• Contacts
  • Contact Details
  • Contact Us
  • Home
• Mobile Computing
  • Lap-Top Security
  • PDA Security
  • Enterprise Mobile Solutions
  • Mobile Solutions for Public Sector
• Solutions for email
  • Email Archiving
  • Email Archiving Seminar Program
  • E-mail Firewalls Anti-SPAM
  • Anti-Virus
• The NHS
  • Agenda For Change
  • A4C Seminar Program
• Security Solutions
  • Remote Access SSL VPN
  • Password & Identity Management
  • Internet Firewall
  • Secure DNS Server
  • Document Collaboration
  • Web Content Management
  • E-commerce
  • Alumni Membership
  • Network File Encryption
  • USB Memory Drives
  • Smart Cards & Single Signon
  • Aladdin eToken
  • URL Web Filter
  • Fault Tolerant IP
  • SSL Acceleration
  • Tape Backup
  • Network Storage
  • Wireless Networking
  • Domain Names
• Resources
  • Library
  • Product Data Sheets
  • Customer Projects
  • Articles & Links
  • Credit Card Systems
  • Nominet T&C's
  • Accessibility
• Site
  • Home
  • News
  • Events
  • Contact Details
  • Contact Us

Freedom of Information Act

Legislation & Email Archiving : an update
Executive Summary
Key aspects of the act
Code of practise on 'The Management of Records by Public Authorities'
Questions to ask your email administrators
References

Code of practise on “The Management of Records by Public Authorities”

Active Records Management

Record Creation

Each operational/business unit of an authority should have in place an adequate system for documenting its activities. This system should take into account the legislative and regulatory environments in which the authority works.

Records of a business activity should be complete and accurate enough to allow employees and their successors to undertake appropriate actions in the context of their responsibilities, to

• facilitate an audit or examination of the business by anyone so authorised,
• protect the legal and other rights of the authority, its clients and any other person affected by its actions, and
• provide authenticity of the records so that the evidence derived from them is shown to be credible and authoritative.

Records created by the authority should be arranged in a record keeping system that will enable the authority to obtain the maximum benefit from the quick and easy retrieval of information

The implications of this are that you need to be sure that the version of the email you have is definitely the one that was sent or received, i.e. it has not been changed since it was received. It is also desirable to audit the access to the archive, to protect against accusations of “fishing trips” and be able to output the results of a Legal Discovery search to a variety of formats, including PDF, which can help protect against onward changes to the evidence. Recovering emails to an inbox puts them back into a state where they can be accessed, changed and saved back, whether this is done maliciously or on accident.

Note: Within an email system a user may read an email, change it and save it back to their inbox. Alternatively, if emails are stored on a public access area on the network, anyone can go and change or delete any email they wish, so making sure the appropriate access controls are in place is important.

Record Maintenance

Records should be controlled to ensure that a record can be easily retrieved at any time, that any outstanding issues can be dealt with, and that there is an auditable trail of record transactions

Equipment used for current records should provide storage which is safe from unauthorised access and which meets fire regulations, but which allows maximum accessibility to the information.

© Business Union Distribution Ltd 22nd October 2004. Produced in association with:
ecommnet Ltd Tel: 0191 478 8315 Email: info@ecommnet.co.uk Web: www.ecommnet.co.uk