Major Recordkeeping Challenges in Victoria’s Government Sector
A number of agencies do not have a solution for identifying and managing risks. In fact, only 20% of agencies contain information asset registers and many lack documentation and processes that address disaster management and recovery plans. Also, risk registers are often nonexistent, as is disposal coverage for function-specific records. As a result, government organisations don’t know how long to retain records generated by high risk, high value functions, and rather than being proactive, agencies are reactive in their recordkeeping endeavours.
Control of record assets is spread across organisations, resulting in a lack of comprehensive accountability and governance. This is, in part, because information management is not always understood, prioritised or resourced by agencies managers. These practices are also sometimes inconsistent and siloed within agencies. Victorian agencies often do not give sufficient regard to information throughout its lifecycle, which reduces accountability, increases cost and decreases productivity as well as public respect.
Statistically, 63% of VAGO, Independent Broad-based Anti-Corruption Commission (IBAC) and OV reports highlight issues with accountability, 43% cite recordkeeping responsibility challenges, and 39% report issues with information integrity. A common theme found in these reports is a lack of clear and effective leadership, which greatly impact these findings.
Knowledge, Skills & Resourcing
The records management function in government organisations is often understaffed and under-resourced, leading to significant compliance gaps. Agencies lack the resources to sort, sentence and transfer records to PROV, and both individual and organisational capacity are seen as significant hurdles to improving the management and sharing of information.
Common discoveries uncovered a lack of expertise in records management across the Victoria public sector, with government staff often unaware of or misunderstanding their obligations. Findings showed there is a lack of training dedicated to records management which is bound to be closely correlated to the low level of recordkeeping proficiency.
It was determined that records are not being created and managed adequately to ensure that accurate and reliable information is available when required as evidence of actions or decisions. Often records are incomplete and do not reflect the processes and decisions used.
The Royal Commission into Institutional Responses to Child Sexual Abuse (RCIRCSA) found numerous institutional failings in creating accurate and full records. The records created by institutions should be objective, thorough and clear to the reader.
Non-standardised data sets were also found, creating even more recordkeeping discrepancies across the board.
Concerningly and something we see often, is agencies continually procuring new systems which do not adequately capture, manage and retain records required for business use and possible evidence down the road. Quite often because it is deemed too costly or time-consuming. As a result, business units and end users frequently resort to finding workarounds to compensate for poor record management functionality, which generally impacts compliance. The absence of system-wide compliance monitoring results in discrepancies in managing records, especially when IT security is weak, which is often the case.
Sometimes, the safety of victims is undermined by the inadequacy of sharing information between agencies concerning perpetrator risk. Outdated systems only serve to exacerbate this problem.
Hardcopy Record Storage
Government organisations are still storing huge volumes of paper records, which incurs significant storage and management costs, are difficult to access and retrieve, and presents a substantial risk to their integrity. Currently, there are 800 kms of paper records being stored, a number which has almost doubled from the 2017 estimate of 446 kms. Of these physical records, reports have found records aren’t being appropriately stored or secured, making them vulnerable in the event of a disaster. Further adding to the issue, is that many of these records are being kept unnecessarily in both digital and physical format at the same time.
As a result of insufficient resourcing, which we touch on shortly, there is a backlog of permanent records that haven’t been processed and indexed, with many stored in temporary, ad-hoc locations, without a disposal action attached.
Digital Record Storage
Accessibility, security and privacy of digital records are noted as ongoing issues. One reason for this is that both physical and digital records are often kept in disparate locations, making it difficult to know where to find a record and more challenging to keep them secure and private. Digital records are often not identified as actual records leaving them vulnerable to data breaches and premature destruction, in addition to an agency’s inability to fulfill a Freedom of Information (FOI) request.
Digital content is not always easily searchable or retrievable, and systems are not properly optimised for record management, which is a result of recordkeeping capabilities not being considered during the system’s procurement. Improving and streamlining information accessibility will help to drive productivity in the public sector.
End of Life Systems
There is currently inadequate resourcing and planning in place to ensure proper management and protection of records when information and line-of-business systems reach their end of life. Many long-term and high-value permanent records continue to exist only in line-of-business applications, creating a challenge for storage and retrieval of this information when systems are decommissioned.
Permanent records are not, but should be, transferred to PROV to make them accessible to citizens when appropriate.
Standards and Policies
There are a large number of standards and policies agencies must meet, some of which have overlapping or contradictory requirements which confuse stakeholders. Standards and policies need to be specific and adequate so they will be easily understood. Since many agencies do not have policies surrounding the disposal of records, it is often unclear how to properly dispose of the information when the appropriate time comes.
Current recordkeeping practices do not maximise or promote sharing between agencies, causing numerous problems. The safety of victims is undermined by inadequate methods of sharing information between agencies regarding perpetrator risk, which is further exacerbated by outdated systems. Limited information sharing capabilities and difficulty in discovering information means that information is not being effectively leveraged by agencies to improve service delivery and achievement of business outcomes. Many agencies do not propose the transfer of digital records as a component of their records management program, and an external driver is frequently required for a transfer to occur.
While the volume of available data is growing exponentially, a lack of data sharing is impacting organisational capacity to deliver core services. A lack of trust by data custodians and users in data access processes needs to be addressed so that hurdles surrounding the sharing and releasing of data can be overcome, which will help improve both the use and value of data.
At Miktysh we specialise in records and information management. If your organisation could benefit from some strategic advice, a records management health check, information governance audit, or an enterprise content management system built for records management, please get in touch with our team of consultants.
Luke is an experienced Marketing Manager and host of the Information Transformation Podcast. He has a keen interest in developing engaging content to inform people about the changing landscape of the information management industry.
Follow us on social