Many documents play a long-term role in corporate governance, compliance or historical record. They become records – "fixed" content that serves as evidence of transactions, decisions or processes. Not only can failing to preserve records present a potential liability, so can retaining a record beyond its designated life cycle.
OnBase Records Management (RM) can meet the special access control, disposition and retention needs of declared records throughout their entire life cycle. RM allows users to create file plans (i.e., rules that govern the storage, retrieval, dissemination and destruction of a record) that include a defined Retention Plan. A record can contain documents and content from virtually any source, consolidating scanned images, faxes, desktop documents, e-mails and more.
Authorized users can control the status of a record. For example, new documents can be added to an "open" record. A "closed" status indicates that a record has been declared and the contents cannot be modified. Once a record has been cut off, a defined retention period commences according to event-based (e.g. employee separation, mortgage pay off or account closure) and/or time-based (a periods of months/years) business rules. The RM Administrator View displays the disposition status of records and provides the ability to place holds on records and post events that trigger the Retention Plan.
To protect accountability, RM accommodates approval processes and legal holds, preventing records from being inadvertently destroyed. Security settings can be applied to records to prevent unauthorized access. For example, tightly controlled records, such as adoption records or those covered under the Health Insurance Portability and Accountability Act (HIPAA), can be made available to only a bare minimum of users. For authorized users, records can be searched through the same intuitive interface used to retrieve documents, and an audit trail of all activity is recorded.
Critical records can be retained and controlled permanently. Those with limited lifecycles can be destroyed (the document is deleted but the metadata about it remains in OnBase) or purged (both the document and the metadata are eliminated).
As part of a governance, risk and compliance framework, RM is appropriate for any organization with legal or regulatory requirements as well as those with strict corporate governance policies about appropriate recordkeeping. These can include insurance carriers, government agencies, financial services providers, publicly owned companies complying with Sarbanes-Oxley or ISO-compliant companies.
Virtually every organization faces some regulatory requirement, such as those applied to human resources (HR) departments. Instead of paper files, varied information silos or multiple retrievals, all employee records from application through separation can be placed in a single folder with limited access. Upon separation, the administrator could post the event, initiating the retention period. If the employee were to be re-hired, the administrator could post an event that would return the record to an open status. In the event of litigation that affects that employee, the record could be placed on legal hold.
The entire life cycle of the employee record can be automated according to legal guidelines. Unlike with paper records, RM makes it possible to validate to auditors that access to records was properly controlled.