Evidence Based Non-Custodial Records Management

Records management is a practice with thousands of years of history.

Or at least, custodial records management is.

Non-custodial records management though, isn’t the same thing.

It’s being practiced every day in systems that aren’t designed for it, by people who don’t understand it – or want to understand it.

So where is our evidence for the way we practice in this environment?

The more I read, the more I see re-interpretation of old ideas.

The problem with this is that the old ideas are based on old economics, and the new ideas are based on ideas about convenience that we don’t believe in, or that just don’t work.

Three examples –

  • Our ideas about disposition are influenced by the economics of storing a box for $5/month, do they still make sense when the cost to store an electronic “box equivalent” for 100 years is less than $1?
  • Sentencing on creation through integration of a business classification scheme and a disposal schedule is an idea that has been put into practice everywhere, but I find that about 2 in 100 organisations trust it enough to actually dispose of records based on the sentence, the others check manually – at $25+ an hour.
  • Function/Activity/Transaction is the gold standard for classification scheme design, but does it lead to higher quality records? My own experience has been that classification schemes are often a large barrier to records system usage.

Where is the evidence about what works?

How much of what we do by default now is more dogma than effective evidence based practice?

We can’t tell business units that they are the custodians of their records and then tell them that they’re not their records.

This is a strange dichotomy that I’ve run into continually over the last few years.

I’ll talk to a records team who will tell me that they’re not responsible for the quality of the records in the system because the business are the custodians of the records.

They’ll then talk to the same business unit who are not doing what the records team wants them to do, and tell them that the records aren’t theirs, they’re the organisations.

So which is it?

What are the predictable outcomes from that option?

How can records be a credible supplier of service if it doesn’t talk about its impact on organisational performance?

I’ve been looking into benchmarking of records across organisations.

Benchmarking is one of the simple ways that a functional area of an organisation can show that it is a credible supplier to the organisation it serves.

The problem I’m finding is that none of the benchmarking studies address organisational performance, or even the ability to perform to objectives that make sense.

State records studies are particularly odd.

They address attitudes, knowledge, access to training and many other things.

It’s what they don’t address though that I find odd:

  1. Actual compliance.
  2. Outcomes and the costs to achieve them.
  3. Ability to comply with administrative reviews and other reviews that records is purpose built for.
  4. The impact of records on business performance.

If we can’t benchmark these types of things, how do we know we’re credible suppliers of service to our organisations?

If we can’t compare ourselves to one another, how do we know who is doing well, and who we can talk to about how we improve our practice?

How do we know we’re any good?

If you’ve found a great benchmark that’s helped you benchmark and improve your practice – I’d love to know what it was.

The function that should be part of every records team

Is internal audit.

One of the things that keeps organisations (particularly government organisations) investing in records is the threat that the organisations process will be subject to a legal or administrative review.

So how do organisations test their ability to respond to these types of reviews effectively?

Generally they wait until they’re the subject of such a review, and then make heroic efforts to find everything they need.

But why is that?

Why isn’t internal “administrative auditing” a regular part of records management?

How do we know if we are being effective if we don’t audit?

The executive value of a records management program.

Senior people, what’s the thing they are most focused on?

That’s an impossible question to give a single answer to, but you can bet its one or two things that are large, complex and important, and that they want to stay laser focused on.

Ultimately, this means that a records program has three types of value to an executive –

  1. It can help them succeed at one of the things they are focused on.
  2. It can reduce risk to the things they’re focused on.
  3. It can stop them being dragged away from the thing they’re focused on.

Assurance of success, prevention of failure, and the prevention of fires that will drag them away from what they’re working on.

I think that’s it.

What do you think?

The two places records management programs are most likely to fail

The two places are:

  1. Program Governance
  2. Frontline value

Program governance is a failure to have records management performance managed by line managers throughout the organisation. It’s really a failure to prove value at the executive level, and to translate that value into a framework that executives can act on.

Frontline value is a failure to establish enough “very soon, to me” type value to frontline workers.

Records managers don’t have enough power in an organisation to get people to keep records well, and they are never going to. This means that the first order of business for a records management program needs to be securing executive support.

Every records program needs the whole organisation to commit to implementing the program. Without someone who can exercise authority at the whole organisation level, the best you can have is silos of excellence – and if you can’t get senior executive support, that’s what you should aim for. Whatever piece of the organisation is underneath the most senior manager who will commit to managing their staff on records outcomes is where your effort will be most highly rewarded.

The important thing to focus on with program governance is ensuring that sanctions for non-performance are implemented with certainty. Recidivism theory tells us that certainty of punishment for a transgression has the highest correlation with non-recidivism. This means that whatever reporting mechanism you design, it needs to deliver simple, actionable information to managers so that they can act with both certainty and minimum effort.

If you get program governance right, frontline value is less important. As much as it sticks in my throat when I say that, it’s true. There are some records programs that seem to go out of their way to make things hard for frontliners, and deliver no value that a frontliner will ever see in their work – but are effective (at least in the short term) because of good program governance.

That said, frontline value is (to me) the most important component of long term success for records – both at the program level, and the industry level. Programs that fail on frontline value often don’t get to the point where they are self sustaining. They require larger amounts of continued management pressure, and sooner or later, management get tired, and move on to other things.

The simple truth is that frontliners must value the records that we ask them to keep. The value must be tangible and real, and they must have a feeling that value will be provided “very soon, to me.”

Programs that achieve this become self-policing.

Active governance becomes assurance and eventually just monitoring.

What I think is most important to realise, is that none of the issues above are technical issues, and while technical issues are important, programs will not fail or succeed purely because of them.

This should be a caution point for every records manager in their choice of daily issues to focus on. Is the next thing in your to do list a technical issue? Or an issue of executive of frontline value that’s going to really impact your chance of success of failure?

The business value of electronic record destruction

I’m really stuck on this. My conclusion is that it’s unjustifiable.

All those things that you thought of when you read the heading – and that I thought of – I can’t tell you how much they’re going to cost the organisation, and when.

In most cases, no one can.

Most organisations can’t even make educated guesses.

And I feel like we’re wasting our time trying to jusify them unless we’re dealing with something that is truly carcinogenic for our organisations, or something like a consumer data right where we MUST destroy or face penalties which are certain and large.

I feel like this is the same as security – the only time we’ll be able to get senior people to pay attention to destruction is right after an incident – the type that means our organisations have had to pay the bill for an e-discovery firm to come in and sift through everything.

And at that point, the cost benefit is likely going to fall flat because nothing other than a GDPR type fine makes the cost worth the gain.

I also have a problem with justifying destruction from a prioritisation point of view. I think the real problem with fixating on destruction, is that it costs time that could be spent on things that people really care about.

Process workers want the information they need presented to them when they need it.

Executives want information to feed their decision making processes so they can make evidence based decisions.

Customers want to be able to get records about what they’ve done with you without having to talk to a person.

And every minute and every dollar we spend on destruction is a minute and a dollar we can’t spend helping people get things done that are important to them.

Destruction is only important to us.

So I’m stuck.

How do we move forward with destruction practices?

A lesson from Peter Drucker on why records are important

Central to all records management is the concept of evidence.

Peter Drucker (or at least people who quote him frequently) provides us with a really important lesson about why it’s so important.

Decades of managers have been quoting Peter Drucker. He thoroughly deserves his following.

One of the quotes you’ll hear attributed to him most often is “if you can’t measure it, you can’t manage it.”

Managers have been using this for decades to support various ideas about measurement and courses of action they should or shouldn’t support.

The problem is that Peter Drucker never said anything like it, and if you’ve read Peter Drucker you’d know that in many ways it’s antithetical to him.

The actual quote is from W Edwards Deming (another giant of management theory and practice) who wrote that “it is wrong to suppose that if you can’t measure it, you can’t manage it.”

The thing I took and continue to take from Peter Drucker is that the key in most situations is figuring out the right question to ask. In this case, I think there are two:

  1. How many mistakes are being made in our organisations because they’re either not relying on evidence or relying on evidence that’s incomplete.
  2. We manage the evidence about every decision our organisations have made, and every course of action they’ve taken, why aren’t people coming to get it before they make decisions?

Does your classification scheme describe or prescribe?

One of the things that I’ve found about a good records classification scheme is that it is one that people can see their job in.

When people can’t see their job in a classification, they will create something that matches their job – and use that.

There’s a careful balance we need to maintain when creating classifications – which is that we need to describe how people organise their work.

When we fail at this, we’re falling into the same trap as many business process management projects by describing some theoretical situation.

In effect, we’re telling people how to think about their job – prescribing it.

The effect is the same in business process management and records – people work around the system.

While some will be comfortable with the lumping or splitting decisions that we’ve forced them to make, others will respond to the uncertainty by dealing with it in a way that is certain – which means putting the records somewhere that makes sense to them.

It’s simple to say, but very subtle. Great classification schemes describe, for the others, there’s a point at which they flip over to being prescriptive – and that’s where the danger is.

Sometimes, we will have to prescribe how people keep records and think about their job for the simple reason that it’s the best piece of risk management we can do. When we do this though, we need to recognise that we’re going to have to continually apply pressure on people to do it the way we want it to, or they’ll go back to doing it the way that makes sense – somewhere else.

How many of us in records and information management are dealing with our problems in isolation?

I’m writing this from a bar at which I’ve organised the first (in what I hope will be a series of lunches) for people in Information and Records where I work.

I’m hoping that it will give us a forum to discuss the problems we are all dealing with so we can learn from the best and worst of the collective experience.

It’s not something that I think we do well, which is a shame, because when we’re dealing with complex problems, the experience of our peers provides the best barometer for what can be successful.

One of the hallmarks of complex problems is that you can often take courses of action that are completely opposed (ie. add resources vs. take them away), and get an improvement from both.

What this means, is that most complex problems are going to be solved by trying multiple things, and seeing what works.

When these experiments are cheap, and are entered into in the expectation that some will fail, we learn about our organisation without having to trade masses of political capital for a large project with no real guarantee that it will work.

The best source of experiments are our peers in other organisations (or in the same organisation if it’s large enough).

But how often do we get together to do it?

My experience is that it doesn’t happen very often. I’ve spoken to people at organisations in the same building, or neighbouring councils who are doing the same project but are totally unaware.

When we deal with problems in isolation, we have to do our own experiments, or our own projects, and only learn from our own experience.

We’re about to head into the quieter time of year where not much project work is likely to get done – so why not take the chance to call some of your peers and talk about your project plans for the new year and whether they think they’re likely to be a success. It’s not a natural thing to do – but it might just save you from wasting a project, and the most critical commodity of all – time.

The knowledge to solve all of the problems of records and information management exists in the community and we can all do better if we make time to go out and give what we’ve learned to each other – it’s likely to be the most valuable gift of the year.