Reliance on Electronic Records

PS-08-007.02 Reliance on Electronic Records

Issue Date:  3/20/2008

Revision Effective Date:  12/15/2014

Revision Date: 7/1/2018

 

PURPOSE

Email messages, electronic data interchange, and other forms of electronic materials often document important government transactions and decisions. Like any other type of record, such information is necessary to ensure government accountability. In light of today’s reliance on technology for conducting official business, the Georgia Archives recommends that each Agency establish a policy of intent to rely on the electronic data as a form of official record.  Official records reflect the information and position that the agency believes is true and complete and will rely upon to conduct its business. 

This policy designates digital data as an authorized form of official record within the Enterprise, but does not imply that electronically generated data is the only form of official record recognized or authorized by the state, nor does it preclude an agency from establishing internal policy regarding the creation and designation of official records. This policy statement serves as a reminder to agencies that electronic data must also exist as part of the State’s overall data security and records management programs.

 

SCOPE, AUTHORITY, ENFORCEMENT, EXCEPTIONS:

See Enterprise Information Security Charter (policy)

 

POLICY

The State of Georgia recognizes electronically generated data (such as email, electronic data interchange, instant messages, digital voicemail and other forms of electronic material) made or received by an entity of the State of Georgia or in connection with the transaction of public business may be a form of official public record that must be safeguarded against loss or unauthorized destruction (derived from O.C.G.A. 50-18-102 (a)). 

Each Agency shall issue an internal policy designating the authorized forms of official records in the custody of that agency and shall notify all personnel that all records are subject to the records retention requirements set forth by the Georgia Records Act (O.C.G.A. 50-18-90 et. Seq.) for records retention.

 

RELATED ENTERPRISE POLICIES, STANDARDS, GUIDELINES

  • Data Security - Electronic Records (Standard)
  • Electronic Communications Accountability (Standard)
  • Appropriate Use of Information Technology Resources (Policy)

 

REFERENCES

  • Board of Regents of the University System of Georgia - Archives Publications
    • http://www.georgiaarchives.org/ for reference information:
      • Considerations for adopting e-records
      • Records Retention Schedules
      • E-Records Management Program Checklist
      • Advice on keeping email
  • NIST Computer Security Resource Center- http://csrc.nist.gov/
    • SP 800-53 Recommended Security Controls

 

TERMS and DEFINITIONS

Records: “recorded information in any form, including data in computer systems, created or received and maintained by an organization or person in the transaction of business and kept as evidence of such activity”.

Georgia statute defines records as “all documents, papers, letters, maps, books (except books in formally organized libraries), microfilm, magnetic tape, or other material, regardless of physical form or characteristics, made or received pursuant to law or ordinance or in performance of functions by any agency” (Official Code of Georgia Annotated, § 50-18-91[5]).  

Electronic Data, Information and/or Record is any form of digitally recorded material generated, transmitted, received and/or stored that is designated a record by data owner or law, based on content and/or subject matter.  This includes but is not limited to electronic digital interchange, email, digital/text voice messages, instant messages and text messages.

 

 

Related Files