Conference Agenda

The increasing reliance on digital technology has changed traditional records management, promoting the use of electronic solutions that boost efficiency but expose organizations to data breaches and cyber threats. To ensure effectiveness and safeguard sensitive records, organizations must prioritize both efficient records management and strong cybersecurity. This paper offers recommendations to integrate archiving and cybersecurity as essential components of an organization’s compliance framework.

ABSTRACT

The increasing reliance on digital technology is transforming archives and records management practices, shifting from physical filing systems to digital databases. This transformation has led to the adoption of electronic data and records management solutions, promoting efficiency and productivity while exposing organizations to risks like data breaches and cyber threats. To address these challenges, organizations must prioritize effective records management alongside robust cybersecurity measures. Incorporating cybersecurity into document management involves safeguarding documents through strategic measures while maintaining usability and accessibility for authorized personnel. This approach protects organizations from potential cyber threats, ensures data integrity, and maintains the confidentiality of archived records. Cybersecurity measures also enhance compliance with records management requirements, protecting systems, networks, and data from digital attacks. Given these considerations, it is critical to align rigorous cybersecurity measures with proper records and archives management. This paper examines the benefits, challenges, and strategies of integrating cybersecurity into archives and records management. It explores how adopting cybersecurity practices can help organizations mitigate potential threats, meet legal and regulatory requirements, and ensure the preservation, confidentiality, and availability of records. The study also highlights the importance of harmonizing archiving and cybersecurity as central components of an organization’s compliance framework. Based on the findings, this paper provides actionable recommendations to facilitate the integration of cybersecurity strategies into archives and records management. These measures aim to enhance organizational resilience, safeguard sensitive data, and raise awareness of the need to prioritize cybersecurity and records management in today’s digital era.

Keywords: Archives, Records Management, Cybersecurity

New legal, technical, and practical factors are emerging when working with third-party archival service vendors. FamilySearch, an archive and service provider dedicated to the preservation and access of genealogical records, will share considerations for AI-powered transcription models, preferred digitization formats, ongoing archival governance of digitized records, privacy compliance, automated iterative publication, future compatibility, records restoration, and archive reputation.

How can working with service vendors help archives succeed in an increasingly complex environment? When working with vendors, archives need to ask the right questions and understand how each vendor considered can the organization succeed. New legal, technical, and practical factors are emerging when working with third-party archival service vendors. Service vendors can help archives in many areas, including record digitization and transcription, storage and retrieval, online access and transaction management, long-term preservation and digital restoration, and more. While keeping up with the changes in these areas is challenging, understanding market and legal trends and asking the right questions can help you succeed when working with outside vendors.

This paper and presentation will introduce archivists to current trends and suggest several considerations when working with service providers. FamilySearch, an archive and service provider dedicated to preservation and access of genealogical records, will share what the organization is being asked to consider when working with archives around the world and what the organization sees happening on the horizon. These topics include AI-powered transcription models, preferred digitization formats, ongoing archival governance of digitized records, privacy compliance, automated iterative publication, future compatibility, records restoration, and enhancing archive attribution and reputation.

A few sample questions include the following: What rights does an outside vendor receive when digitizing my records? Does the vendor provide references of archives that are similar to my own? How is the vendor utilizing AI and machine learning to improve quality and reduce costs? What visibility do I have into projects, including progress and quality? What are the vendor’s plans to ensure future compatibility with our systems and evolving needs? How does the vendor handle legal requirements, such as limitations, such as geographic hosting restrictions or privacy laws?

Jim Ericson, a senior product at FamilySearch, will discuss these considerations and use examples from his work at FamilySearch to illustrate how some emerging technologies are being harnessed to overcome possible challenges in the future. Mr. Ericson will present general principles and specific questions for archives to consider when working with external vendors.

This study explores the potential of generative AI in electronic records management by proposing five practical usages. Feedback from archivists was used to enhance their feasibility and effectiveness. Key considerations, such as addressing data security risks, mitigating hallucinations, and providing AI literacy training, were also outlined. This study underscores generative AI’s potential to foster innovation and provides future directions for advancing electronic records management.

In South Korea, the Digital Transformation era has led to the rapid production of electronic records. Amid this shift, OpenAI's launch of ChatGPT in 2022 drew attention as a groundbreaking technology that analyzes user queries and generates relevant answers. In the field of records management, text-based generative AI has emerged as an essential tool for enhancing work efficiency and addressing staff shortages.

Generative AI offers various practical usages in supporting electronic records management such as automating the creation of record titles, metadata, and summaries, generating records production status reports, and implementing conversational chatbots. According to feedback from archivists, “Automated Record Title Generation” was found to enhance efficiency and improve search performance. However, it requires improvements such as reflecting work context, reducing the burden of review, providing additional title suggestions, and analyzing attached files.

The "Automated Metadata Generation" technology reduces paper-based record registration time and improves search efficiency. Nevertheless, issues such as OCR accuracy and the lack of clear accountability for metadata errors persist. Adding keyword and business transaction profile name recommendations and implementing structured review procedures could further enhance its utility.

Another significant usage is “Automated Summary Generation” technology, which has demonstrated positive effects by improving search efficiency and reducing task time. Yet, technical improvements are needed, including incorporating attached file content, preventing hallucinations, and introducing prompting features. These enhancements would enable archivists to manage records more efficiently.

The ‘Automated Generation of Records Production Status Report’ technology has been useful in increasing the efficiency of records management and saving work time. Still, it has been pointed out that there are areas for improvement, such as the need for prior registration of paper-based records, data aggregation methods, and lack of differentiation from existing methods. It is necessary to effectively aggregate scattered data and apply technology tailored to the characteristics of the institution.

Lastly, ‘Conversational Chatbots’ has received positive evaluations for its effectiveness in reducing the burden of repetitive tasks. Yet, limitations stemming from public mistrust of the technology have also been mentioned. Prior to implementing the technology, it is necessary to thoroughly analyze the context of civil complaint processing and records management tasks, prepare countermeasures for fraudulent claims, and improve the user experience.

Several key considerations must be taken into account when integrating generative AI into records management. Firstly, commercial services pose a significant risk of data breaches as public records are stored on external servers. NARA has already announced a ban on ChatGPT, citing “unacceptable risk”. Therefore, developing domestic generative AI technologies tailored to South Korea’s records management environment is imperative. Secondly, challenges such as pricing models, bias, and hallucinations in commercial services must be managed. Archives should focus on applying AI to high-priority tasks and provide AI literacy training for archivists to ensure its ethical and effective use. Lastly, foundational infrastructure, such as managing machine-readable documents, securing high-performance computing resources, and establishing large-scale storage, must be in place. These preparations will significantly enhance the efficiency and accuracy of records management.

This framework for adopting successful cloud computing for records management emerged from my master's thesis. collaboration and due diligence came out on top of the charts in the investigation of whether cloud computing is a cost-effective, safe, and viable option for electronic records management.

Public and private sector organizations are gradually beginning to realize the benefits of storing and managing records in the cloud to accommodate the increasing number of electronic records created daily and address issues of access, security, and confidentiality. Cloud computing is the on-demand delivery of IT resources (such as hardware, development platforms, and/or services) over the Internet on a pay-per-use model. This paper presents a framework for the adoption of cloud computing for records management as informed by the study which assessed the use of cloud computing for records management in selected organizations in Namibia. Cloud computing encompasses three service categories: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS), and four forms of deployment models: private, public, community, and hybrid cloud. The conceptual framework for the study was drawn from these cloud computing service categories and deployment models. Opportunities such as affordability, improved productivity, disaster recovery, and business continuity, were established by the study. Lack of records management expertise, non-compliance with records management laws, and uncertain records security were evident risks and challenges of managing records in the cloud. A framework for the adoption of cloud computing comprising four phases that should be addressed before an organization commits to cloud computing for records management is recommended. The framework is flexible, and it could be customized to suit any organization. The framework aims to address the risks and challenges encountered in adopting cloud computing for electronic records management and have a detrimental effect on the integrity, reliability, and usability of the records stored in the cloud. The four phases are: phase 1: planning, phase 2: Legal and regulatory framework, phase 3: selecting cloud computing services, deployment models, and provider, and Phase 4: Service Level Agreements (SLA) management.

Keywords: cloud computing, electronic records management, information and communication technology