Records Management Makeover, Kentucky Style

Kathy Jenisch, Records Manager for Kentucky Sanitation District No. 1 (SD1), had quite a messy document management problem to clean up.

Her organization, the second-largest public sewer utility in Kentucky, had been fined $40,000 for failing to produce just eight pieces of emailand that didn’t include the operational expense of paying several employees to spend six hours a day for three weeks searching for documents they couldn’t find.

Then she discovered that the organization’s offsite storage facility was allowing records to get moldy or rodent-infested — leading to the destruction of almost six tons of documents.

On top of that, she had to comply with a new state government transparency law that required her to create a website that displayed records about the organization’s financial expenditures as well as its annual budget and annual audit.  The records needed to be searchable, updated monthly, and maintained on the web site for at least three years.

The solution to all these problems was obvious. Digitize SD1’s records.

That’s not to say it was a simple process. SD1 did it on a project by project basis.

One such project involved 27 tubs of documents. Jenisch spent $20,000 hiring a digitizing service to prepare and scan the documents. The job was completed in five weeks, as opposed to the years the department estimated it would have taken to do on its own, she says.

Having records digitized paid off when SD1 had to respond to requests for documents associated with a state audit. Instead of pulling HR file folders from archive and hand searching for the documents, the search took only a matter of minutes. SD1 was also able to summon up historical documents dating back to the creation of the organization, board meeting minutes, policies and procedures, travel expenses, board and staff contact information, and budgets. SD1 could search and copy everything to a CD in about an hour. Without digitized documents, it would have taken days to comply with the audit request. SD1 passed its state audit with compliments to its record keeping, and aced its local annual financial audit as well.

Jenisch has advice for other organizations contemplating a similar move. “Just start somewhere,” she says. “Pick a project and get started.  You can’t mess it up, it can always be changed or revised.”

3 Reasons Electronic Records are Safer Than Paper

People can have a strange kind of cognitive dissonance when it comes to electronic and paper records. Many people won’t think twice about handing their credit card (with the security code prominently displayed on the back) to a high-school-aged waitress. Similarly, they may have no problem leaving their credit card bills and checks in their mailbox for hours or even days. But if you ask them to use paperless billing or online bill pay, they’ll refuse because they’re concerned about security.

Something similar can happen in organizations. When companies convert from paper to electronic documents, many employees suddenly become concerned about the security or the privacy of their data…even if the organization has not traditionally been concerned about the security of its paper records.

“Nobody asks about privacy when the data is in folders sitting on desks,” Dr. Rhonda Dean Kyncl, assistant dean for academic services for the College of Arts and Sciences at the University of Oklahoma, said in her presentation at Empower 2013. “But it’s held to a different standard when it’s online.”

It’s important, of course, to safeguard the security of electronic records. But many people don’t realize that electronic documents are inherently more secure than paper records. Evidence supporting this was published as long ago as 1996, for example, in a paper in the Journal of the American Medical informatics Association.

Here are three important ways paper records are vulnerable.

Inappropriate access: This can occur when people gain access to unlocked record storage areas and file cabinets (particularly when they look like they belong there). It can also occur when they find records left on counters, offices, or copy machines, or receive misdirected fax copies. In fact, whenever paper copies are sent to other places — whether it’s other offices, insurance companies, or government agencies — the data on them can be read by mailroom workers, administrative assistants, and other unauthorized individuals. This access could be accidental or intentional, but either way, the data on the paper records management can be compromised. Electronic data, by contrast, can be encrypted so that even if it’s copied or stolen, the information can be protected. Also, electronic records can more easily have sensitive data redacted for certain uses.

Data tampering: Anyone with access to a paper record can remove pages, add entries, erase or otherwise tamper with authentic entries. Electronic records can have a digital signature that notifies people when this has happened, as well as a time stamp that indicates whenever a record is transferred or modified.

Loss: Because paper files need to be moved around and filed again, they can be lost or misfiled. Electronic records tend to stay where they are, often with audit trails and other indications of which people have used them. There are other limitations as well: Paper records are typically not copied. If something happens to them, there’s usually no backup. Destroying paper records presents another set of problems: they can often be recovered by the wrong parties after they’ve supposedly been disposed of.

A survey by the Ponemon Institute showed that respondents found paper to be less secure than electronic records in a number of ways. While the survey dates back to 2008, there’s no reason to believe that paper is any more secure now.