Debunking the DoD Certified Records Management Requirement Myth

To DoD, or not to DoD? That question always confuses me.

Clarifying the misconception that requires all software serving records management purposes must be DoD 5015.2 Certified RMAs and why this is important for the Presidential Records Management Directive 2016 Goal requiring e-mail records to be managed electronically.

Introduction

There is a common misunderstanding in the federal records management space where any kind of application serving a records management function must be a DoD 5015.2 Certified Records Management Application (RMA). Many records management application vendors proudly display their DoD 5015.2 stamp of approval signaling that their solution meets all the requirements imposed by the Standard.

This question of “to DoD or not to DoD” that has arisen from the misconception has sparked some debate within the records management community. In May 2013, Don Lueders, Owner of HarborPoint Information Management and longtime Information Lifecycle Management professional, wrote an opinion piece for the Association for Information and Image Management (AIIM) Expert Blog discussing his views on why he no longer supports the Standard. Lueders believes it is “both an obsolete relic of a 20-year-old business model and a failed attempt to provide effective functional requirements for managing electronic content through the final stages of the information lifecycle.”

Shortly after Lueders’s post, Mark Mandel and Ron Layel, both seasoned records management professionals themselves, each published blogs (read Mark’s and read Ron’s) countering Lueder’s post discussing why all agencies should continue adopting the Standard. It’s worth checking out these two response posts to get perspective from opposing views, as a lot of valid points are made for and against the DoD 5015.2 Certified RMA Standard.

Recent NARA Guidance Helps Clarify This Misconception

In March of this year, the National Archive Records Agency (NARA) released draft guidance for public comment titled, Automating Electronic Records Management: Managing Government Records Directive A3.1. The comment period for this guidance closed in late April, so expect finalized language in the near future. This guidance, though still in draft form, speaks directly to the 2012 Managing Government Records Directive A3 and A3.1 that state:

A3   Investigate and stimulate applied research in automated technologies to reduce the burden of records management responsibilities.

A3.1  NARA, the Federal Chief Information Officer’s Council and the Federal Records Council will work with private industry and other stakeholders to produce economically viable automated records management solutions. By December 31, 2013, NARA will produce a comprehensive plan in collaboration with its stakeholders to describe suitable approaches for the automated management of email, social media, and other types of digital records content, including advanced search techniques. The plan will detail expected outcomes and outline potential associated risks.

NARA’s guidance on automation in electronic records management (ERM) is broken into two parts: a report and a plan. The report covers the goals of automation in electronic records, what has been accomplished to date, and NARA’s stance on the DoD 5015.2 RMA Standard. It also lists a framework of five suitable approaches to automation that federal agencies can pursue. The plan, on the other hand, will remain a living document and will be continually updated as progress is made towards ERM automation.

I’m not going to delve into detail about all the automation approaches to records management listed in the draft report and plan. I am, however, going to point out a few quotes continuing with the theme of this post – DoD 5015.2 RMAs aren’t necessarily required nor are they useful for managing all types of electronic records.

“There are many acceptable ways of managing electronic records. DoD 5015.2-certified RMAs are one tool for management electronic records, but there are other acceptable strategies. Certain methods for managing electronic records may work better in some environments or with some types of records than with others. For example, social media records may be managed best using different than would be used for static electronic documents like formal reports.”

I’ve been in meetings and had conversations with federal customers where the discussion leads us to the DoD 5015.2 RMA requirement if an application is serving any kind of records management purpose. I was relieved to read this guidance from NARA that clearly and succinctly outlines there is no requirement to use a certified DoD tool to serve a records management function. Don’t take my word for it, take NARA’s.

“[Not all types of records are] well managed by RMAs, like database files.”

Short and to the point. Not all types of records are well managed by traditional DoD 5015.2 Certified RMAs. I would also throw in e-mail records as another category of records that aren’t managed efficiently by traditional RMAs. See more discussion of on the impact of debunking the myth and the 2016 Goal for managing e-mail records below.

“NARA also recognizes that the availability of RMAs on the market has not led to universal use of these tools in agencies even for types of records that RMAs can manage; the problem of achieving consistent management of all agency electronic records remains unsolved in spite of this technology.”

Even though the DoD Standard has been around for decades, there is still a problem in achieving consistency in the capture and management of electronic agency records. There are plenty of software packages available in the marketplace meeting the DoD requirements, and yet agencies continue to have electronic records management challenges.

What debunking the DoD requirement myth means for the directive’s 2016 Goal for managing email records electronically

First, it’s the middle of 2014 and 2016 is quickly approaching. Has your agency made any progress towards meeting the 2016 Goal of managing all e-mail records electronically?

Second, debunking the DoD requirement myth means that agencies aren’t limited to only using DoD RMAs to manage e-mail records. As a result, agencies can leverage other technology like enterprise archiving applications or services to serve records management functions.

Third, agencies might have previous technology investments in archiving solutions that can be leveraged to manage e-mail records electronically. This eliminates the need for an agency to go out and procure a totally separate platform to serve a records management function. It might take a configuration change or purchase of an additional license to add the functionality needed to meet the 2016 Goal. Additionally, enterprise archiving tools help not only records management, but they also help agency counsel by improving eDiscovery workflows and processes, provide more robust data repositories for FOIA and OIG/Internal Investigators, and offer numerous technology benefits to IT stakeholders as well.

Fourth, clarification on the illustrious DoD mandate gives agencies more freedom and flexibility to select the right solution if they are looking to follow NARA’s Capstone Guidance for managing e-mail records electronically.

Conclusion

Keep an open mind. Dare to think outside the box when approaching records management in the digital era. With the proliferation of big data taking on various shapes and forms, it would be counter intuitive to avoid looking at alternative solutions to help manage that data from a records perspective.