Both retaining and deleting documents is not an issue of document management software compliance storage capacity, but rather one of keeping a clutter-free work space and ensuring legal compliance.
Over time, paper-dependent organizations accumulate clutter because files are rarely if ever disposed of, even if they’re no longer needed, and the more paper files there are, the longer it takes and the harder it is to find what both auditors and employees are looking for.
In contrast, storing more documents in document management software over time will not reduce the speed of file retrieval, making it easier for auditors to access the information they need when evaluating an organization’s legal compliance.
DMS, as a software providing end users with the ability to retain documents until specific dates, automates the disposing of unnecessary files: An invaluable feature given what information governance lawyer, Martin Felsky, asserted that nearly 70% of corporate data is devoid of financial, legal, or regulatory value.
Another one of the benefits of DMS use is its capacity to retain vital legal records and audit-relevant information in the event of a natural disaster, although this aspect of retention is yet to be made explicit through litigation.
Compliant Metadata Indexing: A Document Management Software Compliance Imperative
Although the Metadata Object Description Schema is now a front-runner for metadata taxonomy standards, The Dublin Core Metadata Initiative also gives 15 recommended, simple categories for metadata nomenclature, all of which are upheld by NISO Standard Z39.85 and ISO Standard 15836, listed as follows:
- Title
- Creator
- Subject
- Description
- Publisher
- Contributor
- Date
- Type
- Format
- Identifier
- Source
- Language
- Relation
- Coverage
- Rights and Miscellaneous
Furthermore, the IEC (International Electro-Technical Commission) devotes an entire publication (IEC 82045) to specifying appropriate uses of metadata.
Indexing, for the purpose of DMS users, is the method by which digital files are stored and classified within DMS solutions. Therefore, indexing and labeling files in a way that mirrors their metadata will ensure compliance.
Otherwise, documents and other files will be nearly impossible for auditors to find with a simple Windows file structure, possibly leading them to believe the files they want to review are nonexistent.
To avoid this, be sure legally relevant documents like employee I-9s and W-2s are created by (and given access to) only the people who have legal rights to view them in your organization, such as Human Resources managers, and stored correctly within the document management software.
However, end users should know most DMS products already utilize software to index metadata compliantly. As long as the names of files, storage bins, etc. in DMS are both accurate and legally fitting depicters of what is inside DMS storage, compliant metadata indexing will be achieved.
Audit Trails and Investigations for Better Document Management Software Compliance
There are two kinds of audits relevant to DMS use: internal and external—although the practice of each is tailored most to the financial services industry. The concepts of both audit types are worth considering for all organizations, and both are streamlined by DMS use.
The file-sharing features of either On-Premise or Online, Cloud-Based DMS solutions should include bank-grade, 256-bit Advanced Encryption Standard (AES) security at rest and in transit for sending and receiving information, and SSL/TLS (Secure Sockets Layer/Transport Layer Security) encryption on data sent from the organization’s worksite to the solution’s data centers.
Furthermore, it is also worthwhile that role-based user permissions are granted prior to an audit and given to external auditors in a “view only” setting.
Along with price, another reason to purchase scanners from DMS vendors is the fact they are more likely to have the best Optical Character Recognition (OCR) technology already embedded. As stated earlier, OCR is a scanner’s encoding of handwritten or printed text, and strong OCR will ensure lossless visual quality of the characters in any uploaded document—an important facet of file indexing compliance.
Compliant File Versioning
As stated earlier, file versioning sequences a specific document’s revisions into different formats so auditors can track how documents move through each revolution of the DMS workflow and information cycle.
To ensure compliance when using the file versioning feature, a search for the versions of the file should summon all versions of the file that were saved when clicking on “version history” or a variant of that expression.
This version history should also include who saw, created, and edited the various file versions. The best document management software vendors will make this feature easily accessible and intuitive.
Information Governance Perspectives: Arguments for Document Management Software Compliance
What’s more, there are many implicit arguments for document management software use among information governance organizations and regulating authorities.
Although these authorities are not intended to serve as legal stipulations for document management software compliance implementation, but rather arguments for it, document management software may become compulsory in the near future.
These arguments are often revealed implicitly in the standards these authorities have developed to accommodate legal issues surrounding information management needs and how these needs can be met via document management software and similar information management technologies.
As ransomware attacks become more prevalent in the coming years, there will be additional demand for companies to stave off breaches that not only destroy their reputations, but also incur costs paid in the form of ransom to cyber attackers.
Although cyber crooks have moved away from email breaches, they are zeroing in on other forms of breach similar to ransomware, and without the correct document management software compliance features put in place to prevent these attacks, the consequences can be scarier than ever.