>> From the Library of Congress in Washington, D.C. ^E00:00:04 ^B00:00:23 >> Well, this morning was fascinating and I personally learned a great deal, and I'm looking forward to the next couple of sessions because I have a feeling I'm going to learn a lot more than I'm going to take back. I'm Kevin De Vorsey. I work at the National Archives and was part of the group that put this program together. And we agreed that one of the key components to managing email is the records management aspects and so in terms of getting somebody from the National Archives, that was very easy. It was kind of a no-brainer. So we'll be hearing from Lisa Haralampus, whose title is the Director of Federal Records Management Policy, and she's going to talk about all of the work that's been going on across the National Archives to try and develop good records management policy for email. When it came to getting records officers from federal agencies I turned to my boss, Don Rosen, who couldn't be here today, and asked him, "What are some good agencies with good records management programs who would be willing to come and talk about the approaches that they're taking with email?" And without hesitation he gave me three names, and I sent off emails, and was very, very happy that all three of those people could come and speak today. So following Lisa will be Deborah Armentrout who is a Records Officer at the Nuclear Regulator Commission, Jeanette Plante from the Department of Justice, and Edwin McCeney from the Department of the Interior. And so the format's going to be the same. We'll hear a 10-minute presentations from each of the speakers and then at the end there will be a time for Q and A, but. So, Lisa. Oop. >> Lisa Haralampus: Thanks very much, Kevin, and thank you, everybody, for coming here and having a chance to listen me talk about email management. So my first comment is that I'm not going to be speaking so much about email archiving as I am about email management, because where I work at NARA our job in the Office of the Chief Records Officer is to work with agencies as the records creators, to offer guidance for them on how they manage their email in the hopes that when it comes time to be transferred to us we'll be able to preserve and do email archiving at the end of that life cycle, which would be the beginning of the life cycle for those of us at the National Archives. So with the 10 minutes allotted I could just about get warmed up on all of the guidance that NARA's produced. But I'm actually going to try to be very specific and focused to set up my colleagues who are the practitioners of this guidance who can tell you how well or not well it is working in agencies. There is a -- in the Managing Government Records Directive that Paul Wester [assumed spelling] talked this morning, I want to start with that because that is a foundation document for NARA. It's a foundation document for the Federal Government. That document laid out a vision that says we want to transition to digital government. Within that transition it has a target of 2016 for email management. The target specifically states, and I was actually just talking to some colleagues here at the Conference this morning -- what does it say exactly? By December 31st, 2016, which is very important. It's not January 1st. We have a whole other year-and-a-half to get there, all federal agencies will manage all email electronically. That, for me, as I interpreted it, was the death knell for the print and file management because we have said specifically, here's the target and it doesn't matter if it's permanent records for the National Archives or temporary, we no longer want to have in the Federal Government policies that say we're going to print to preserve, print to access, print to manage. We want it to be done electronically. That was the target in the Directive. The Directive also had an action item, A2, that said NARA will issue guidance to help agencies get there -- new methods, new approaches. And when it comes to issuing email guidance, boy, howdy, have we. If you look at our website you will see we have issued email guidance almost every six months. Something has come up. Either additional guidance on personal email, guidance on how to report the loss of email, guidance on what does an agency head have to do with email management. So you've had numerous guidance products which I would describe as reminder guidance because we've actually been saying that work and those policies for a great deal. But we do have some actual new guidance on email. Some of it is format guidance, which would be another topic for another time. But the one piece of guidance, all of that again, get to where I said I was going to speak about, was Capstone. Capstone was new guidance for NARA, a new approach to managing email. My joke is that if anybody at any conference you goes to offers to sell you some Capstone software, be aware. That is your tip for the conference. You cannot go out and buy Capstone software because what Capstone is, as I said a minute ago, it's an approach to managing email. So NARA looked, again pre-- my colleague Arian Robgebash [assumed spelling] is always saying there was time before the Directive and time after the Directive. In the time before the Directive, when NARA's guidance was print and file, it was based on users making decisions. This email's a record. It belongs in this category. This email's non-record. It's personal. I'm going to delete it. That approach has been ineffective for the National Archives. Not only the decision-making and then the follow-along about the printing and then being able to maintain them. So when we looked at are there other approaches we can take, we looked at approaches that would get the user out of email management. So with our colleagues in the General Counsel Office, with our colleagues and staff, there was a great deal of brainstorming and effort came into the solution that we've put out, which is, okay, how about for now, for the 2000s, for the 2010s, we take an approach that looks at a roles-based or rules-based way to manage email. And what if we make an assumption that as we do scheduling, because as you know it's what the Office of the Chief Records Officer, what we do with agencies is do scheduling, retention, how long do you keep information. What if we looked at that scheduling and said we know that there's a preponderance of permanent records come from certain offices. That we said these offices are permanent or likely to generate permanent records. What if the individuals who were in those roles are likely to have permanent email as well? The Capstone approach is a roles- and rules-based approach that looks at a person's position and says all email accounts associated with that position will be permanent, and all other email accounts will be scheduled as temporary. And that is the essence of the Capstone approach. Why not look at our people who create emails and instead of saying you have to decide email by email this is temporary, this is permanent, this is not, everybody who's in this role, that role from now on, if you are the head of your agency, and we use the National Archives as an example because NARA has implemented the Capstone approach, every archivist that takes that role from now on will be permanent. Every person who takes the Chief Records Officer position from now on, those emails will be scheduled as permanent. Anybody who takes the Director of Federal Records Management Policy, my role, does not have to worry. Those emails will be temporary. And that is the sort of conversation that we had at the National Archives, to say who is likely to produce permanent records, who is not? We'll take that role. We won't. That is -- there's a lot more to it than just that background. I've said it three or four times. Let it sink in. I'll tell you a few more of the other things about the Capstone policy. We said we would take email by role. We actually, specifically, put in that guidance, not every email. We said there was culling. And culling is the word that we used in our guidance to refer to deletion of non-record, personal, spam, and potentially transitory or temporary records. So the guidance said assume that you have, want, have the email of this person, of the archivist, but you're not required to save every email that ever came in and out of the archivist's email box. The policy says there's certainly reasonable things you can do to manage that email before you transfer it to the National Archives. It also says that even after you transfer it to the National Archives the Archives is going to reserve the right to do further culling based on what we need to do as part of our archival processing. Although it was not described in detail, the idea behind it was if you can get users out of having to make individual decisions and do it account based, then you can bring in information professionals that can make the decisions that we heard about this morning about what should I keep, what should I not keep, what belongs in this account and what does not. We also talked very much about scheduling. If you agree in principle with Capstone that there is going to be certain accounts you keep and certain accounts you are eventually going to delete, then what you are having is a numbers conversation. ^M00:10:00 How many people and how long? And the Capstone policy was hands off. It didn't prescribe a certain number of people and it didn't describe your attention because the policy just said this is the approach. If you're interested in learning a little bit more about that, NARA is working on a General Records Schedule for Capstone accounts, and we've published it. So it's in our ^IT Federal Register, ^NO so I can discuss it in a little bit more detail. It's out of the house. If we the Capstone General Schedule approved, and it's the way it's written now, then seven-year retention would be the minimum retention for most non-Capstone official accounts. We also have a three-year in there as well for some administrative accounts. But, in general, seven years was the target. So we would say all email in the Federal Government for non-official Capstone accounts will be likely kept for seven years. Some administrative positions, three years. Longer is authorized. So if an agency decided they wanted to go with 10 years or 15 years, if they wanted to create multiple categories in this approach. For example, you could say I have Capstone officials that are permanent but my contracting officers are my lawyers, given what they do, I want to keep them for 10 or 15 years. You could create all ways and approaches to slicing and dicing Capstone. We are giving agencies the flexibility to determine how to use it. We are -- but seven years and three years would be the minimums that all email would be kept. We think that would support transparency and openness because you know how long it's reasonable to expect to have government email available. And then we think it supports efficiency and effectiveness because IT providers can start institutionalizing the events that will drive deletion and disposition or holds or freezes. You have a platform to work on. And I would -- I have to do a time check. >> About eight minutes. >> Lisa Haralampus: Okay. Well more -- I know Capstone in 10 minutes is very hard to do because it's so much subtlety. But I think my colleagues next will explain a little bit more when they go into how they're looking to do it. And I will also then conclude with Capstone is an approach that NARA put out there for agencies to consider. We've had a lot of feedback that many agencies are looking at it. They think it will work in their organizations. But it is not a requirement and it is not the only way. And we expect that over time, in the next decade or two to come, there may be other tools that we can use in addition to this roles-based approach to email management, and we look forward to continuing to have dialogue and exploration over how to identify, capture, manage, delete, and then ultimately archive our Federal email. Thank you. All right. ^M00:13:00 [ Applause ] ^E00:13:05 ^B00:13:17 >> I'm just going to do one. Okay. >> Deborah Armentrout: Okay. Your emails aren't popping up there or anything. Good afternoon. Thank you very much for inviting me to this great event. As others have said, it's been really good to hear the presentations this morning and realize how we're all dealing with this. I also want to thank the National Archives for considering that a Nuclear Regulatory Commission as having a good records management program. I will confess that I am not quite sure if we're so well with email, but I will try to describe that to you in 10 short minutes. Before I do all that, if you have any difficult questions about the technical aspects of it I'm going to point out Victoria Barrett in the back who has been helping us to -- with the working group that we have. She's the one who's kind of been our point of contact for that or maybe sometimes a point of conflict. It's a rough role. Anyway. In the Federal Government, the Records Officer's job is usually to make sure that we're managing our records well and handling them in a manner that we are appropriately either destroying them or sending the good stuff to the National Archives and Records Administration. So looking at our email program right now, I'm going to talk about our current state, our opportunity for change, our future state, and some challenges, hopefully in 10 minutes. So our current state right now for email is that we have -- it's a user-based decision. Do you think you've created a record? If you do, you save it. Now, fortunately, we don't require print and file because we do have a document management system, so we do have the capability of saving an email as PDF and putting it in our Document Management System. However, for high-level officials that have the permanent good stuff, it's still been a print and file. So that has, of course, led to difficulties with discovery, difficulties with FOIA. You know, we're still kind of plowing through paper trying to find responsive records or even historical records. Between our Office Directors and our Commissioners and our Chairman, we're probably not doing such a great job. I hesitate to say what might be happening with some of those. With our mission critical emails, I think we're doing a really pretty good job because, if a regulatory commission, relicensing, the material of -- or the nuclear materials, so everything goes into a hearing process. So, because we consider this kind of a proactive discovery, we know what records are needed for those hearings, so we are already saving those through our process. And then, of course, we do have a volume limit, so many of us go into email jail quite often where we cannot receive or send emails, and frantically we archive very, very, very small a archive everything in the PST file on our hard drives. Okay. So there's -- it's basically been a free-for-all. We kind of have a CYA culture and so we haven't been doing such a great job of this. However, opportunity for change. Along comes the National Archives and the Presidential Directive, and Capstone. And it's like, well, it may not be the most perfect way to get a handle on email but it is definitely better than what we have been doing. So we used that justification to get a budget to actually handle our email, and my goodness, everybody suddenly was using the Presidential Directive for Managing Government Records to get some money to do whatever they've been wanting to do [laughter]. I was not even aware of some of this, but suddenly everybody wanted to support records management. ^M00:17:18 [ Laughter ] ^M00:17:21 Yeah. You get it. So we developed this cross collaborative group and it's a cross functional group between Customer Service, Operations, Solutions, and Policy. And we've done a really good job of usually getting along. As I said, Victoria's probably been more of our point of conflict for us, but it's a group that's been pulled together to write policy, to address where we have gaps in policy, to look at the technology. Earlier someone had mentioned they went through the demos. We've gone through the demos. We've written requirements. And now we're going to be putting forth a recommendation that we have to put forward to our Architectural Council and then kind of present that up the chain, if you will. For our future state, yes, we hope to do Capstone. We do not consider Capstone to be a change in policy because the Nuclear Regulatory Commission Office Director and above communications were always a permanent record. So we're trying to convince people who want us to put this towards a Commission vote that we didn't change the policy. We're just changing the technology of how we're getting this done. We also would like to offer up situational Capstone, so an event like Fukushima. Whenever we have project managers and other staff who get pulled together on a team for a while and also those emails happen to be the ones that are -- the public gets quite interested in, that we would create a situational Capstone and at that point kind of trigger all of those to also be saved as a permanent record. The rest of the staff would be non-Capstone. And then we're looking at using the General Records Schedule three to seven years. We're still kind of in negotiations with our General Counsel on how we're going to handle that. We also still have our business-based emails which are the ones that I was just talking about, the pro-licensing. Our Project Managers know to put that in our Document Management System, and those are typically saved as permanent records along with that case file. It would be really great in time if that can be done via some kind of auto-capture mechanism. But it would also be really good if at some point we could look at those three to seven year non-Capstone accounts and see if we could start using some kind of analytics to see if we could find some interesting historical records in there. ^M00:20:05 We're also looking at safe harbor, which -- I'm not sure if Lisa mentioned that or not, but that would be -- and I said looking at this. We're not sure if we're going to be able to do it, but allowing staff and perhaps even at that Office Director level, because it will go over a whole lot better with them when we need their support to do this. If they could cull out their own emails that -- honey, I'm going to pick the kids up after work. I mean, maybe many years from now they're going to find that interesting if that's what someone says at 3 o'clock every day. But at this point we kind of think, nah, we don't even know if you're getting milk, picking up the dog, picking up the kids. And then, also, we found out that -- you know, you cannot separate policy and technology anymore. This is a challenge. But this is also a great opportunity because you can't create these -- you can't create policy or requirements and toss it over the fence and hope that they're going to build what you need. And so we were looking at journaling. And we very well might have to journal because in most cases that is how you get to distribution lists. Now we may not keep the journal record for too long, but that was the case where we can't just write policy without understanding what the technology is doing. Do I have any time to talk about my challenges? >> You have three minutes. >> Deborah Armentrout: I have three minutes to talk about my challenges. Okay. Phew. One whole page. No. It really isn't that bad. I think all of us understand that one of the challenges is that emails are not seen as official. People pretty much have used them the same way that they use their home AOL accounts. So this is going to be a challenge. There have been whispers at work that we're going to be doing something with their email. So I've already gotten questions about that. We do not have an enterprise taxonomy right now, one of the things that we're working on in our records program. But it's going to be very difficult to manage all of that whenever -- you know, it's been a free-for-all and people are putting things in their own folders how it suits them, and not from an enterprise perspective. As I said, this is forcing technology, policies, security, IT operations, and solutions all to work together. As we said, we're like blazing through new territory here at our organization with doing that. Requirements cannot be tossed over the fence. I think this is a really unique time for Records Managers to figure out how do we start managing information, not based on the old way that we did with record series, but I think that we really have a new opportunity here to look at how to manage this to make it easier for the users. Lots of really good technologies out there. Yes, you have to train some of it, but we've got it -- it must be better than what we've done. It may not be perfect but it should end up being better than what we've done in the last 10 to 20 years. Thank you. ^M00:23:15 [ Applause ] ^E00:23:20 ^B00:23:40 >> Jeanette Plante: Hi. ^M00:23:41 [ Inaudible Speaker ] ^M00:23:42 [ Laughter ] ^M00:23:49 Is that better? This is the way I start, with a joke [laughter]. I'm Jenny Plante, or Jeanette Plante. I'm the Records Officer with the Department of Justice. Kevin, no pressure on that whole good records program thing. But thank you. And I'm very happy to be here, and I only have 10 minutes so I'll talk fast. A couple of things on my agenda. I only have a couple of slides. I didn't -- for 10 minutes we didn't have a lot. I want to talk a little bit about the issues and challenges of email in general, just by way of background. And a management framework for managing email. At least that's what we're trying to achieve. I also want to give you a little bit of DOJ context and at the end, I hope, I'll just raise a couple of issues that we have found with Capstone. We are using Capstone. But by way of information, the Department of Justice is about 110 FTE -- 110,000 FTE, forgive me [laughter], and about 30- to 40,000 contractors. We have 43 major components and about six bureaus. So it's a pretty big place, although it doesn't compare to VA or DOD in any way. Nonetheless, it is a big organization. And the result is that there will be no one solution across the board, just because the functions and the business processes are different, the sizes of the components are different, and there are different needs in every organization. In terms of issues and challenges, one thing I want to emphasize -- I think Ed may back me up on this -- is that the technology is not really the biggest challenge. The biggest challenge is our business challenges -- human nature. Nobody wants to drag and drop a million emails a day. And they're just not going to do it. And that actually comes to another point that I want to emphasize in this particular segment. And that is that we come at this from a very different perspective from archivists. The single most important thing for email management, for me, is that it works in the business process. And certainly I have to meet the archiving requirements. But the first thing I have to do is to work with our CIO staff to be sure that the email is being managed in a way that the people that are doing the work can do their work. And that, as I'm sure you understand, initiates some challenges. The nature of email -- it's conversation. And I raise this only because I think it's important to recognize that. Never in the history of the world have we captured all conversation. And we set a false baseline when we assume that we have to capture every single email or every electronic communication that exists. Okay, okay. I've got people raising their hands. ^M00:26:25 [ Inaudible Conversations ] ^M00:26:28 All right. It's a revival. Here we go [laughter]. All right. I like that. Another thing I want to raise is the evolving business practices. I am a lawyer by training, and when I was first in private practice I had a secretary. And my secretary did all my filing. It was really nice. I really, really loved my secretary. I don't have a secretary now. Actually, I sort of do, but she certainly doesn't file my emails. And what we're asking people to do is to undertake a portion of work that they have never been required to do before and for which they typically have not been trained. And I don't think that we have accommodated that change in business practices. And then there are certainly technical limitations with email which we've talked about already today I think in a very intelligent and interesting way. But there clearly are technical limitations. So what I really want to talk about is the management framework. There is a -- somebody will hold up a hand when I've gone too far. There is a directive out there from NARA, all you NARA people. You said manage your email by the end of 2016 electronically. I have laughingly said well, we do that now. The question is whether we manage it well [laughter]. But that really comes to this point, and that is there is no baseline standard that has been described anywhere. What are we going to measure that management against? What is good management of email versus poor management of electronic mail? We have developed with the Department our own set of standards against which we will measure whether we have succeed. You have to know when you're done. Although we'll never be done. But you have to know when you feel like you've reached those goals. So these are the elements that I have here listed of our management framework at a very high level. We have Capstone schedules in place for the senior leadership offices. We have had those in place since 2011. We have a DOJ Police Statement which I'm going to talk about in a moment and describe for you what the high-level policy requires of all of the components in terms of how they manage their email and what the retention requirements will be. We have worked diligently on defining business requirements and business rules for electronic mail. I have a nice set of business requirements. It certainly needs to evolve. It needs more. But we've done a good bit in terms of defining what the business rules require. And I will tell you, although those of you that are IT might not agree, in some respect those business requirements, as you're trying to develop the technology or acquire the technology to meet those requirements, there is a lot of wheeling and dealing on how it is you really implement the how-to regardless of the capabilities of the technology. Technical solutions, clearly. That's a huge factor. We have to have sufficient technical solutions in place. Training is a big deal. And it's continuous training. Users have to know what their requirements are. People coming into the offices, people who are moving to other offices, the email systems, the way they're implemented, what the business records are within particular organizations or functions within these offices. Training is a very, very huge component. And evaluation and review of our approach. That's a big one. We have not really fully defined -- fully defined. I'm looking at my Deputy Director. ^M00:30:02 We haven't defined at all yet exactly what we're going to do in terms of evaluation and review because evaluating to determine whether you've met your standards requires that your evaluation really has some substance. It has to actually demonstrate what you need it to demonstrate. And email's very tricky and very difficult to do that. So we are working on coming up with an evaluation review program. We have actually started using the A-123 as a basis for undertaking evaluation and review because it's an entrench process, and we can add in some high-level questions so that components that -- or not having to deal with a new process for evaluation of how they're undertaking their work. So I want to talk a little bit about policy now. This is a synopsis of our DOJ Policy Statement 0801.04, just issued May 8th, 2015. Yeah [laughter]. It is not an onerous process, but there is a very involved process, an issuing policy in the Department, and it has been fully vetted throughout the Department of Justice though the Directives Managers in all the components. In the end, I think we ended up with something like 60 comments, and that was after we had it in a format where we'd already done some informal work with a variety of components and stakeholders in advance. So we're pretty proud of this so far. The devil's going to be in the details in implementation. The scope is everyone who uses the DOJ email account. That means all staff employees, all contractors using a DOJ email account, all volunteers, all interns, all fellows. Anybody who's using a DOJ email account needs to comply with the policies. The Capstone officials in the Department are the Senior Leadership Offices. That's the Attorney General, the Deputy Attorney General, the Associate Attorney General, and all of their program staffs, the heads of all components and their direct reports, and they are permanent. And we have 13 Attorneys General for a variety of components. We have various Directors -- the Director of the FBI for example, the Administrator of DEA -- those are high-level Capstone officials -- and their direct reports. Their email is permanent. The direct reports was something of an issue. We have certain offices, for example, where there might be an Assistant Attorney General and then a Principal Deputy Attorney General, and a collection of other Deputies General beneath that. And so we allowed the components to choose their Capstone officials. We identify them by name -- sorry, by title, not by name. And it is an appendix to the Records Retention Schedule, so that shouldn't change. It will have to go through that kind of an amendment. Those are all permanent records. We carved out case and project files and declared -- we'll see how this goes -- that emails acquire the retention of the case or the project. Now most of our work is focused on litigation or investigations. There's actually -- it's a pretty logical organizational structure. There are lots of different ways to associate email with a case or project file. And we have a fairly extensive definition which I don't have here with me today because I don't have enough time to talk about all of that. But that was something that we really vetted throughout the Department because we wanted to give examples that were relevant to the kind of work that we do. And as I say, you can use a variety of ways to do this. You can use a full-scale RMA. You can use document management systems. You actually can -- it's not elegant, it's not pretty, but you actually can manually associate emails simply by organizing them by folders, and then when the case or the project is closed, associating the information with a particular case or project. My hope is that we get far beyond that in most instances, and I think we will. But that's certainly -- it's a back-up, frankly. Non-Capstone, non-case or project email can have a retention of anywhere from three to seven years. It's temporary. And that is up to the head of the component and has to be formally declared and filed with my office so that we know what the retention is and whether they're using a three-year or a seven-year. And, frankly, it has varied from component to component. Non-record email is completely non-record email -- you know, I'm going to pick up my kids -- when no longer needed but not longer than seven years. And I put the cases and projects definition here as just a reminder. If anybody's interested, I'd be happy to share that with you. That was sort of hard-fought. There were lots and lots of comments on what really constitutes a case or a project. We also address personal email account use. Not personal email -- personal email accounts. There's a big difference. And essentially the policy is don't use it unless there are exigent circumstances. And believe it or not, we spend a lot of time working on what we're to use, and exigent seemed to be the best [laughter]. It does not work to say unless an agency email account is not available, because sometimes circumstances may be such that it's still better for you to use the personal account. What we've tried to emphasize in the policy is that what's most significant is that you capture it within 20 days, within the Department's email account. So, issues and challenges with Capstone. And this first one I think is really very significant and I wanted to raise it with you all. Account management -- you get the information about who's a Capstone official when you open the account. You decide where you're going to put the stuff when you close the account. There are all kinds of instances along the way where someone may go on detail, someone may change position, someone may transfer permanently to another component. All of that has to be captured in your account management system. And most account management systems, we've learned, were really designed, rightfully so, to accommodate the security needs and the requirements of the IT staffs, because that's all they were asked to do. But what we're doing now is a joint project with our IT staff on redeveloping the whole account management process and the data collection that occurs at each stage. That is when an account is opened, what component is it from, what is the title of the organization. The Records Officer or Records Manager from the component has to sign off on it. How long have they been there? What is the nature of their work? So it seems like a lot of information, but it really only has to be done once, and that's at the point when you open the account. It also has to be done again, and we're trying to combine a lot of these different processes to make it more simple for the users, when you transfer or detail to another component. We have some written policy on what happens when you transfer a detail if you want to take some information with you. How you handle and manage that information. We have another policy statement that addresses what happens to the information when you leave the Department. Who gives you authorization to take copies? How you go about it; how do we document it? I can't emphasize enough how significant and important this is. It's even important in the sense when you have a need discover request related to leadership offices. If you develop the account management process correctly, and you collect the right information, and you allow for the right kind of reporting, we can, for example, run a report that tells us the name of every program official within a certain office between certain dates. And you can do that simply by reengineering you r account management processes. I say simply. It's not that simple, but in the end it save a lot of time. There's an ongoing training burden. I referenced that before. I think you really need to be sure that all of the components are training their staffs on what is record within their components, and how they are to accommodate this need to handle case and project file information. There's management restructuring on the back-end. And by that I mean we now have Capstone schedules in place for the three senior leadership offices. We will have the Capstone schedules in place for the rest of the senior management in the Department across the board. It might even be today. At last I heard, their schedules were going to be signed within the next week or two. And so that means who takes care of the stuff when it's all said and done? I now have all of this electronic mail. Am I going to use a distributed system where each component manages its own email for the next 15 years? And we rely then on each component to worry about migration schedules or different search approaches. Or is that something that the OCIO, who has not historically taken on that role for the whole Department, should do? Should this be a centralized approach? Should there be a centralized repository for all of these very, very disparate components? And that's something we're still struggling with. Struggling's probably not the right word. It's something that we're trying to divine more clearly and to determine what really will be the best approach. And then the last issue is the human inclination, we're back to human nature, is to extend practices and approaches for email to all electronic messaging. Well, it is not easy to forward a text message. ^M00:40:00 If you have an iPhone you really can't do it well. You lose the metadata. If you're using Instant Messaging you can't, if you need to place a legal hold, place a hold on just one person's information. You have to place a hold on large groups that have been pre-selected in terms of how Instant Messaging is set up to begin with. The technology -- if we think the technology is difficult for email, the technology for all of these other electronic messaging approaches is worse in terms of capture. So I've just been give the signal. Sorry. I think I went over. Any questions? We'll talk later. Thank you. ^M00:40:37 [ Applause ] ^E00:40:43 ^B00:41:04 >> Edwin McCeney: I want to first off thank the National Archives for inviting me here. I'm Ed McCeney. I'm the Departmental Records Officer for the Department of the Interior, and I'm glad to see that we have a good records management. Hopefully, after I give this presentation, everybody thinks the same thing. What I'm going to talk about is what we did within Interior, the reasons why we did it, what we could have done better, what we still have to do, at least within Interior, and then what we need to do across the Federal Government. Now I think I'll give a spoiler alert. Jenny kind of alluded to this before. Oftentimes, and I think this group is probably one of the more friendly and understanding groups in this matter, we look for technology and then we try to find a problem to the technology. And, really, records management comes down to doing the due diligence that you have to do up front with basic records management skills and applications. But applying it, at least in our case, to an enterprise environment using innovative approaches and doing a lot of the work up-front. And I think Jenny alluded to that with identifying email and identifying Capstones and the account level when you actually establish the account. It makes it a lot easier than when they're departing. We have departure in the next year or so one way or the other. So the reasons for why we did what we did. Let me tell you what we're doing right now. The Department of the Interior is journaling all inbound and outbound email, and this includes contractors, interns, volunteers. To give you an idea of our size, we're about 70- to 80,000 FTE. We usually expand to about 140 to 150 with volunteers and others, with Park Service and some of the other agencies that take on volunteers over the summer. So we're not the biggest but we're certainly not very small. The reason why we had to go with a capturing all inbound and outbound email, and we did it across the Department, was we couldn't really stay where we were. Where we were was we had, because of legal actions, we had to capture all inbound and outbound email for about half of the Department. We were using a contract vehicle and using technology that just in every way, shape, and form we couldn't use anymore. The technology was old. The contract structure was bad. The acquisition, the money, it was a sinking ship and was going down fast. So what we ended up doing is we reallocated that money and we went ahead, instead of covering half the Department, we covered all of the Department. So all of the inbound and outbound for the Department is done as opposed to just half the Department. We used to be divided. In fact, we still are in some ways. We're divided into what we refer to as trust bureaus and non-trust bureaus. Trust bureaus deal with Indian Trust Assets. Non-trust bureaus generally don't. It's not a hard line. It was just how it was defined in that particular court case. So the second thing was that we also saw efficiencies and opportunities for records management within the organization. And we also saw -- the third item was that we saw a greater opportunity to present records management as a service to the Department, as opposed to a function. And, ultimately, DOI needed to manage records in a consistent uniform manner across all bureaus and offices. What we were finding is some bureaus would retain one set of records for 10 years. The other one would save it for 20 years. Why? It was just the way the schedule was. No real reason. It just happened to be the [inaudible] archivist at the time decided 10. And one decided 20. So what we did. I'm going to go through this fairly quickly. This is kind of my little cookbook recipe. So first off what we ended up doing was we used the existing work that we had. We identified the existing record schedules. We tried to make sure they were up-to-date and they were still applicable. What we ended up doing after that was we cross-walked the record schedules to the lines of businesses within the Agency. We have a strategic plan that kind of groups all of our LOBs, lines of business, up into about five groups. And so we cross-walked all the schedules and figured out where they belonged, or at least where the appropriate place was that they belonged. We then aligned the record schedules and LOBs to the Agency mission, and identified key stakeholders for those mission areas. The fourth items was that we simplified the record groups based on commonality of factors: retention schedules, business relationship to other records. The fifth item was that we prepared a departmental record schedule that aligns the records with the LOBs in the mission. Last year, in fact, we're coming up on the birthday, June of 2014, we passed what I think is the first department record schedule. So it's for the administrative records. And so we have consistent retention and consistent management for all administrative records. We're doing that right now for Legal. That's taking a little bit of time because it's hung up at the lawyers. But we hope to get that out fairly soon. We're almost done with policy right now. We have about -- one bureau that has had some difficulties. We're working with them. I think we're going to get that out in about the next six months or so. We already have one of the -- our mission areas. We have our mission area and we agreed and so did NARA that we wanted to split mission out to about five areas. And we have a lot of missions. In fact, if you go through our LOBs we have one of the highest mission areas around. To give you some idea, the reason why we have so many missions is because we manage about one out of five acres in the United States. So we are by far the largest landholder in the United States. That comes with a lot of resource management. There's a lot of LOBs that go with that. What we ended up doing after that was that we incorporated auto-categorization for the electronic records using a new management, records management structure. I won't get into a lot of detail. I only have 10 minutes, I know. But it gets into identifying the exemplars for particular record groups. And so those exemplars or those examples that -- it's like, okay. If you look at five or six examples, the technology will go, you know what? This record coming in looks exactly like the four-year report that you just created last year because it's titled the same way and it looks the same way. I think it's a four-year report. It will also give you a confidence rating. It's says I'm a five out of five stars that this is four-year report. And most of the time it's correct. We're actually having very good results in that. We have about -- we have a minimum of 75% accuracy for that. That's our requirement. And then we fully integrate with all records management media, not necessarily to the point that we're going to convert everything into electronic records, but moreso that we have one central area that will either have links to where the records are or will actually have the records available. The last item that we did was incorporate the records management practices into the agency, the particular agency's information lifecycle or its systems development lifecycle, because we have a lot of systems out there that, believe it or not, they didn't really think about records when they created it. And so it goes into production and there's no schedule for that. And so that's difficult. But what it does when we have the Departmental Records Schedule is that we can go back and look. You know what? We have six law enforcement agencies here. And this system here looks exactly like the system that we just created over at the Park Service, or we just created at the Fish and Wildlife. So those are some of the things that we did. And I think we did those fairly well. But we have a list of things that we didn't do so well or things that we could have improved upon. The first thing was that we could have had better communication. That ended up becoming very pivotal. Better communication up to our politicals, down to our staffs, across, inside, outside, amongst the outside. A common understanding of terms would be part of that communication. A favorite word that we like to use in records management is what is an archive? Technology will tell you differently than what an archivist will tell you. The second item is that we could have formed our work groups better. What we really find is that right-sizing the work group -- because if you have them too small, you can't really move forward. If you have them too big, then you just get kind of encumbered. So you want them big enough to move forward and confident enough that when you come up with a solution that solution is viable. We could have also done change management better. Managed changes within the organization, managed changes outside of the organization. I think the last one is also just managing the expectations which kind of leads into all of the first three that I just identified. So what still needs to be done within DOI? I mentioned to you that we're still working on the DRS, Department Records Schedule. We're doing it in phases. We have the Administrative covered. I think the Policy and the Legal we're going to have at in the next six to nine months. At least I hope so. That's our goal. And we've already submitted the first mission. We have four other missions. I believe two of those are about 75% done, so I think those might be ready to go in the next six months also. We also need to finish developing and implementing our -- what we refer to as SOPPs, our Standard Operating Policy and Procedures. That's what we have going across all of the department. ^M00:50:02 One of the SOPPs that's very pivotal for us is our Disposition SOPP. What that allows is for is to uniformly say this is how we went through the process for getting rid of a particular record if we're dispositioning that record. That really helps also if you have to sit there and testify. It's like well, what process did you follow? Well, our process is the same across the Department, or relatively the same. So what still needs to be done? The first thing is we really need to ensure clear, up-to-date regulations. Lisa knows this. Thirty-six CFRs, subpart A, subpart B, and subpart C really need some work because one of the challenges that we're going to have in records management is we want to make sure that we're doing it consistently across the Federal Government. And the challenge is, if we're not doing it consistently across the government, then we're going to have inconsistencies, and those are going to pop up when we get into operations. The second item is to integrate the electronic records process with the NARA ERA tool. It's a real challenge that we have. ERA had a lot of promises. I think they've come through on some of those promises. But they still have a ways to go. And one of those is when you actually do the electronic transfer. You still have to go off to independent media or you have to work out some sort of deal with your archivist in order to accession the records over to NARA. You can't just hit a button and have it transfer. The last item is -- we've brought up a couple of times, but I really think that we need to identify or really need to speak to it more, is lifting print and file, the print and file requirement. It sounds easy. It really isn't. We've been working on it for about two-and-a-half years now. So we still have to save everything because it involves Legal, it involves Financial, it involves Regulatory, and it also involves the organization. Just to give you a little bit of taste, and we've had many meetings with DOJ, and also with Gary Stern, is that we have current cases right now where the media was print and file. It was paper email record. And so we have to go back and get some agreement or at least some understanding that we're going to go to the electronic, and the electronic is the same. It sounds easy when you say it here, but it really isn't. I think that one of the items that we also need to work on is records management maturity model, working that into a continuous monitoring process. I've talked about his a couple of times at the Federal Records Council. But really integrating, I think, the OMB 1218 which says that you designate your SAO once a year. Well, just designate your SAO when you get a new SAO. And then don't wait until November. I mean it seems intuitive or something like that, but the other ones are a little bit more complicated. And that's it. Thank you. ^M00:52:42 [ Applause ] ^M00:52:48 >> Well, that was great. Thank you all very much. I was scribbling furiously and some of the terms that jumped out at me were auto-characterization, cost training, burden, exigent, communication. What else said? Journaling. Then things that transition from traditional series-based records management to something different. Beyond is it communication still or is it something else? Is it system-based? So I personally have a lot of questions. I'm sure there are many out in the room. But I'll get things started. You mentioned A-123. There are three chairs. I guess somebody can stand at the podium and -- >> We'll [inaudible]. >> Yeah. >> There should be four chairs up there. >> Are there four? No, there are four chairs, miraculously. So, Jenny, you mentioned A-123, and I was wondering if you could give us an explanation of what that is. >> Jeanette Plante: That's -- well, I wish I could do that before I [inaudible]. That is a -- it's an LMB Directive. >> Mm-hmm. >> Jeanette Plante: And it is a requirement for the monitoring and assessment of controls. It has historically be used for financial controls. It's an annual assessment. But if you read it carefully, and it's kind of painful to do so, it actually talks about not just financial controls but management controls of resources. And there are actually even a couple of references to records in there. And so we have partnered with IREO, which is Information Resources -- it's a small office in the Justice Management Division. And as they send out their questions annually to the different offices in the Department to get feedback on what financial controls are in place, we have included requests for information on recordkeeping. They come back. They're analyzed. They're assessed. And then we have an opportunity to go back to the components and work with them. So we just started to do this in the last year. It's at a very high level right now. We're refining it. We will be talking about email and other things in it as well. And also we intend longer term to use the capability maturity model that NARA developed with a bunch of us agencies. We want to figure out how we want to use that as an assessment tool as well, so. >> A question in the back. >> The recently released NARA General Schedule is in the ^IT Federal Register ^NO that you talked about earlier, the one that would say for non-Capstone email addresses it would last seven years for retention. Can you talk a little bit about how seven years came to be the actual length of time, and whether that maps on the sort of experiences around the Federal Government in terms of existing very general schedules that existed? >> Lisa Haralampus: Right. At a very high level we looked at many different factors to determine what timeframe would be -- for that retention. And I would just say in a quick response that there were a number of statutes and limitations that landed around six years and three months, especially for a lot of -- six years and then rounded up to seven years. So that was, I think, the basis for the majority of that. The three years was then again another recognition that there may be some very, very administrative records. And even then three years was where it came down to from there. So statutes of limitations was what helped to come up with that. And rounding up seemed simpler as an event driven to seven versus -- >> Jeanette Plante: It's also a lot of the financial records. >> Lisa Haralampus: Yeah. >> Jeanette Plante: The GRS is six years three months. >> Edwin McCeney: Right. >> Jeanette Plante: It's a lot of administrative stuff. >> Edwin McCeney: Yeah. >> [Inaudible] I think this question is most specifically for Lisa. I was just curious. I believe everyone who was up there, all your agencies use the General Schedule for [inaudible]. And I was just curious. When you implement the Capstone like from the former agency that I came from, when we looked at trying to implement Capstone, the issue was the title and the grade or even the functional position of that individual was kind of challenging sometimes. And I was just wondering in your implementation at NARA if you encountered that issue and what you did to try to overcome that? The difference between -- like did you say, everyone who's a GS-15 above or 14's or just in terms of that title, I'm just curious how that worked for you for the Capstone approach for archiving of emails? >> Lisa Haralampus: For those of you very familiar with the Federal Grade Structure, the 14s and 15s are the top of the General Services. I would say for our Capstone implementation we went higher to the SES level, the Senior Executive Services. So that was one of the factors for consideration for NARA. Schedule analysis, somewhat looking at the ^IT Plum Book ^NO which is -- and the -- so our current -- look at our own record schedules, ^IT Plum Book. ^NO We looked at the ^IT Government Manual, ^NO and we sort of looked at the analysis. Again, it wasn't so much by grade but more of the function of the office. So we certainly would say if there was a GS-14 or 15 Program Manager, that we have a high expectation of permanent records of -- be generated from that function, then that position would work. The 14's and 15 example might handled more for special assistants that associated with the -- I think Jenny said like direct report, like this position here plus the high level assistants [inaudible], but not just based on the grade. >> And then the other question is talking in terms of Federal policy. I was kind of laughed at my last agency as those, because when you realize that records management of the era of trying to get people to do it and they don't, but I've always wondered if there's ever been an approach or an undertaking or perhaps a little bit of recommendation is to put it in our Performance Plan. Like make records management be a standard of a core mission critical element for all Federal Government employees. It's a part of our job. It's just an innate thing like, obviously when I tried to do this [laughter] in the other place, they're like, yeah, the union will never go for that. And it was pretty much the same reaction, but just in terms of when you talk about something broader people who have more say that, you know, in the incorporate of everyone no matter where you are at on the pay scale, the grade scale, that we are preserving and trying to protect American legacy and American history. I think the value to give to that, to say that it's in the Performance Plan of everyone would be critical to our nation. >> Jeanette Plante: Well, I actually have made that recommendation, but -- and it has not yet been adopted, and it may at some point. But with that recommendation, as with all things, comes a huge amount of work. Because if that is a basis for performance then you have to measure it. ^M01:00:01 You have to be able to speak to each individual on your staff about whether or not they are meeting the requirements or not meeting the requirements. And if in this room we cannot yet define when it is we will have won on email, I think it's very, very difficult as a supervisor to declare that someone's performance evaluation is going to be lowered because they somehow have not met that requirement. I do think as well that you can still use their performance and their management of their information in the larger context of their success in carrying out their functional responsibility. So I don't think it's a bad idea, but I think it's a lot more difficult to implement in a way that is fair and really measureable than we might think, so. >> Deborah Armentrout: I think that we also are advancing in the fact that in the Presidential Directive it does talk about training across the government for all employees which is for most agencies not something that every employee had to go through. There was usually not even in the new hire orientation anything about records management. And I know that a lot of agencies and including the Federal Records Officer Network are now addressing training across the board. So I think that will be helpful even if we don't work it into the performance appraisals. >> Lisa Haralampus: And related, but not answering your question, but I will share the latest news in our profession records management on hiring or personnel, is that we now have a OPM job series. So for anybody out there interested in joining us in the world of electronic records management, a 0308 Records and Information Management Specialist. I don't know. So my answer to you is rather than seeing it in everybody's position, I'm just thrilled to be able to say we can see this now in our position that we're recognized in the profession that way through OPM. >> Edwin McCeney: At Interior we gave up [laughter] because -- I mean, Jason Behr [assumed spelling] and I had this conversation. He used to be Director of Litigation. And so we have -- we get sued a lot at Interior [laughter]. And so the question was, well, we'll only ask a person one or two questions. Is it a federal record and is it permanent or temporary? And human nature being what it is, you're going to take the easiest answer. And trying to get consistency across 80,000 people -- forget it. It's not going to happen. And so for email we don't care what you do with your email because we have your email. ^M01:02:45 [ Laughter ] ^M01:02:47 And so, you know, if you -- you can manage it. You can put it in any folders, anything you want. But we capture all inbound and outbound email before you get it. And so we auto-categorize it. And we put it in our recordkeeping system. It's like the ultimate big brother [laughter], but it's a lot easier that way because, as Jenny says, it's a lot of work to try to get everybody to answer the same way each time consistently. I'll give you a quick example. We had one agency that was Minerals Management Service. You might have heard of it. It's right at the Deepwater Horizon. And it literally and figuratively kind of exploded. But they had 1500 FTE and 1000 record schedules. How do you consistently select that? You don't. >> All right. Well join me in thanking everybody. We're moving on to the Policy and -- ^M01:03:36 [ Applause ] ^M01:03:38 >> This has been a presentation of the Library of Congress. Visit us at loc.gov.