Office of the Assistant Secretary for Administration and
U. S. DEPARTMENT OF LABOR MANUAL SERIES
DLMS 1 - RECORDS MANAGEMENT
DATE: January 7, 2005
Chapter Reference: Chapter 400 — Records Management Program
Nature of Revisions: This chapter has been updated to provide policy and procedures for the maintenance, use and disposition of DOL records, regardless of recording media. In addition, this policy provides procedures for Electronic Records, Electronic Signatures and Electronic Mail Messages; and the assignment of responsibilities of Departmental employees; and update and provide policy and procedures for the use of private records management facilities.
Approval for Issuance and Distribution:
“Safeguarding Information Regarding Weapons of Mass Destruction and Other Sensitive Records Related to Homeland Security” Guidance Memorandum Issued Jointly by the National Archives and Records Administration and the Department of Justice, dated March 19, 2002
401 Purpose. This chapter sets forth policy, establishes procedures, and assigns responsibilities for the systematic control of the creation, maintenance, use and disposition of records within the Department of Labor (DOL).
- Provide effective control, appropriate security, and management over the creation, maintenance, use and disposition of all records within the Department, regardless of recording media.
- Manage the Department’s records from the initial creation to the final disposition.
- Ensure that the records accurately reflect the business practices, policies and transactions of the Department.
- Foster effective and economical Departmental recordkeeping.
- Coordinate records management activities with other information management and Departmental activities as needed.
- Ensure careful preservation and disposition of the Department’s records.
- Prevent the unauthorized access, removal and loss of records.
403 Scope. The provisions of this chapter apply Department- wide. Nothing in this chapter shall contravene any of the provisions of the Inspector General Act of 1978, as amended. All prior records management directives are hereby superseded.
404 Background. The Federal Records Act of 1950 (Section 506 (b)) requires that the Head of each Federal agency establish and maintain an active Records Management Program. Records Management is an active continuing program for controlling the creation, maintenance, use and disposition of records within an organization to document and transact its business.
405 Description. The Department of Labor Records Management program consists of managerial activities involved in records creation, maintenance, use and disposition to achieve adequate and proper documentation of the policies and transactions of the Department.
406 Criminal Penalties. Anyone who willfully and unlawfully conceals, mutilates, removes, damages or alienates official records can be fined and/or imprisoned. (18 U.S.C. 641, 2071). A maximum penalty of $2,000 and/or 3 years in prison may be imposed for the unlawful destruction or removal of official records (18 USC 2071).
- Federal Records Act of 1950, as amended (44 U.S.C. Chapters 21, 29, 31, 33 and 35).
- Housekeeping Statute (5 U.S.C. 301).
- National Archives and Records Administration (NARA), Records Management Regulations, 36 CFR Parts 1220, 1228, 1230, 1232, 1234 and 1236.
- Guidance Memorandum, dated March 19, 2002, issued jointly by NARA and the Department of Justice on “Safeguarding Information Regarding Weapons of Mass Destruction and Other Sensitive Records Related to Homeland Security.”
It is the Department’s policy to properly identify Departmental recordkeeping requirements and to effectively and efficiently manage the records throughout their life cycle. Implementation of this policy requires that:
- All Federal records of the Department of Labor (including electronic records and records created by contractors) will be identified and scheduled on a Standard Form 115, “Request for Records Disposition Authority,” unless the records are covered under the General Records Schedule (GRS). The Departmental Records Officer and NARA must approve the SF 115.
- NARA regulations will be followed for the creation, maintenance, use and storage of electronic records as stated in 36 CFR 1234 and current NARA instructions and guidance.
- NARA and Department of Justice (DOJ) instructions and guidance regarding protecting the security of government information will be followed.
- No record shall be destroyed, retired, transferred or removed unless such action is specified in the approved SF 115 or the General Records Schedule (GRS). Employees are required to report any suspected violation of this policy to the appropriate Agency Head, Departmental or Agency Records Officer.
- All scheduled records shall be destroyed, retired, or transferred, as prescribed in the SF 115 within 120 days of the time authorized in the approved SF 115. If additional time is required, employees shall coordinate the effort with the Agency Head, Departmental or Agency Records Officer.
- Records that will be stored utilizing an electronic recordkeeping system, as well as the necessary documentation of related processes, will be scheduled on a SF 115. Until NARA has approved the SF 115 for the electronic recordkeeping system, no records generated by the system, may be overwritten or destroyed.
- All paper documents, forms, computer printouts, folders, and file cabinets should be designed for letter size (8 1/2 x 11) when possible (use of legal size paper documents is strongly discouraged).
- A vital records protection program, required by regulation (36 CFR 1236), will identify and protect records and information necessary to continue key functions and activities in an emergency. Some records are critical for continuation of functions and cannot be lost, and should therefore be duplicated and stored off-site. This program will be coordinated and consistent with requirements of the Continuation of Operations Plan (COOP).
NARA and the General Services Administration (GSA) provide government-wide oversight in the field of records management. Within the Department of Labor records management responsibilities are assigned as follows:
- The Assistant Secretary for Administration and Management (ASAM)(On behalf of the Secretary of Labor) is responsible for establishing and maintaining an active, continuing program for the economical and efficient management of the Department of Labor’s records in accordance with 44 U.S.C. 3102. The ASAM provides overall policy direction for the Department’s Records Management Program.
- The Office of the Assistant Secretary for Administration and Management, Director, Business Operations Center (BOC), is responsible for:
- Developing and managing the Department’s Records Management Program.
- Assigning the Chief, Division of Management Support Services as the Departmental Records Officer, to develop an effective program that implements the records management objectives identified in Section 402 Objectives.
- Providing for effective controls over the creation, maintenance and use of records in the conduct of the Department’s business transactions.
- Ensuring compliance with all applicable federal records management legislation and policy guidance.
- Integrating records management procedures and activities into other Departmental information resource management procedures and activities, as appropriate.
- Issuing and disseminating directives that establish records management program objectives, responsibilities and authorities for Departmental recordkeeping requirements.
- Establishing procedures to ensure records management is incorporated into the development of new or revised Departmental programs, processes and systems.
- Ensuring compliance with Federal statutes as well as policies, procedures and standards relating to recordkeeping requirements that may be issued by the Office of Management and Budget (OMB), General Services Administration (GSA), NARA, and the National Institutes of Standards and Technology (NIST) or other agencies, as appropriate.
- Consulting, as appropriate, with DOL subject matter experts, such as the Office of the Solicitor or the Office of the Chief Information Officer, on records management issues.
- Establishing and maintaining a records management training and awareness program to include orientation of new Departmental employees.
- Keeping Agency Heads and Agency Records Officers informed of NARA’s guidance and instructions.
- Ensuring that OASAM Regional Administrators take
- Providing assistance to Regional agencies to ensure that all regional records, including electronic records, are efficiently managed and transferred to a Regional Federal Records Center (RFRC), and/or to a holding area, when necessary.
- Reviewing requests for transferring records to the appropriate RFRC to ensure that the procedures specified in this chapter are followed.
- Providing assistance to Regional DOL personnel in the preservation and disposition of records (paper and electronic) according to agencies’ disposition schedules.
- Conducting periodic reviews of the OASAM Regional offices to ensure compliance with records management rules and regulations as prescribed by this Chapter.
- The Departmental Records Officer, Office of the
Assistant Secretary for Administration and Management, Business Operations Center (BOC), is responsible for:
- Managing the day-to-day administration and management of all matters related to the Department’s Records Management Program.
- Serving as the Department’s liaison with the General Services Administration (GSA) and NARA in applying standards, procedures, and techniques designed to improve the management of records, promote the maintenance and security of records deemed appropriate for preservation, and facilitate the segregation and disposal of records of temporary value.
- Advising and assisting DOL agencies in administering their agency’s Records Management Program.
- Reviewing Standard Form 115 “Request for Records Disposition Authority,” before forwarding the record’s schedule to NARA.
- Representing the Department in Federal records management activities and resolving records management conflicts within the Department.
- Providing advice and guidance to Departmental staff on the creation, maintenance and use of records, electronic recordkeeping and electronic mail systems.
- Convening as deemed necessary, a Records Management Working Group comprising agency representatives to
address common issues and concerns such as:
- resolving technical and operational problems that may arise in the execution of the Records Management Program.
- keeping abreast of new information technologies and activities as well as changes in legislation or guidelines that may affect the management of the Department’s records.
- making recommendations to improve the Department’s Records Management Program and Department-wide recordkeeping systems.
- Maintaining a master index of the Department’s records schedules.
- Performing periodic reviews for the effectiveness and efficiency of the Department’s Records Management Program.
- The Office of the Solicitor is responsible for providing legal advice and counsel to Departmental personnel for
activities outlined in the chapter, as appropriate.
- DOL Agency Heads are responsible for:
- Developing and implementing an effective Records Management Program within their respective organizations that is consistent with the information outlined in this Chapter.
- Assigning an Agency Records Officer for the management and execution of the Agency’s Records Management Program. Notifying the Departmental Records Officer of the name, title, office location and telephone number of the Agency Records Officer or point of contact.
- Ensuring that the appropriate Agency staff receives adequate records management training and participates in Departmental as well as Agency training and awareness activities. At a minimum, all staff responsible for the execution of the records management program within the Agency must complete the following NARA training: Basic Records Management, Electronic Records Management and Scheduling and Disposition of Federal Records.
- Agency Program Managers and Agency IRM Managers are aware of and comply with the requirements outlined below for their respective organization.
- The Agency Records Officer is responsible for the
- Maintaining liaison with the Departmental Records Officer and NARA/GSA on records management activities.
- Scheduling the disposition of the Agency’s records, including electronic records, and coordinating this effort with the Program Manager, Information Resource Manager or designee.
- Implementing, maintaining, and managing the Agency’s Records Management Program that meets prescribed Departmental and NARA/GSA standards.
- Periodically reviewing the Agency’s existing SF 115s and updating the records schedules within one year of the establishment of a new program or of organizational changes that result in the creation of new or different records. To be in compliance with NARA regulations, the Agency schedules should be reviewed yearly but at a minimum, a complete review is suggested every five (5) years. This complete review should include conducting an inventory for records in all media, including those records created using automated processes that manage the electronic records of the Agency.
- Advising Agency officials, employees and contractors on the development and implementation of the agency’s records schedules.
- Establishing Agency procedures and providing instructions and assistance to Agency components on records management activities and requirements.
- Reviewing existing information systems to ensure that the disposition of records in the systems have been authorized on an approved SF 115, and to determine if the disposition instructions have to be revised.
- Overseeing the implementation of the disposition instructions outlined in the SF 115. This includes the timely transfer of records to the National Archives, Federal Records Center or designated off-site storage area.
- Reviewing Agency records schedule requests and forwarding the completed SF 115 to the Departmental Records Officer for concurrence.
- Providing advice and guidance to program managers and staff for the development and maintenance of electronic records and automated processing systems.
- Maintaining an inventory of the Agency’s electronic recordkeeping systems that are used to process official records and electronic publications and providing the information to the Departmental Records Officer at the end of each fiscal year.
- Providing guidance and assistance to the Regional organizational components to ensure that records are managed and disposed of in accordance with the SF 115, or transferred to appropriate Regional Federal Records Centers and/or a designated Departmental holding area.
- Maintaining a master index of the Agency’s records schedules.
- The Agency Program Managers are responsible for:
- Overseeing the proper maintenance and management of information necessary for the successful development of the SF 115 and the disposition of records outlined in the SF 115.
- Ensuring that adequate training is provided to personnel on policies, procedures, responsibilities and techniques for adequate recordkeeping procedures and practices.
- Coordinating any new or revised programs with the Agency Head, Agency Records Officer or designee to ensure that the records are scheduled and maintained in accordance with the Department’s and NARA’s records management requirements.
- Providing necessary information to the Agency Head, Agency Records Officer or designee for scheduling the disposition of new or revised program records in accordance with NARA regulations.
- The Agency Information Resource Managers are responsible for:
- Implementing systems for backing up electronic records and developing procedures that guard against the loss of record information because of equipment defects, human error or theft.
- Creating and retaining sufficient programs and documentation, and, if necessary, retaining the appropriate hardware, to allow other authorized offices to read and retrieve the data from the organization's automated processing systems.
- Providing necessary information to the Agency Head or Agency Records Officer for scheduling (i.e., record layout, file specifications, etc.) the disposition of the agency’s electronic records in accordance with NARA and GSA regulations.
- Developing controls to prevent the unauthorized alteration or erasure of information in automated processing systems that serve as official records.
- Ensuring that records are not lost as a result of automated processing system upgrades.
- The Regional DOL Agency Heads are responsible for:
- Designating a Records Management Liaison Officer for their respective organization.
- Providing assistance and advice to the regional organization components on records management activities.
- Maintaining liaison with the Regional NARA components on records maintenance and disposition activities.
- The Departmental Manager and Employee Responsibilities.
- Agency Heads and Management officials, in coordination with the Agency Records Officer, are
responsible for the following:
- Identifying the appropriate disposition for records created and maintained for the Agency’s
- Identifying the appropriate disposition for records created and maintained for the Agency’s
- All employees (including agency heads and managers) must:
- Identify their program functions and activities and determine what records are needed to document those activities and functions.
- Create sufficient records to document those activities and functions.
- Maintain those records in a way that allows all persons who need access to find and retrieve what they need.
- Remove or destroy records only with authorization (General Record Schedule or approved SF 115); do not retain records authorized for destruction.
- Keep official records separate from non-record materials.
- Ensure records identified as permanent are transferred to the National Archives as required.
- Protect vital records appropriate to their value.
- Protect records that contain security classified, confidential business, or other types of sensitive information with appropriate safeguards.
- Comply with policies and procedures developed by the Records Officer and SOL governing the disposition of Federal records and working papers when leaving the Department's service.
- Do all of this in a manner that is as cost effective as possible.
- Agency Heads and Management officials, in coordination with the Agency Records Officer, are
Agencies shall develop and implement procedures and guidelines consistent with the Departmental policies for maintaining agency records. Appendix B prescribes the minimum requirements for the Agency’s records management life cycle.
422 Determining Federal Records, Non-records and Personal Papers. It is important to distinguish federal records from non-records to properly identify what documentary materials are subject to the requirements of the Federal Records Act of 1950, as amended, and other records management legislation. Under the Federal Records Act of 1950, as amended, there are three categories of records, Federal Records, Non-records and Personal Papers. Detailed definitions are provided in Appendix A.
423 General Records Schedules. The General Records Schedules (GRS) provide mandatory disposition instructions for administrative records common to most or all federal agencies. Copies of the GRS are available from the Departmental Records Officer, Agency Records Officer or NARA’s website.
424 Agency Records Schedules. Agency records schedules are developed on a Standard Form 115, Request for Records Disposition Authority. The approved SF 115 provides disposition instructions for program records and administrative records not covered by the General Records Schedules. The records schedules shall be developed and maintained for each series of records (paper and electronic) or files officially created and managed by an organizational component of the Department.
- Preparation of Agency Records Schedules. Agency Records Officers will detail the records disposition instructions on the SF 115 for manual (paper) and electronic records and automated processing systems. The SF 115 shall be developed based upon the information provided by the program manager, information resource manager or designee. The SF 115 must include a brief description of the program, program records, proposed disposition and any legislative mandates that affect the retention and disposition of the records.
- Records Schedule Clearance. The Agency Records Officer forwards the SF 115 to the Departmental Records Officer for review and concurrence. The Departmental Records Officer forwards the SF 115 to NARA for approval.
- Approved Records Schedules. An approved SF 115 has the signature of the Departmental Records Officer and the Archivist of the United States. When NARA approves the SF 115, the Agency Records Officer forwards a copy of the SF 115 to the Departmental Records Officer. The Agency Records Officer is responsible for disseminating the SF 115 to the appropriate agency Program Manager, ADP/IRM Manager or designee. The Agency Records Officer is responsible for ensuring that the agency’s personnel involved in the creation, maintenance, use and disposition of the records outlined on the SF 115 are aware of their records management responsibilities.
- Updating/Revising Records Schedules. NARA regulations (36 CFR, Chapter 12) require a yearly review of records schedules, and to schedule new or reorganized programs within a year of the changes. In addition, changes to the GRS must be incorporated into agency schedules and handbooks within 6 months of the transmittal of the GRS from NARA. New or revised series of records must be incorporated on a Standard Form 115, Request for Records Disposition Authority and forwarded to the Departmental Records Officer for concurrence. Unscheduled records (paper or electronic) are considered permanent records and shall not be destroyed or removed.
425 Records Disposition. The following procedures shall be used for retiring records to a Federal Records Center based upon the instruction outlined in the SF 115. These procedures also apply to records donated for preservation or transferred to another Federal agency or private institutions. Instructions for retiring electronic records to the Federal Records Center are found in the NARA instructional guides available through the Departmental or Agency Records Officer.
- Records Transferred to Federal Records Centers (FRC). Records are transferred to the appropriate FRC at the
end of the prescribed period outlined on the approved “Request for Records Disposition Authority,” Standard
Form 115. The records are stored at the FRC until the
retention period has expired. There must be at least one year of the retention period remaining to qualify for
transfer. The following procedures are required for
- Prepare a “Records Transmittal and Receipt,” Standard Form 135 for each transfer to the records center in accordance with NARA guidelines. Please see the on-line Records Management Handbook on LaborNet.
- Paper records being transferred to the FRC must be placed in FRC containers, or other boxes approved by NARA for shipment of records. Each container must be at least two thirds (2/3) full. FRC containers are available through DOL supply channels (NSN 8115-00-117-8344 or NSN 8115-00-117-8249 for paper records and NSN 8115-00-117-8347 and NSN 8115-01-132-1932 for magnetic tape and microfiche containers).
- Records Donated for Preservation and Use. Records whose disposal date has been reached may be transferred to another government organization or to a private institution, corporation, or person applying for them when such transfer has received written approval by NARA in accordance with 36 CFR 1228.60. DOL component agencies that are interested in donating records shall coordinate the effort with the Departmental or Agency Records Officer.
- Transfer of Records to Other Federal Agencies. Transfer
of Departmental records to other Federal agencies requires written approval from NARA in accordance with
36 CFR, Subpart H. The effort shall be coordinated with the Departmental or Agency Records Officer. Prior written approval from NARA is not required when:
- The records are loaned to the agency for the agency’s official use.
- The transfer of records is required by or pursuant to statute, Executive Order, or a Presidential reorganization plan.
- The records are transferred between two components the same Executive department.
- Transfer of Permanent Records to the National Archives (NA). If the records are held at a NARA Federal Records Center (FRC), the transfer will be made at the end of the normal retention period specified on the applicable
records schedule. Approximately 90 days before the
scheduled transfer date, the National Archives furnishes a Standard Form 258, Agreement to Transfer Records to
National Archives of the United States, to the Departmental Records Officer for approval. The Departmental Records Officer forwards the SF 258 to the
Agency Records Officer to verify and ensure that the
records detailed on the SF 258 are available for transfer to the National Archives. When the Agency
Records Officer approves the SF 258 and returns the SF
258 to the Departmental Records Officer, the
Departmental Records Officer forwards the SF 258 to the
National Archives at least 60 days before the scheduled
transfer date. The Federal Records Center will then
forward the records to the National Archives.
If permanent records are maintained in the Department of Labor, the Agency Records Officer will initiate a direct transfer of the records to the National Archives by completing the SF 258 and forwarding the completed form to the Departmental Records Officer for concurrence. The Departmental Records Officer approves the SF-258, at least 60 days before the scheduled transfer date, and forwards the SF 258 to the National Archives. A NARA representative will inspect and appraise the records for archival value before the records are accepted or rejected for transfer to the National Archives.
Transfer of records that have been scheduled as permanent to the NARA is mandatory when these records reach 30 years old, or before if so specified on the approved SF 115. If the agency wishes to retain custody of these records after the scheduled disposition date, the head of the agency must certify in writing to the Archivist that the records are needed for the conduct of the regular current business of the agency.
- Records Requiring Only Short-term Retention. While conducting business, Agencies create a large number of
documents that require only short-term retention. Although these documents are useful to individuals in
accomplishing their work, the documents are not needed
as part of the long-term documentation of Agency activities.
There are four types of short-term documents that commonly occur in offices:
- Transitory documents
- Suspense, tracking, and control documents
- Facilitative documents
- Selected disposable supporting materials (working files)
Such documents must be managed judiciously or they will add greatly to the bulk of the files, and this often lessens the ability of others to understand what actually took place.
It is possible to argue that each of these types of documents does not meet the definition of a record in the Federal Records Act. However, the documents may qualify as records under the FOIA, and the more practical solution is to consider them as record material that needs to be retained for only a brief period of time. A brief period of time is usually defined as no more than 90 days. In many cases, 10 days is sufficient, and often short-term documents can be deleted/destroyed as soon as appropriate action has been taken. It is important to note, however, that if any official request (FOIA, Privacy Act, discovery, Congressional, etc.) is received prior to the legitimate destruction of these types of records, they may not be destroyed.
426 Electronic Records. Electronic records are original records generated by a word processor, personal computer, electronic mail system or automated processing system. The creation, maintenance and use of electronic records must be managed in accordance with the agency’s approved Standard Form 115, Request for Records Disposition Authority, General Records Schedule (GRS) or the Department’s policy for handling electronic mail messages.
- Scheduling Electronic Records. Electronic records can
only be disposed of in accordance with disposition instructions outlined on the approved SF 115 or the
General Records Schedule (GRS).
- Electronic records are often stored on erasable, reusable, and relatively expensive media, which are easy to revise and update, and are relatively fragile. For these reasons, inventorying and scheduling electronic records should be determined as early as possible in the life cycle of the records.
- The information in electronic recordkeeping systems including those systems operated for the Government by a contractor, shall be scheduled on a SF 115 as soon as practical, and not later than one year after implementation of the system. No records in the system can be overwritten or destroyed until the NARA has approved the disposition via an approved SF 115.
- In scheduling electronic records, the agency should consider its ability to meet the obligation to maintain the retrievability and usability of the record for the entire span of the proposed retention period.
- Disposing of Electronic Records. Electronic records authorized for destruction in an approved SF 115 must be disposed of in a manner that ensures protection of any sensitive, proprietary or National Security Information. Magnetic recording media used for electronic records containing sensitive, proprietary or National Security Information are not to be reused. Unscheduled electronic records along with related programs, system documentation and indexes shall be retained until NARA approves the disposition of the records via a SF 115.
- Archiving Electronic Records. Permanent electronic records that are transferred to the National Archives must be on either open reel magnetic tapes, tape cartridges or CDROM’s, based upon the NARA requirements outlined in 36 CFR 1228.188. Acceptable record formats and required transfer documentation are specified in 36 CFR 1228.188 and in additional transfer guidance for special formats (e-mail, PDF and GIS files) available from NARA. The timing of the transfer for these types of records is critical due to the preservation and obsolescence problems inherent in electronic media, hardware, and software. Therefore, electronic records deemed permanently valuable shall be transferred promptly. If, due to the lack of facilities for proper care and handling, or possible obsolescence, records are endangered, NARA should be contacted to arrange transfer as soon as practical.
- Manager Responsibilities. Managers are responsible for ensuring the following steps are taken to provide for the security of electronic records:
- Only authorized personnel are to have access to the electronic records.
- Backup copies are to be made routinely in order to protect against loss information.
- Appropriate personnel shall be trained to safeguard sensitive or classified electronic records.
- System developers and users are to minimize the risk of unauthorized/alteration or erasure by protecting the work area, equipment, password, files and data from unauthorized access and use.
- The methods to ensure electronic records security should be addressed in the agency’s computer security plans, prepared pursuant to the Computer Security Act of 1987.
427 Electronic Signatures. The Government Paperwork Elimination Act (GPEA, Pub. L. 105-277) requires that, when practicable, Federal agencies use electronic forms, electronic filing, and electronic signatures to conduct official business with the public by October 21, 2003. In doing this, agencies will create records with business, legal and in some cases, historical value. NARA provides guidance that focuses on records management issues involving records that have been created using electronic signature technology. An agency's decisions concerning how to adequately document program functions, its risk assessment methodologies, and its records management practices are essential and interrelated aspects of an electronic signature initiative. The following key points are discussed in NARA’s "Records Management Guidance for Agencies Implementing Electronic Signature Technologies" dated October 18, 2000 (Appendix F).
- Agencies must consider records management requirements
when implementing the Government Paperwork Elimination
- If the electronically signed record needs to be preserved, whether for a finite period of time or permanently, then the agency needs to ensure its trustworthiness over time. (NARA Guidance Section 4.0)
- There are various approaches to ensure the trustworthiness of electronically signed records. (NARA Guidance Section 4.3)
- Information systems that agencies use to implement the electronic signature requirements of GPEA will produce new records or augment existing records. (NARA Guidance Section 5.1.)
- Agencies determine which electronic signature records are retained based on their operational needs and perceptions of risk. (NARA Guidance Section 5.2)
- Agencies are not authorized to dispose of records without an approved SF 115 from NARA. (NARA Guidance Section 2.0)
- Agencies should develop records schedules with proposed retention periods for new records for NARA to review. Records disposition authorities for existing records may need to be modified. (NARA Guidance Sections 5.1 and 5.4)
- Electronically-signed records documenting legal rights and electronically-signed records that must be retained permanently have special considerations. (NARA Guidance Sections 5.5 and 5.6)
- When agencies use third party contractors they should use specific contract language to ensure that the records management requirements are met. (NARA Guidance Section 5.3)
428 Electronic Mail Message Records. For those e-mail messages and attachments that meet the statutory definition of Federal records as defined in Appendix C, it is required that the record documentation include the e-mail message, any attachments and essential transmission data (names of sender and addressee(s), and date the message was sent, (36 CFR 1234.24). E-mail messages and attachments determined to be Federal records must be managed under the Federal Records Act in the same manner as any other Federal record. Since NARA policy on e-mail retention requirements government-wide is in a state of evolution, please refer to the NARA web site for the latest policy pertaining to retention of e-mail Federal records.
429 Micrographics Storage and Disposition. All microfilm and microfiche records are eligible for retirement to a FRC. The procedures for disposition of this media are the same as the disposition for paper records (i.e., preparation of a SF- 115, 135 and 258).
430 Examination and Copying of Departmental Records. Rules and regulations for the examination and copying of DOL records are stated in 29 CFR Part 70. DLMS-5. Chapters 200 and 300 describe procedures and policies for this material consistent with the Freedom of Information and Privacy Acts, as amended.
431 Departmental Subject File Classification. "The Subject File Classification Guide," approved for use by DOL Agencies, is subject-oriented, uses a subject-numeric classifying method and is readily adaptable to the needs of individual offices. An Agency, however, may develop its own classification guide as part of its records schedule. The "Subject File Classification Guide" is available from the Departmental Records Management Program Office.
DOL Agencies should prescribe subject-numeric file classifications for program and other DOL Agency records not covered by the Classification Guide in consultation with the organizational components concerned.
Effective October 1, 2002, Federal agencies are permitted to contract with private entities to store Federal records. There are a number of requirements that must be met in using private facilities, and NARA has provided guidance, which has been included as Appendix C to this policy.
450 Definitions. See Appendix D.
460 Forms. Contact your Agency Records Officer or the Departmental Records Officer located in the Office of the Assistant Secretary for Administration and Management, Business Operations Center, to acquire the necessary forms referenced in this Chapter:
SF-115 Request for Records Disposition Authority
SF-115A Request for Records Disposition Authority Continuation
SF-135 Records Transmittal and Receipt
SF-135A Records Transmittal and Receipt Continuation
SF-258 Agreement to Transfer Records to National Archives of the United States
OF-11 Reference Request-Federal Records Centers
Under the Federal Records Act, there are three categories of records, Federal Records, Non-records and Personal Papers. Detailed descriptions are provided below.
Federal records include books, papers, maps, photographs, machine readable materials, or other documentary materials, regardless of physical form or characteristics, made or received by an agency of the United States Government under federal law or in connection with the transaction of public business and preserved or appropriate for preservation by that agency or its legitimate successor as evidence of the organization, functions, policies, decisions, procedures, operations or other activities of the Government, or because of the informational value of the data in them. (Federal Records Act, 44 U.S.C. 3301). Federal records are used to conduct Departmental business and may include, but are not limited to the following:
- Formal and informal correspondence received or transmitted that document the business transactions and practices of the agency. The media could be electronic or paper.
- Maps, plats, aerial photographs, engineering drawings and architectural drawings relating to the Department and/or its activities.
- Electronic data, data files and computer system documentation for automated information systems created or maintained by the Department to generate various types of text or digital information used to document the Department and/or its activities.
- The input and output materials used in conjunction with the automated information system may also be considered federal record materials.
- Audio-visual materials such as still motion pictures, sound and video recordings, slides and presentations that document the organization, activities, decisions and historical events of the Department.
- Work-related materials, such as preliminary drafts, rough notes, diaries, journals, calendars, schedules, and other similar materials, are Federal records if they contain unique information such as substantive annotations or comments that add to a proper understanding of the Department’s formulation and execution of basic policies, decisions, actions or responsibilities; and
- All record materials described in items (a)(1)- (a)(6) that are created, received or maintained for the Department by contractors are considered Federal records.
Non-records are defined as U.S. Government-owned documentary materials excluded from the legal definition of records or not meeting the requirements of that definition (44 U.S.C. 3301). Non-records include:
- Stocks of publications and of processed documents such as blank forms.
- Exact duplicate copies of official records, regardless of media, that are maintained solely for convenience of reference.
- Museum property acquired by the Department solely for exhibition purposes.
- Books and other library materials purchased or otherwise acquired by the Department for reference use.
- Examples of Non-records:
- Information copies of correspondence, directives, forms, and other documents on which no official action is recorded or taken.
- Routing slips and transmittal sheets that do not provide additional information to that contained in the transmitted material.
- Extra copies of printed or processed materials for which a complete record sets exist.
- Duplicate copies maintained in the same file.
- Non-record Determination:
- The Agency Head, Departmental or Agency Records Officer shall determine federal record or non-record status, after obtaining any necessary advice from the agency’s legal counsel.
- When it is difficult to determine if certain files are federal records or non-records, treat the records as federal records until the Agency Head, Departmental or Agency Records Officer has rendered a decision.
- Non-records should not be filed with federal records.
- Non-records should be destroyed when no longer needed for reference. NARA’s approval is not required to destroy non-record materials.
Personal papers are defined as non-official or private, documentary materials that do not relate to or have an effect on the conduct of agency business. The records are related solely to an individual’s personal affairs and used exclusively for the individual’s convenience.
- The maintenance of personal papers in agency space shall depend on the agency’s approval and compliance with Federal records management laws and procedures.
- Personal papers must be kept separate from federal records and designated as such.
- Examples of Personal papers:
- Materials accumulated by an individual before joining Federal service that are not later used to conduct Government business.
- Materials relating solely to an individual’s family matters, outside business pursuits, professional activities or private political associations. The materials have no connection with agency business.
- Diaries, journals notes, personal calendars and appointment schedules not prepared, received or used in the process of transacting agency business. *Note: If the materials contain work related information, they are federal records.
- Personal papers may be destroyed or removed at the creator’s discretion. It is illegal to remove or destroy official records without proper authorization (18 U.S.C. 2071).
The Department’s Records Management Program follows a three-phase life cycle approach to managing records from creation, maintenance, and use and through final disposition.
- Creation. The first phase of the records management life cycle begins when a record is obtained or created by or for the Department. The record may be developed as a result of legislative, regulatory or administrative requirements. The creation phase may also begin when an organization plans to change existing recordkeeping procedures. This would include plans to automate manual recordkeeping systems. The following records management activities are required during the creation of federal records:
- Distinguish federal records from non-records.
- Ensure only information needed to fulfill the Department’s mission(s) is created and/or received by the Department.
- Identify new or revised records--this includes all automated/electronic recordkeeping systems.
- Determine the level of documentation required in order to successfully carry out the Department’s responsibilities and to protect its legal rights and interests.
- Determine and select the appropriate methods of recording and retrieving the required information for the most efficient and effective use of the records (e.g. paper, electronic or audiovisual).
- Identify records that contain private, proprietary, confidential or other sensitive information that affect the Department’s legal rights and interests.
- Prepare the necessary paperwork to properly schedule new/revised records or automated processing systems.
- Maintenance and Use. The second phase of the life cycle involves organization, storage, access and retrieval of Departmental records. This includes the following records management activities:
- Ensuring non-record materials are separated from Federal record materials.
- Developing the most efficient and effective means of organizing and retrieving records.
- Ensuring records containing private and other sensitive information are adequately protected from unauthorized access.
- Ensuring that electronic records are properly maintained and are retrievable through their entire life span.
- Disposition. The last phase of the life cycle includes actions taken when records are no longer needed to conduct Departmental business. Records must be disposed of in accordance with the General Records Schedules (GRS) or NARA approved SF 115. The appropriate records disposition actions include:
- Temporarily storing records in NARA approved agency storage or in the Federal records center.
- Transferring records from one Federal agency to another.
- Transferring custody of permanent records to NARA.
- Destroying temporary records as outlined in the GRS or the NARA approved SF 115.
U.S. National Archives & Records Administration
August 29, 2002
Memorandum To Agency Records Officers: FY 2003 choice of records center storage providers
Effective October 1, 2002, Federal agencies may contract with private entities for the storage of Federal records currently stored at Federal records centers. Although no NARA approval is required for such contracts, agencies must comply with Federal regulations governing the storage of Federal records at such facilities. This memo serves to remind Federal agencies of key requirements governing this practice. The requirements are fully set forth in 36 CFR Parts 1220, 1222, and 1228.
Regardless of where Federal records are stored, each agency bears responsibility for ensuring that records in its legal custody are stored in appropriate space. An agency must ensure that any records storage facility it uses meets CFR standards. Federal records serve to document Government transactions and protect rights of individuals. They must be stored in appropriate space to ensure that they remain available for their schedule life. The basic facility standards set forth in 36 CFR 1228 subpart K apply to existing NARA and agency records centers and to commercial records storage facilities currently storing records. Certain noted provisions apply only to new records storage facilities. To provide appropriate environmental controls and the best possible protection against records disasters, all new facilities used to store Federal records must meet higher or additional standards that reflect current knowledge on protecting records from damage.
We encourage Federal agencies to keep the following requirements in mind when considering contracts with commercial storage centers.
- Federal agencies may store permanent, temporary (excluding Civilian Personnel Records), and unscheduled records, as well as vital records, at any storage facility that meets the provisions of 36 CFR 1228 subpart K for storage of Federal records (and 36 CFR 1236 for vital records). Special attention must be paid to ensuring appropriate storage conditions for records on non-paper based media (e.g., film, audio tape, magnetic tape), especially those scheduled for long-term or permanent retention. Civilian Personnel Records may only be transferred to the National Personnel Records Center in St. Louis.
- If your agency contracts with a commercial records storage facility, your agency must certify to NARA's Space and Security Management Division, least 45 days prior to first transfer of records, that the facility complies with Subpart K before the agency transfers records to that facility [36 CFR 1228.240(e)]. The General Services Administration has not provided this certification to NARA on behalf of other agencies for commercial facilities on its Federal Supply Schedule.
- If you store agency records in a commercial records storage facility, you must ensure that the contract allows NARA staff access to the records for purposes of conducting a records management evaluation or processing a schedule for disposition of the records [see 36 CFR 1228.154(e)].
- Agencies must maintain the same degree of intellectual control over records stored in commercial records storage facility as records stored in NARA records centers. Moreover, agencies must report to NARA when permanent or unscheduled records are retired for storage to a commercial storage facility [36 CFR 1228.156(c)]. Storage of unscheduled records requires submission of an SF-115 to NARA prior to transfer, and the transfer can occur only after NARA has determined that the SF-115 meets the requirements specified under 36 CFR 1228.154(b).
- Procedures for the disposal of temporary records must include a requirement that the facility notify agency records managers or the creating office prior to the disposal of temporary records unless the disposal is initiated by the agency [36 CFR 1228.156(c)]. Procedures must also ensure that the facility transfers permanent records to the National Archives as individual series spanning one or more years and in accordance with 36 CFR 1228.172.
- Agencies must ensure that records which are security classified or otherwise restricted from disclosure by statute or regulation are stored and maintained in accordance with applicable laws, executive orders, and regulations. Agencies must also ensure that disposable records, including those security classified or otherwise exempt from disclosure, are destroyed in accordance with the requirements specified in 36 CFR 1228.58.
If you have any questions about the 36 CFR 1228 subpart K requirements, please contact Stephen Hannestad, Director of the Space and Security Management Division at 301-837-1790. For questions about other requirements, please contact the appraiser in our Life Cycle Management Division with whom your agency normally works.
Modern Records Programs
Case Files. A series of documents about a person, group, organization, place or event. As a rule, volume and use dictate the case file arrangement. Case files are not usually an integral part of the subject numeric files. Examples include official personnel folders, compliance, enforcement, contract, claimant and litigation files.
Electronic Mail Message. A document created or received on an E-mail system including formal or substantive narrative documents, and any attachments, such as word processing and other electronic documents, which may be transmitted with message.
Electronic Mail (e-mail) System. A computer application used to create, receive and transmit electronic messages and other documents.
Electronic Record. Any information that is recorded in a automated form and that only a computer can process.
Electronic Recordkeeping. Using automated processes to manage the electronic records of an agency. Electronic recordkeeping should preserve the content of electronic records, and their context and structure overtime.
Electronic Recordkeeping System. An automated system in which records are collected, organized, and categorized to facilitate their preservation, retrieval, use, and disposition.
Electronic Records Management. Using automated processes to manage the agency’s records regardless of format: paper, electronic, microform, etc.
Federal Record. Books, papers, maps, photographs, machine readable materials or other documentary materials, regardless of physical form or characteristics, made or received by an agency of the United States Government under Federal Law or in connection with the transaction of public business and preserved or appropriate for preservation by that organization, or functions, policies, decisions, procedures, operations, or other activities of the Government or because of the informational value of data in them.
Inventory. A survey of agency records (paper and electronic) and non-record materials that is conducted primarily to develop a records schedule Standard Form 115, Request for Records Disposition Authority.
Non-records. Non-records are defined as U.S. Government-owned documentary materials excluded from the legal definition of records or not meeting the requirements of federal records.
Permanent Records. Records that have been appraised by NARA as having sufficient historical or other value to warrant continued preservation by the Federal Government beyond the time they are needed for administrative, legal or fiscal purposes.
Personal Papers. Documentary materials belonging to an individual that are not used to conduct agency business. Related solely to an individual’s own affairs or used exclusively for that individual’s convenience.
Recordkeeping System. A recordkeeping system is a manual or automated system in which records are collected, organized, and categorized to facilitate their creation, preservation, use, retrieval and disposition.
Records Schedule. Records whose final disposition has been approved by NARA, through submission of a SF 115, Request for Records Disposition Authority.
Temporary Records. Records approved by NARA for disposal, either immediately or after a specified retention period.
Working Files. A collection of drafts, transactions, tapes, extra copies of correspondence, and other preliminary materials related to a particular project. Although working file materials record certain activities and are included in the definition of records, their documentary value ceases after the purpose is served, unless the records are needed to document the official file.
March 19, 2002
MEMORANDUM FOR DEPARTMENTS AND AGENCIES
FROM: LAURA L.S. KIMBERLY /s/
Information Security Oversight Office
National Archives and Records Administration
RICHARD L. HUFF /s/
DANIEL J. METCALFE /s/
Office of Information and Privacy
Department of Justice
SUBJECT: Safeguarding Information Regarding Weapons of Mass Destruction and Other Sensitive Records Related Homeland Security
At the request of the Assistant to the President and Chief of Staff, we have prepared this memorandum to provide guidance for reviewing Government information regarding weapons of mass destruction, as well as other information that could be misused to harm the security of our nation or threaten public safety. It is appropriate that all federal departments and agencies consider the need to safeguard such information on an ongoing basis and also upon receipt of any request for records containing such information that is made under the Freedom of Information Act (FOIA), 5 U.S.C. ' 552 (2000). Consistent with existing law and policy, the appropriate steps for safeguarding such information will vary according to the sensitivity of the information involved and whether the information currently is classified.
I. Classified Information
- If the information currently is classified and is equal to or less than 25 years old, it should remain classified in accordance with Executive Order 12958, Sec. 1.5 and Sec. 1.6. Although classified information generally must be declassified within 10 years of its original classification, classification or reclassification may be extended for up to 25 years in the case of information that could reasonably be expected to "reveal information that would assist in the development or use of weapons of mass destruction." Id., Sec. 1.6(d)(2).
- If the information is more than 25 years old and is still classified, it should remain classified in accordance with Executive Order 12958, Sec. 3.4(b)(2), which authorizes agency heads to exempt from automatic declassification any "specific information, the release of which should be expected to . . . reveal information that would assist in the development or use of weapons of mass destruction." (Agencies should note that the automatic declassification date for any classified information over 25 years old that involves the equities of more than one agency was extended until April 2003 by Executive Order 13142. Agencies have until then to exempt such information from automatic declassification under any one of the pertinent exemption categories in Executive Order 12958, Sec. 3.4(b).)
In this regard, agencies should note that Department of Defense (DOD) information that involves the equities of more than one DOD component is considered to have multi-agency equities. Information maintained by the Defense Technical Information Center (DTIC) or the National Archives and Records Administration (NARA) also is deemed to have multi-agency equities, i.e., those pertaining to DTIC or NARA and those pertaining to the component agency or agencies that created the information.
II. Previously Unclassified or Declassified Information
- If the information, regardless of age, never was classified and never was disclosed to the public under proper authority, but it could reasonably be expected to assist in the development or use of weapons of mass destruction, it should be classified in accordance with Executive Order 12958, Part 1, subject to the provisions of Sec. 1.8(d) if the information has been the subject of an access demand (or Sec 6.1(a) if the information concerns nuclear or radiological weapons).
- If such sensitive information, regardless of age, was classified and subsequently was declassified, but it never was disclosed to the public under proper authority, it should be reclassified in accordance with Executive Order 12958, Part 1, subject to the provisions of Sec. 1.8(d) if the information has been the subject of an access demand (or Sec 6.1(a) if the information concerns nuclear or radiological weapons).
III. Sensitive But Unclassified Information
In addition to information that could reasonably be expected to assist in the development or use of weapons of mass destruction, which should be classified or reclassified as described in PartsI and II above, departments and agencies maintain and control sensitive information related to America's homeland security that might not meet one or more of the standards for classification set forth in Part 1 of Executive Order 12958. The need to protect such sensitive information from inappropriate disclosure should be carefully considered, on a case-by-case basis, together with the benefits that result from the open and efficient exchange of scientific, technical, and like information.
All departments and agencies should ensure that in taking necessary and appropriate actions to safeguard sensitive but unclassified information related to America's homeland security, they process any Freedom of Information Act request for records containing such information in accordance with the Attorney General's FOIA Memorandum of October 12, 2001, by giving full and careful consideration to all applicable FOIA exemptions. See FOIA Post, "New Attorney General FOIA Memorandum Issued" (posted 10/15/01), which discusses and provides electronic links to further guidance on the authority available under Exemption 2 of the FOIA, 5 U.S.C. ' 552(b)(2), for the protection of sensitive critical infrastructure information. In the case of information that is voluntarily submitted to the Government from the private sector, such information may readily fall within the protection of Exemption 4 of the FOIA, 5 U.S.C. ' 552(b)(4).
As the accompanying memorandum from the Assistant to the President and Chief of Staff indicates, federal departments and agencies should not hesitate to consult with the Office of Information and Privacy, either with general anticipatory questions or on a case-by-case basis as particular matters arise, regarding any FOIA-related homeland security issue. Likewise, they should consult with the Information Security Oversight Office on any matter pertaining to the classification, declassification, or reclassification of information regarding the development or use of weapons of mass destruction, or with the Department of Energy's Office of Security if the information concerns nuclear or radiological weapons.
U.S. National Archives & Records Administration
Government Paperwork Elimination Act (GPEA)
Records Management Guidance for Agencies Implementing Electronic Signature Technologies
October 18, 2000
- Executive Summary
- Records Life Cycle vs. System Development Life Cycle
- Trustworthy Records
- Characteristics of Trustworthy Records
- Preserving Trustworthy Records
- What approaches are available to agencies to ensure the trustworthiness of electronically-signed records over time?
- What steps should agencies follow to ensure that electronically-signed records are trustworthy?
- Other Records Management Issues
- What new records may be created by electronic signature technology?
- How do agencies determine which of these electronic signature records to retain?
- Transferring electronic signature record material from contractors to agencies.
- When must an agency modify its records schedule to cover electronic signature records?
- Special considerations relating to long-term, electronically-signed records that preserve legal rights.
- NARA requirements for permanent, electronically-signed records.
- Appendix A - Key Terms and Definitions
- Appendix B - For Further Information and Assistance
1.0 Executive Summary
An agency's decisions concerning how to adequately document program functions, its risk assessment methodologies, and its records management practices are essential and interrelated aspects of an electronic signature initiative. The following key points are discussed more fully in this guidance:
- Agencies must consider records management requirements when implementing the Government Paperwork Elimination Act (GPEA). (See: Section 2.0)
- If the electronically signed record needs to be preserved, whether for a finite period of time or permanently, then the agency needs to ensure its trustworthiness over time. (See: Section 4.0)
- There are various approaches to ensure the trustworthiness of electronically-signed records. (See: Section 4.3)
- Information systems that agencies use to implement the electronic signature requirements of GPEA, will produce new records or augment existing records. (See: Section 5.1.)
- Agencies determine which electronic signature records to retain based on their operational needs and perceptions of risk. (See: Section 5.2)
- Agencies are not authorized to dispose of records without an approved records disposition authority from the National Archives and Records Administration (NARA). (See: Section 2.0)
- Agencies should develop records schedules with proposed retention periods for new records for NARA to review. Records disposition authorities for existing records may need to be modified. (See: Sections 5.1 and 5.4)
- Electronically-signed records documenting legal rights and electronically-signed records that must be retained permanently have special considerations. (See: Sections 5.5 and 5.6)
- When agencies use third party contractors they can use specific contract language to help ensure that records management requirements are met. (See: Section 5.3)
The Government Paperwork Elimination Act (GPEA, Pub. L. 105-277) requires that, when practicable, Federal agencies use electronic forms, electronic filing, and electronic signatures to conduct official business with the public by 2003. In doing this, agencies will create records with business, legal and, in some cases, historical value. This guidance focuses on records management issues involving records that have been created using electronic signature technology. It supplements the Office of Management and Budget (OMB) guidance for agencies implementing the GPEA, as well as other National Archives and Records Administration (NARA) guidance.
A sound records management program is an integral part of an agency's standard business operations. Agencies must consider records management requirements when implementing the GPEA, or whenever they design or augment an electronic information system. Federal agencies are required by the Federal Records Act (44 U.S.C. 3101) to "make and preserve records containing adequate and proper documentation of the organization, functions, policies, decisions, procedures, and essential transactions of the agency." This requirement applies to electronic records as well. Agencies that do not consistently adhere to standard records management practices run the risk of not having records that can be depended upon in the course of subsequent business transactions or activities.
This guidance is directed both toward information technology (IT) specialists who establish electronic signature systems and who may not be familiar with the records management implications, and toward agency records management personnel. Good IT practices complement or parallel good records management practices. In systems implemented as a result of the GPEA, records management requirements will form the core of the IT system requirements. In implementing electronic signature technologies, IT professionals need to be aware that signatures are an integral part of a record. If the record needs to be preserved, whether for a finite period of time or permanently, then the agency needs to ensure the trustworthiness of the electronically-signed record over time.
The Archivist of the United States must approve the disposition of Federal records by means of a NARA-approved records disposition authority or records control schedule before agencies can destroy them. (44 USC 3303a(a)). New information systems or records series that have not been scheduled (i.e. do not have a records disposition authority) need to be appraised by NARA. Agency records management staff should contact NARA to begin the scheduling process. Further information on scheduling records and NARA records management guidance is available on the NARA web site and in NARA publications. See Appendix B for further information about NARA's records management programs and services.
This guidance discusses the records management principles that apply to electronic signature technology generally. Electronic signatures may be accomplished by several different technologies, such as Personal Identification Number (PIN), digital signatures, smart cards and biometrics. If additional technology-specific records management guidance is necessary, NARA will work with agencies to develop it.
This guidance does not deal with records management issues associated with the electronic information systems used to generate electronic signatures. Those issues are covered in other NARA guidance documents. This guidance also does not deal with issues related to the Freedom of Information Act (FOIA) and the Privacy Act, which fall under the purview of the Department of Justice and the Office of Management and Budget, respectively.
3.1 Records Life Cycle vs. System Development Life Cycle
The terms "records life cycle" and "system development life cycle" are important concepts that are sometimes confused in information technology and records management discussions.
Records life cycle: The records life cycle is the life span of a record from its creation or receipt to its final disposition. It is usually described in three stages: creation, maintenance and use, and final disposition. Much of this guidance deals with the creation stage because the electronic signature record is created during the first stage of the records life cycle. The second stage, maintenance and use, is the portion of the records life cycle in which the record is either maintained at the agency while in active use, or is maintained off-line when use is less frequent. The final stage of the records life cycle is disposition, which describes the ultimate fate of the record. Federal records are categorized as having either a "temporary" or "permanent" disposition status. Temporary records are held by agencies for specified time periods before they are destroyed or deleted. Permanent records are first held by agencies and then legally transferred to NARA. Electronically-signed records may be either temporary or permanent. The eventual disposition of electronically-signed records is subject to negotiation between the agency and NARA, but agencies are not authorized to dispose of records without approval from NARA.
System development life cycle: The "system development life cycle" describes the phases of development of an electronic information system. These phases typically include initiation, definition, design, development, deployment, operation, maintenance, enhancement, and retirement. A significant step in several of the stages is the definition, development, and refinement of the data model that includes treatment of the records being created or managed. Information systems developed according to system development methodologies, including those that agencies use to implement the electronic signature requirements of GPEA, will produce new records or augment existing records.
The records life cycle often exceeds the system development life cycle. When it does the agency needs to retain the record for a period of time longer than the life of the electronic information system that generated the electronic signature. This presents special challenges, such as maintaining the trustworthiness of the record when migrating from one system to another.
4.0 Trustworthy Records
4.1 Characteristics of Trustworthy Records
Reliability, authenticity, integrity, and usability are the characteristics used to describe trustworthy records from a records management perspective. An agency needs to consider these characteristics when planning to implement an electronic signature technology so that it can meet its internal business and legal needs, and external regulations or requirements. The degree of effort an agency expends on ensuring that these characteristics are attained is dependent on the agency's business needs or perception of risk. (See: Section 5.2 for a discussion of risk assessment.) Transactions that are critical to the agency business needs may need a greater assurance level that they are reliable, authentic, maintain integrity and are usable than transactions of less critical importance. For guidance on whether records are trustworthy for legal purposes, consult your Office of General Counsel.
Reliability: A reliable record is one whose content can be trusted as a full and accurate representation of the transactions, activities, or facts to which it attests and can be depended upon in the course of subsequent transactions or activities.
Authenticity: An authentic record is one that is proven to be what it purports to be and to have been created or sent by the person who purports to have created and sent it.
A record should be created at the point in time of the transaction or incident to which it relates, or soon afterwards, by individuals who have direct knowledge of the facts or by instruments routinely used within the business to conduct the transaction.
To demonstrate the authenticity of records, agencies should implement and document policies and procedures which control the creation, transmission, receipt, and maintenance of records to ensure that records creators are authorized and identified and that records are protected against unauthorized addition, deletion, and alteration.
Integrity: The integrity of a record refers to it being complete and unaltered.
It is necessary that a record be protected against alteration without appropriate permission. Records management policies and procedures should specify what, if any, additions or annotations may be made to a record after it is created, under what circumstances additions or annotations may be authorized, and who is authorized to make them. Any authorized annotation or addition to a record made after it is complete should be explicitly indicated as annotations or additions.
Another aspect of integrity is the structural integrity of a record. The structure of a record, that is, its physical and logical format and the relationships between the data elements comprising the record, should remain physically or logically intact. Failure to maintain the record's structural integrity may impair its reliability and authenticity.
Usability: A usable record is one which can be located, retrieved, presented, and interpreted. In any subsequent retrieval and use, the record should be capable of being directly connected to the business activity or transaction which produced it. It should be possible to identify a record within the context of broader business activities and functions. The links between records which document a sequence of activities should be maintained. These contextual linkages of records should carry the information needed for an understanding of the transaction that created and used them.
4.2 Preserving Trustworthy Records
For a record to remain reliable, authentic, with its integrity maintained, and usable for as long as the record is needed, it is necessary to preserve its content, context, and sometimes its structure. A trustworthy record preserves the actual content of the record itself and information about the record that relates to the context in which it was created and used. Specific contextual information will vary depending upon the business, legal, and regulatory requirements of the business activity (e.g., issuing land use permits on Federal lands). It also may be necessary to preserve the structure or arrangement of its parts. Failure to preserve the structure of the record will impair its structural integrity. That, in turn, may undermine the record's reliability and authenticity.
There are special considerations when dealing with the preservation of the content, context, and structure of records that are augmented by electronic signatures:
- Content: The electronic signature or signatures in a record are part of the content. They indicate who signed a record and whether that person approved the content of the record. Multiple signatures can indicate initial approval and subsequent concurrences. Signatures are often accompanied by dates and other identifiers such as organization or title. All of this is part of the content of the record and needs to be preserved. Lack of this information seriously affects a document's reliability and authenticity.
- Context: Some electronic signature technologies rely on individual identifiers that are not embedded in the content of the record, trust paths, and other means to create and verify the validity of an electronic signature (see Section 5.1). This information is outside of the content of the record, but is nevertheless important to the context of the record as it provides additional evidence to support the reliability and authenticity of the record. Lack of these contextual records seriously affects one's ability to verify the validity of the signed content.
- Structure: Preserving the structure of a record means its physical and logical format and the relationships between the data elements comprising the record remain physically and logically intact. An agency may determine that it is necessary to maintain the structure of the electronic signature. In that case it is necessary to retain the hardware and software that created the signature (e.g., chips or encryption algorithms) so that the complete record could be revalidated at a later time as needed.
4.3 What approaches are available to agencies to ensure the trustworthiness of electronically-signed records over time?
There are various approaches agencies can use to ensure the trustworthiness of electronically-signed records over time. Agencies will choose an approach that is practical for them and will fit their business needs and risk assessment. Below is a discussion of two different approaches that agencies have used.
One approach: An agency may choose to maintain adequate documentation of the records' validity, such as trust verification records, gathered at or near the time of record signing. This approach requires agencies to retain contextual information to adequately document the processes in place at the time the record was electronically-signed, along with the electronically-signed record itself. The additional contextual information must be retained for as long as the electronically-signed record is retained. Thus the agency preserves the signature's validity and meets the adequacy of documentation requirements by retaining the contextual information that documented the validity of the electronic signature at the time the record was signed.
Maintaining adequate documentation of validity gathered at or near the time of record signing may be preferable for records that have permanent or long-term retentions since it is less dependent on technology and much more easily maintained as technology evolves over time. However, using this approach, the signature name may not remain readable over time because of bit-wise deterioration in the record or as a result of technological obsolescence. Agencies must ensure that for permanent records the printed name of the signer and the date when the signature was executed be included as part of any human readable form (such as electronic display or printout) of the electronic record.
Another approach: An agency may choose to maintain the ability to re-validate digital signatures. The re-validation approach requires agencies to retain the capability to revalidate the digital signature, along with the electronically-signed record itself. The information necessary for revalidation (i.e., the public key used to validate the signature, the certificate related to that key, and the certificate revocation list from the certificate authority that corresponds to the time of signing) must be retained for as long as the digitally-signed record is retained. Both contextual and structural information of the record must be retained, as described in Section 4.2.
This approach is potentially more burdensome, particularly for digitally-signed records with long retention needs, due to issues of hardware and software obsolescence. If an agency chooses this approach for permanent records, it must contact NARA to discuss what they will need to do to transfer the records to NARA. As in the first approach, the agency must ensure that the printed name of the electronic signer and the date when the signature was executed be included as part of any human readable form (such as electronic display or printout) of the electronic record.
Special considerations for records documenting legal rights and records that must be retained permanently are discussed in Sections 5.5 and 5.6, respectively.
Irrespective of the approach an agency takes, some form of technical non-repudiation services must be implemented to protect the reliability, authenticity, integrity, and usability, as well as the confidentiality, and legitimate use of electronically-signed information. Non-repudiation is one of the essential security services in computing environments, being mainly applied in message handling systems and electronic commerce. The non-repudiation services that are being used in e-commerce can also be used in ascertaining the reliability of electronically-signed records. Non-repudiation services provide irrefutable evidence that an action took place. The services protect one party to a transaction (e.g., electronically signing a record) against the denial of the other party that a particular event or action took place. The services also provide safeguards that protect all parties from a false claim that a record was tampered with or not sent or received.
There are multiple frameworks for non-repudiation and agencies will choose the framework that matches their needs. One possible framework is the ISO (International Organization for Standardization) non-repudiation model (Non-repudiation - Part 1: General Model, ISO/IEC JTC1/SC27 N1503, November 1996; Non-repudiation - Part 2: Using symmetric techniques, ISO/IEC JTC1/SC27 N1505, November 1996). The essential elements of the ISO model are listed below:
- Evidence of the Origin of the Message & Verification: This shows that the originator created the message (electronically-signed record). The sender (person signing the record electronically) has to create a proof-of-origin certificate using the non-repudiation service. The electronically-signed record can be sent to another party (receiver of the electronically-signed record or another application for further processing) using the non-repudiation delivery authority service. The receiver has to store this evidence using the non-repudiation storage service. In case of dispute, the sender can later retrieve this evidence.
- Evidence of Message Receipt: This proves that the message (electronically-signed record) was delivered. The recipient must create and send a proof of receipt certificate using non-repudiation delivery authority service. The sender receives this evidence and stores it using the non-repudiation storage service; it can later be retrieved if there is a dispute.
- Transaction Timestamp: This timestamp is generated by the non-repudiation service as part of the evidence that an event or action took place.
- Long-term Storage Facility: This is used to store the certificates of origin and receipt. If there is a dispute, the adjudicator uses this storage facility to retrieve the evidence. Depending on the length of storage, it might be necessary to address software and hardware migration concerns as part of the design of this facility.
- The Adjudicator: The adjudicator is used to settle disputes based on stored evidence if either the sender or the receiver of electronically-signed records makes false claims.
Modified from: Orfali, Robert, Harkey, Dan, & Jeri Edwards. Client-Server Survival Guide. John Wiley & Sons: New York, 1999, p. 144.
4.4 What steps should agencies follow to ensure that electronically-signed records are trustworthy?
To create trustworthy records with electronic signatures an agency should:
- Create and maintain documentation of the systems used to create the records that contain electronic signatures.
- Ensure that the records that include electronic signatures are created and maintained in a secure environment that protects the records from unauthorized alteration or destruction.
- Implement standard operating procedures for the creation, use, and management of records that contain electronic signatures and maintain adequate written documentation of those procedures.
- Create and maintain records according to these documented standard operating procedures.
- Train agency staff in the standard operating procedures.
- Obtain official disposition authorities from NARA for both the records that contain electronic signatures and for the associated records which are necessary for trustworthy records (see Section 4.0). (Having official disposition authorities will assist the agency when faced with demands to produce records that have been destroyed according to these authorities.)
5.0 Other Records Management Issues
5.1 What new records may be created by electronic signature technology? Agency decisions to accept or create electronically-signed records will generate new types of associated records. Agencies must identify the content, context, and structure of records with electronic signatures and determine what they will need to preserve to have trustworthy records for the agency's purposes. The following list includes many of the records that might be associated with an electronic signature initiative. These records need to be scheduled (have approved disposition authorities from NARA) in coordination with the electronically-signed records to which they relate.
- Documentation of individual identities: Information the agency uses to identify and authenticate a particular person as the source of an electronically-signed record. Examples of this would be a pin number or digital certificate assigned to an individual. This information may be passed to individuals via written correspondence, and do not necessarily appear in the electronically-signed record. Depending on method of implementation, this is either content or context.
- Electronic signatures: A method of signing an electronic document that identifies and authenticates a particular person as the source of the message and indicates such person's approval of the information contained in the electronic message. The electronic signature may be embedded in the content of the record, or it may be stored separately. If an electronic signature technology separates the signature from the rest of the record, it must be associated in some way and captured in the recordkeeping system to preserve the complete content of the record.
- Trust verification records: Records that the agency deems necessary to document when and how the authenticity of the signature was verified. An example of this would be an Online Certificate Status Protocol (OCSP) or other response from a Certificate Authority server. This is context information.
- Certificates: The electronic document that binds a verified identity to the public key that is used to verify the digital signature in public key infrastructure implementations. This is context information.
- Certificate Revocation List: In public key infrastructure implementations, a list of certificates that a Certificate Authority has revoked at a particular time. When a Certificate Authority places a certificate on a revocation list, an agency application may reject the digital signature. This is context information.
- Trust paths: In public key infrastructure implementations, a chain of certificates of trusted third parties between parties to a transaction which ends with the issuance of a certificate that the relying party trusts. The trust path is one of the data necessary for validation of a received digital signature. This is context information.
- Certificate policy: In public key infrastructure implementations, a set of rules that defines the applicability of a certificate to a particular community and/or class of application with common security requirements. This is context information.
- Certificate practice statements: In public key infrastructure implementations, a certification authority's statement of practice for issuing certificates. This is context information.
- Hashing/encryption/signing algorithms: Software for generating computational calculations used to create or validate digital signatures. This is structure information.
5.2 How do agencies determine which of these electronic signature records to retain?
Agencies establish records management practices based on their operational needs and perceptions of risks. Operational needs are determined on the basis of the approach taken to ensuring the trustworthiness of electronically-signed records over time (see Section 4.3). Risk assessment and risk mitigation, along with other methodologies, are used to establish documentation requirements for agency activities. A risk assessment should consider the possible consequences of lost or unrecoverable records, including the legal risk and financial costs of potential losses, the likelihood that a damaging event will occur, and the costs of taking mitigating actions. Risk is defined here, from NARA's perspective, as (1) a risk of challenge to the records (e.g., legal challenge) that can be expected over the life of the record, and (2) the degree to which the agency or citizens would suffer loss if the trustworthiness of the electronically-signed records could not be adequately documented. Risk assessment also can be applied to records of electronic signature programs to determine the level of documentation required for signature validation. The concepts of reliability, authenticity, integrity, and usability as discussed in Section 4.1, may help agencies establish criteria for the types of electronic signature-related records they need to retain to document their programs.
5.3 Transferring electronic signature record material from contractors to agencies
As the Government begins to interact with citizens electronically, agencies may employ third party contractors to integrate electronic signature technology into their business processes. The General Services Administration's Access Certificates for Electronic Services (ACES) program is an example. Use of a third party contractor does not relieve an agency of its obligation to provide adequate and proper documentation of electronic signature record material. When agencies use third party contractors they can use specific contract language to help ensure that records management requirements are met. It may be necessary for agencies to make special provisions for obtaining electronic signature record material from third parties or to ensure that the third parties adhere to the records schedule retention requirements.
5.4 When must an agency modify its records schedule to cover electronic signature records?
Records schedules are the business rules that describe the types of records an agency produces and the retention periods for those records. Records schedules need to be modified when:
- new records, such as those listed in Section 5.1 are created;
- the agency determines that incorporation of an electronic signature into a record will result in changes to the retention period for that record;
- incorporation of the electronic signature and/or resulting parallel changes in the work process significantly changes the character of the record.
NARA will provide agency records officers with specific guidance on scheduling. If an agency is applying electronic signature technology to records scheduled for permanent retention, please contact NARA.
5.5 Special considerations relating to long-term, electronically-signed records that preserve legal rights.
When implementing electronic signature technology, agencies should give special consideration to the use of electronic signatures in electronic records that preserve legal rights. Because long-term temporary and permanent electronically signed records have greater longevity than typical software obsolescence cycles, it is virtually certain that agencies will have to migrate those records to newer versions of software to maintain access. The software migration (as opposed to media migration) process may invalidate the digital signature embedded in the record. This may adversely affect an agency's ability to recognize or enforce the legal rights documented in those records.
5.6 NARA requirements for permanent, electronically-signed records
For permanent records, agencies must ensure that the printed name of the electronic signer, as well as the date when the signature was executed, be included as part of any human readable form (such as electronic display or printout) of the electronic record. NARA requires this so that the name of the signer will be preserved as part of the record.
Appraisal: The process of determining the value and thus the disposition of records (i.e., designating them temporary or permanent) based upon their current administrative, legal, and fiscal use; their evidential and informational value; their arrangement and condition; their intrinsic value; and their relationship to other records. (Society of American Archivists Glossary)
NOTE: Many of these definitions are taken from Lewis J. Bellardo and Lynn Lady Bellardo, comps., A Glossary for Archivists, Manuscript Curators, and Records Managers, Archival Fundamentals Series (Chicago: The Society of American Archivists, 1992).
Authenticity: An authentic record is one that is proven to be what it purports to be and to have been created or sent by the person who purports to have created and sent it.
Certificate Authority [CA]: As part of a public key infrastructure, an authority in a network that issues and manages security credentials and public keys for message encryption and decryption.
Content: The information that a document is meant to convey (Society of American Archivists Glossary). Words, phrases, numbers, or symbols comprising the actual text of the record that were produced by the record creator.
Context: The organizational, functional, and operational circumstances in which documents are created and/or received and used (Society of American Archivists Glossary). The placement of records within a larger records classification system providing cross-references to other related records.
Documentation: 1. In archival usage, the creation or acquisition of documents to provide evidence of the creator, an event, or an activity. 2. In electronic records, an organized series of descriptive documents explaining the operating system and software necessary to use and maintain a file and the arrangement, content, and coding of the data which it contains. (Society of American Archivists Glossary)
Electronic signature: A technologically neutral term indicating various methods of signing an electronic message that (a) identify and authenticate a particular person as source of the electronic message; and (b) indicate such person's approval of the information contained in the electronic message (definition from GPEA, Pub.L. 105-277). Examples of electronic signature technologies include PINs, user identifications and passwords, digital signatures, digitized signatures, and hardware and biometric tokens.
General records schedule: A records schedule governing specified series of records common to several or all agencies or administrative units of a corporate body (Society of American Archivists Glossary). The NARA General Records Schedules (GRS) provide disposition authority for temporary administrative records common to several or all agencies of the Federal Government.
Integrity: The integrity of a record refers to its being complete and unaltered.
Non-repudiation: Steps taken by an agency to provide assurance, via the use of an audit trail, that a sender cannot deny being the source of a message, and that a recipient cannot deny receipt of a message.
Online Certificate Status Protocol [OCSP]: A draft Internet communications protocol of the IETF X.509 PKI Working Group that is useful in determining the current status of a digital certificate without requiring certificate revocation lists.
Public Key Infrastructure [PKI]: An IT infrastructure that enables users of a basically unsecure public network such as the Internet to securely and privately exchange data through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority.
Record: All books, papers, maps, photographs, machine readable materials, or other documentary materials, regardless of physical form or characteristics, made or received by an agency of the U.S. Government under Federal law or in connection with the transaction of public business and preserved or appropriate for preservation by that agency or its legitimate successor as evidence of the organization, functions, policies, decisions, procedures, operations, or other activities of the Government or because of the informational value of data in them (44 U.S.C. 3301).
Recordkeeping System: A manual or automated system in which records are collected, organized, and categorized to facilitate their preservation, retrieval, use, and disposition.
Records Schedule: A document describing records of an agency, organization, or administrative unit, establishing a timetable for their life cycle, and providing authorization for their disposition (Society of American Archivists Glossary), i.e., off-site storage followed by destruction or transfer to the National Archives.
Record Series: File units or documents arranged in accordance with a filing system or maintained as a unit because they result from the same accumulation or filing process, the same function, or the same activity; have a particular form; or because of some other relationship arising out of their creation, receipt, or use. (Society of American Archivists Glossary)
Reliability: A reliable record is one whose contents can be trusted as a full and accurate representation of the transactions, activities, or facts to which they attest and can be depended upon in the course of subsequent transactions or activities.
Re-validation: Re-confirming the validation process for a previously validated electronic signature.
Structure: The physical and logical format of a record and the relationships between the data elements.
Usability: A usable record is one which can be located, retrieved, presented and interpreted.
Validation: The process by which a message/record is confirmed to have originated from an authenticated network user, that is, one who has appropriately established his/her identity on the network.
In addition to the policy guidance available from the agency's records officer, information resource management officials, legal counsel, and inspector general, records management assistance is available to Federal agencies through several NARA offices and programs. Agencies will find the most current list of NARA records management contacts and programs posted on the NARA Records Management web page.
Records management policy and guidance is also available through the NARA web site. Links to Federal regulations, records management publications, NARA Bulletins, and other valuable resources are available at the Archive website. Agency staff looking for up to date information and help with electronic records issues should visit the Fast Track Guidance Development Project site. ). The Fast Track Project is an initiative to get available electronic records information out to agencies while NARA continues to develop more complete and longer-term solutions.
Agencies may also write or call for further information:
Office of Records Services - Washington, DC, Modern Records Programs
Life Cycle Management Division, NWML
National Archives at College Park
8601 Adelphi Road
College Park, MD 20740-6001
The Life Cycle Management Division receives and reviews all records disposition requests submitted to NARA by Federal agencies and provides records management training open to all Federal employees. The division is organized into six workgroups, each of which is assigned responsibilities for specific Federal Agencies. This liaison structure ensures that agencies will be able to discuss their records issues with someone who is familiar with their agency and their records. The list of workgroups and agency assignments is available. The schedule of records management training classes is available.
Agency offices and programs outside of Washington, DC, may also contact the records management staff at one of the NARA regional records services facilities. A list of these facilities is available on the web . The NARA regional facilities also offer records management training. The schedule of regional classes is available.
Agencies may write or call for further information about NARA's regional records services:
Office of Regional Records Services, NR
National Archives at College Park
8601 Adelphi Road
College Park, MD 20740-6001