Category: Compliance

The actual problem that record keeping has to solve.

Karl MelroseLeave a comment

Is that the driver for the completion of work isn’t record keeping.

The driver for the completion of work is either customers, or co-workers, or managers.

Record keeping, when left to be done manually, is always a deviation from the critical path to getting stuff done.

So the problem that record keeping has to solve isn’t “how do we make everyone great record keepers”, it’s “how do we put record keeping in the critical path”.

When it’s in the critical path, it gets done – because it’s the only option.

The two ways to fail an audit, and how to avoid one of them.

Karl MelroseLeave a comment

There are only actually two reasons to fail an audit:

  1. You’re not doing the right things.
  2. You can’t prove you did the right things.

Doing the right things is obvious.

What is less obvious, is proving that the right things were done.

If you work in a regulated organisation, at some point the auditors are going to show up. When they do, they’re going to ask you for your records. Records are your evidence that you did the right things.

If you don’t have a records management program, chances are, you’re failing at capturing the right evidence, or you’re handling the audit process with a massive overcommitment of resources.

A records management program starts with a great records manager. A great records manager will review your regulations, work out what needs to be captured to provide evidence, and then execute a program to ensure that it is.

Then all you need to do is make sure your organisation does the right things.

The relationship between records and compliance, and the risks of doing records badly.

Karl MelroseLeave a comment

Records are evidence of compliance.

To destroy information which is evidence of compliance, is to destroy a record.

The risks of doing Records Management poorly are that information proving compliance – 

  • Won’t be available when you need it because it has been deleted or lost.
  • Will be difficult (ie. expensive and time consuming) to find.
  • Will be incomplete, and will require significant time and effort to assemble into a comprehensive record.

The consequences of failing at Records starts with failing audit. Depending on your industry, there can also be other consequences that range from inconvenience and fines, to quite literally killing people.

I’ve simplified greatly here because I’ve discovered that Records have different meanings in different contexts. I think that’s part of the reason why record keeping isn’t held in much higher regard as a discipline, and why certain industries are doing it so badly (and failing audits left, right and centre).

What I’ve found by industry – 

  • Government agencies know what records are, but generally under-fund it.
  • Health organisations think that they’re about patients (all patients have records, but not all records are about patients).
  • The greater private sector thinks they’re in accounting, but have people in risk actually performing records management duties.

Records are evidence of compliance. If you have legislation, regulation or standards to comply with, records are the evidence that you can give an auditor that’s going to get them out of the building quickly. The longer the auditors are with you, the higher your risk is.