Content area
Full Text
With the volume of electronic records exponentially growing and hardware and software constantly evolving, organizations face an ever-increasing challenge to maintain accessibility to those records that must be retained long-term. Strategies abound, but there is not a one-size-fits-all solution; it requires a unique combination of tools, policies, procedures, and compromise.
While most records are short-lived, my field research shows that up to 20% need retention for 10 years or more. Further, keeping records available for 25 years and beyond is common in insurance, utilities, finance, medicine/pharmaceuticals, and other industries. For physical records on paper or microform, this is not a major problem. For electronic records, long-term preservation presents a serious challenge without a widely accepted solution.
The fifth Generally Accepted Recordkeeping Principle® (GARP®) is the Principle of Availability, which states: "An organization shall maintain records in a manner that ensures timely, efficient, and accurate retrieval of needed information."
A Personal Case in Point
My 7-year-old friend, Tina, just finished two years of radiation and chemotherapy for leukemia at the Mayo Clinic. Mayo started moving to digital records even before President Barack Obama signed into law the Health Care Reform Act of 2010, which included provisions to boost the use of electronic medical records to cut down on costly redundancy and waste. Tina has an excellent prognosis for a long, happy ufe. However, she will need her recent medical records in adulthood.
"Now we've learned there are longterm complications," said Jennifer Wright, director of the Pediatrie Cancer Late Effects Clinic at Salt Lake City's Huntsman Cancer Institute, in a September 2011 Salt Lake Tribune article. "[Patients] still need close follow up by a specialist who is familiar with the treatment they received as children, as well as the risk factors they now face as adults."
Obviously, Tina will not remember the drugs and dosages she received. The key to her adult health may be the availability of her 25-year-old digital medical records.
Sources define long-term differently, without consensus, but for this article, the term means 10 years or more. A noted security consultant (who prefers anonymity) uses the phrase "persistent records," a useful, indefinite description. Within a 10year span, most operating systems and application software change significantly. Security requirements change as well, and storage...