University of Waterloo Electronic Recordkeeping Metadata Standard

Thursday, 20 October 2011

Please note: This document is no longer supported as an active University records management standard. It does, however, provide basic information on record-keeping metadata which is still accurate, and is therefore maintained as an introduction to this topic. 

Introduction
This standard defines the minimum recordkeeping metadata requirements for information systems used to manage university records. Recordkeeping metadata is structured information used for searching and retrieving, managing, preserving, and disposing of records. It documents the business context and use of records and, when properly created and managed, helps ensure that our records will serve as authentic and reliable evidence of university business for as long as these records are needed.1

The university’s recordkeeping systems include all information systems used to capture, create, manage, and provide access to the university’s business information over time. This includes enterprise or dedicated systems – such as the student information system and human resources management system – and also less structured electronic work and collaboration tools such as SharePoint sites and shared directories in offices, when these tools are used to share and manage business records. The university’s recordkeeping systems also include any cloud-based or externally-hosted systems used in university activities which store and
manage the university’s business information/records. Rather than being created as an extra task, the minimum recordkeeping metadata is often available in our recordkeeping systems, but must be identified and then managed and preserved to meet the university’s legal and business requirements for recordkeeping. Whenever possible, the assignment of recordkeeping metadata should be automatic.

Recordkeeping metadata is generated when a record is created or imported into a system, and also as the record is used and maintained in work processes, allowing us to track through time the changes to and uses of the record, and its connections with other records. Typically, this metadata should not be altered unless it is later found to be incorrect or incomplete. Recordkeeping metadata falls into the five categories of:

  • Metadata about the record itself (e.g., document title, file format)
  • Metadata about university rules or policies (e.g., security classification of the record)
  • Metadata about the individuals and organizational units creating or using the records (e.g.,individuals’ full names and positions)
  • Metadata about operational activities or processes (e.g., workflow routing of records)
  • Metadata about records management processes (e.g., records retention period)

Back to the top

Benefits
The benefits of well-managed recordkeeping metadata include:

  • Improved retrieval of electronic records
  • Increased ability to demonstrate accountability and to mitigate against financial or legislative penalties
  • Improved security and ability to trace unauthorized actions on records
  • Reduced risk of loss or accidental deletion of records
  • Increased opportunity to automate business and recordkeeping processes
  • Increased ability to plan for migration of records to new systems
  • Enhanced protection of records with long-term value to the university.

Relationship to other standards
This standard supports University of Waterloo Policy 46, Information Management, by providing guidance on how to meet generally accepted standards for managing electronic records. Recordkeeping metadata is also required for compliance with Policy 46, Information Management. Implementation of this standard facilitates the university’s compliance with national and international standards for records and information management.

Back to the top

Roles and responsibilities

Unit heads/managers: in addition to their general recordkeeping responsibilities described in Policy 46, unit managers/heads, with the assistance of Information Systems and Technology (IST) staff, are responsible for:

  • Ensuring that recordkeeping metadata is available for their records, and is described in their unit’s recordkeeping procedures
  • In consultation with the university records manager, identifying any discrepancies between the available and the required recordkeeping metadata, and developing strategies to fill these gaps
  • Ensuring that their unit can retrieve records when requested, and information on the history, use and disposal of their records
  • Ensuring that quality assurance procedures for recordkeeping metadata are followed by their staff and regularly reviewed.

Systems administrators are responsible for:

  • Identifying system-generated metadata corresponding to the metadata elements required by this standard
  • Identifying any required metadata elements which are not automatically generated by the recordkeeping system, and assisting unit managers in developing methods to persistently link to the records any metadata which must be stored outside of the system
  • Ensuring that this metadata is available and usable for as long as it is required by the university
  • Ensuring that unit managers and staff are able to retrieve records and produce reports on their records, using the available recordkeeping metadata
  • Documenting recordkeeping metadata elements and their retention requirements in the system documentation.

Back to the top

University employees are responsible for:

  • Following their unit’s procedures for recordkeeping metadata creation and maintenance
  • Alerting their supervisors to any inconsistencies or inaccuracies in recordkeeping metadata they find in the course of their daily work
  • When the need arises, recommending additions to recordkeeping metadata required to support the business activities or processes for which they are responsible.

The recordkeeping metadata requirements
This standard is structured as nine requirements, covering:

  1. Metadata management policies and procedures
  2. Metadata creation
  3. Metadata maintenance
  4. Metadata disposal

The boxes accompanying each requirement provide additional information on the requirement and its implementation.

Back to the top

1. Recordkeeping metadata management policies and procedures:

1.1. Requirement 1.1: responsibility must be documented and regularly reviewed, for:

  • Creating and maintaining a recordkeeping system’s metadata elements and metadata content rules
  • Creation and verification of point of capture recordkeeping metadata
  • Making changes to metadata, if the need arises, after it has been captured

Specific recordkeeping systems will often use different terminology from that found in this standard, and will often require additional metadata to meet a unit’s business needs. Responsibility must be assigned for identifying and documenting these differences and additions. Each unit will develop its own rules for some metadata content – for example, rules for document names or titles. Responsibility for documenting these rules and training staff in their use must be assigned.

Employees’ recordkeeping responsibilities may include manually adding some metadata. Quality assurance procedures should be defined for this metadata. These responsibilities must be assigned and documented in the unit’s policies and procedures.

Records, including their metadata, must be tamper-proof and authentic. Changing recordkeeping metadata will alter the meaning, integrity, and authenticity of the record. Changes to metadata will usually be permitted only to correct errors which have occurred in the course of daily work. More often, additions rather than changes will be made to a record’s metadata. Procedures and controls are needed, defining who can make changes to existing metadata and how these changes will be documented.

For example, when a record’s security classification changes from confidential to public, an addition is made to the recordkeeping metadata to record the fact that the new classification came into effect on a specific date, but the original metadata is not overwritten. However, if it is found that a record was incorrectly classified as confidential when it should have been public, the metadata could be corrected by an individual in a position with the authority to make such a change.

Back to the top

1.2. Requirement 1.2: metadata will, whenever possible, use the university’s authoritative sources for personal names, personal information, security classification, functional categorization of records and records retention periods. These sources are:

  • Student names: Student Information System (Quest)
  • Employee names: Human Resources Management System
  • Donors: Raiser's Edge
  • Categorization of records and records retention periods: WatCLASS
  • Security classifications: Policy 46, Information Management

As noted in Requirement 1, units will develop their own rules for some recordkeeping metadata. However, to avoid inconsistencies or errors in information across university recordkeeping systems, it is essential that all offices make use of central, authoritative, sources for the names of students, university employees, and donors.

As well, compliance with Policy 46, Information Management requires that all implementations of recordkeeping metadata use WatCLASS for categorizing records, their retention periods, and disposal actions, and for records security classifications.

2. Recordkeeping metadata creation:

2.1. Requirement 2.1: metadata must be assigned to all records and record aggregations. Records are managed in aggregations, such as files or folders, and records series, as required by the unit’s operational processes. For example, graduate studies application files consist of an aggregation of individual records: transcript, resume, recommendation forms, etc. Every level of record aggregation requires metadata documenting the creation and management of that aggregation.

In systems where it’s difficult to identify individual records and their aggregations – such as database applications, or “hybrid” systems where related records are contained in different applications or are in both paper and electronic form – unit managers and systems administrators should work with the university records manager to identify the records aggregations and the required recordkeeping metadata, and develop approaches to assigning retention periods to the data in these systems.

Back to the top

2.2. Requirement 2.2: the following minimum metadata must be created and assigned to the record when it is created or captured in a system:

  • Unique identifier: a unique identifier, allowing retrieval of this record and no other within a recordkeeping system
  • Name: the title or name given to the record
  • Date of creation: the date the record is first saved or entered into the system
  • Who created the record: ideally this element will identify the author (person or system) of the record, the individual in the position responsible for the action or decision documented by the record, and (if different) the person responsible for the capture of the record. This may not always be possible, so offices should capture the details they are able to from the metadata assigned automatically by the creating application.
  • What business is being conducted: this will identify the business activity and function, based on the WatCLASS records classification system and the associated records retention information. In many cases, this element may include more detailed information on business processes and workflows, required for the ongoing business use of the records.
  • Security classification of the record: using the terminology provided by Policy 46, Information Management.
  • Creating application and version: the name and version of the software application that created the record.

These elements, alone, may be inadequate to ensure a full and accurate record depending on the business process in question, but will allow an office to reconstruct the record’s context and defend the record’s authenticity. Without these minimal metadata elements, reconstruction of a complete record is impossible.

The minimum metadata elements might be spread across several data fields, depending on the business system/application and the requirements of particular business processes. As well, in some cases, the system-generated metadata might be incomplete and will require additional documentation maintained outside of the system. For example, if the system only captures an individual’s user name, then the unit should also maintain a record – in a spreadsheet or some other form – listing individuals’ real names, user names, position titles, and the start and end dates of their access to the system.

Back to the top

2.3. Requirement 2.3: for each action on a record – for example, editing the record or its metadata – the following minimum recordkeeping process metadata must be maintained:

  • The date of the action
  • Identification of the person or system undertaking the action
  • What action was undertaken

Many electronic systems/applications maintain this type of information in audit trails or log files. To comply with this standard, actions should to be linked to the record and information on these actions should be available whenever the record is accessed in the system. The ability to authoritatively assert who has created, accessed, modified or destroyed a record is critical to ensure the authenticity, reliability, and integrity of records.

Back to the top

3. Recordkeeping metadata maintenance

3.1. Requirement 3.1: recordkeeping metadata must be linked with a record for its entire period of retention. Recordkeeping process metadata provides an accumulating history of events, changes, and actions undertaken on the record and its metadata, arising from everyday work and business activities. This metadata is evidence of management processes and is essential to proving the authenticity and reliability of records.

Metadata does not need to be stored with the record, but, for example, may be stored in an associated database or some other form of documentation. However, persistent links between the metadata and the record must be maintained for the whole of the record’s existence.

Each new metadata value for a record must be stored in a fixed, unchanging, form, allowing retrieval of an accurate history of recordkeeping activities. For example, details about individuals may be stored in an online directory listing the most recent position filled by a specific individual. However, for recordkeeping it is important to know what position that person held at the time the record was created/captured or action undertaken. The newer data should not overwrite the original metadata linked to the record. If this cannot be done within the system, then another form of record – for example, a spreadsheet listing individuals and their positions during specific time periods – will have to be created and maintained by unit managers.

Back to the top

3.2. Requirement 3.2: recordkeeping metadata must accompany records being transferred from their original recordkeeping system.

As noted in Requirement 6, recordkeeping metadata can be stored separately from the records/records aggregations. When the records or their aggregations are transferred from the creating system, their metadata must also be copied or persistently linked with the records to support consistent understanding and interpretation of the records. This is a significant issue during system migrations.

When moving records from their original system, additional metadata may need to be added to provide context to the record. For example, within an individual unit there may be no need to explicitly identify that unit as the record creator/owner, but when the record is moved, shared or used to transact business with other university offices or external organizations, the record needs to clearly identify the originating unit.

Back to the top

4. Recordkeeping metadata disposal

4.1. Requirement 4.1: recordkeeping metadata must be assigned a retention period, in accordance with WatCLASS, and must be protected from unauthorized disposal.

Point of capture/creation metadata must be retained for at least as long as the records to which it relates. However, the retention of recordkeeping process metadata will vary depending on the business processes of an office. This should be documented in the system documentation, the unit’s policies and procedures, and the unit’s records retention schedules.

For example, a unit may decide not to keep metadata on who has viewed a record, or may decide to keep this metadata for only a short time after the viewing date and regularly dispose of this metadata as transitory information. These are decisions based on the risks associated with access and use of records in specific business processes.

Authority to dispose of records is different from authority to dispose of the associated recordkeeping metadata. Destruction of recordkeeping metadata must be authorized and documented in the unit’s records retention schedule, based on WatCLASS. As with all records destruction actions, the person undertaking or authorizing the destruction, the records class number and records class title, and a date/time of destruction authorization should be documented.

Back to the top

4.2. Requirement 4.2: after the authorized transfer or destruction of a record, the following minimum recordkeeping metadata must be retained by the responsible unit for as long as is required to meet legal or business requirements:

  • Point of capture metadata including a unique identifier, a name, date of creation, who created the record, what business is being conducted, and the creating application and version
  • The date the disposal action took place
  • The authority governing the record’s destruction
  • The person undertaking the disposal action

When records are transferred or destroyed, evidence of their existence and of authorized disposal must be kept for the period specified in the unit’s records retention schedule. This allows the unit to unambiguously prove what happened to its records. Offices will be compliant with this requirement if they create a summary report including these metadata elements for the transferred/destroyed records. A university records disposal form or university archives transfer form are examples of such a record. In those cases where metadata is retained within the electronic recordkeeping system after records disposal/transfer, responsibility for ongoing maintenance of the metadata will usually be delegated to the systems administrator.

Acknowledgement
This standard is modelled on the Electronic Recordkeeping Metadata Standard issued by Archives New Zealand in 2008 for use by New Zealand public offices (http://archives.govt.nz/s8-electronic-recordkeeping-metadatastandard).

Back to the top


1Authentic records can be proven to be what they say they are or are represented to be – records of the business events or transactions they document – created by the person(s) stated or claimed to have created them, at the stated time. Reliable records can be trusted as a full, accurate representation of the transactions, events, or facts they support, and can be depended upon in subsequent transactions or activities. The integrity of a record refers to its being complete and unaltered.