for creating, generating, sending, receiving, storing, displaying, or otherwise processing information." (e)
2. "The organized collection, processing, transmission, and dissemination of information in accordance with defined procedures, whether automated or manual. . . . Most often refers to a system containing electronic records, which involves input or source documents, records on electronic media, and output records, along with related documentation and any indexes." (i)
information system.
The most appropriate practices for a particular system may comprise only a certain number of these. Agencies choose what is reasonable and practical depending on a variety of factors. The important point is to make, justify, and document your choices in order to ensure consistent application and your agency's
1. The quality of being responsible, answerable; the obligation to report, explain, or justify an event or situation.
accountability
for its decisions.
The criteria range from system- to
1. "Information that is inscribed on a tangible medium or that is stored in an electronic or other medium and is retrievable in perceivable form." (e)
2. Information created or received during the course of government business that becomes part of an official transaction.
3. "All cards, correspondence, discs, maps, memoranda, microfilms, papers, photographs, recordings, reports, tapes, writings and other data, information or documentary material, regardless of physical form or characteristics, storage media or conditions of use, made or received by an officer or agency of the state and an officer or agency of a county, city, town, school district, municipal subdivision or corporation or other public authority or political entity within the state pursuant to state law or in connection with the transaction of public business by an officer or agency." Excluding "data and information that does not become part of an official transaction, library and museum material made or acquired and kept solely or reference or exhibit purposes, extra copies of documents kept only for convenience of reference and stock of publications and processed documents, and bonds, and coupons, or other obligations or evidence of indebtedness, the destruction or other disposition of which is governed by other laws." (g)
record-level and are categorized into five main groups:
- system
1. "The act or process of substantiating by recording actions and/or decisions." (i)2. "Records required to plan, develop, operate, maintain, and use electronic records. Included are systems specifications, file specifications, codebooks, file layouts, user guides, and output specifications." (i)
documentation
- security measures
- 1. "A record showing who has accessed a computer system and what operations he or she has performed during a given period of time." (b)
audit trails
- 1. "An unexpected occurrence inflicting widespread destruction and distress and having long-term adverse effects on agency operations. Each agency defines what a long-term adverse effect is in relation to its most critical program." (i) disaster recovery plans
- record 1. Data about data.
2. "The description of the data resources, its characteristics, location, usage, and so on. Metadata is used to identify, describe, and define user data." (i)metadata
Each of these areas contain specific criteria as well as items for further consideration:
- Did You Know highlights items drawn from Minnesota government sources concerning information systems and records management.
- Points under Consider This expand upon the criteria.
- The left-hand sidebar offers general Questions to Ask while working with the criteria set; those opposite a particular criteria group are complementary to its issues.
The criteria set will be updated as necessary to reflect new information. Sources are listed in the Bibliography section of this handbook.
go to Criteria › ›: 1 2 3 4 5
Go to Table of Contents
TIS Handbook last updated July 2002, Version 4.
|
