A practical guide to managing data, records, and information

In today’s world, the word “data” is a catchall that includes what Information Management professionals know as distinct entities: records, data, and information. While the lines between them are blurred, it is vital that we understand the difference to ensure compliant, secure, and efficient control over, and use of, an organisation’s records and data.

While this practical guide covers the many reasons why it’s critical to fully understand the relationship between data, records, and information, its ultimate purpose is to foster conversations between those providing technical capabilities, namely IT teams, and the organisation’s users and information managers.

Covered inside:

• Why coordination and collaboration between Information Governance and Data Governance is increasingly urgent
• Requirements for successful data, records, and information management
• The key stakeholders who have a specific role in governance
• How to sustain alignment between these roles and drive organisational objectives

Introduction

Why now?

Records and Information Management (RIM) and IG teams are actively seeking advice for how to create a strategy that aligns data with traditional records and information management programs, including records retention schedules. While many organisations have a clear direction for how long records must be kept before disposition (typically approved by a Legal/Compliance function), there’s a lack of clarity about how long data should be retained, and who has the authority to make those decisions.

With the majority of transactions and official records now born and held digitally, rather than on paper, there’s an increased need to be data literate. Data privacy and localisation laws, use of artificial intelligence (AI) and machine learning (ML), and cybersecurity threats demand that we understand what data is used where, for how long, and when it can be destroyed. In essence, data is input that must be managed—and classified—through every stage of its use.

Definitions

Before we can have meaningful discussions about the management of data, records, and information, we must first define them. The following are industry recommendations:

Data

• Set of characters or symbols to which meaning is or could be assigned. (ISO 30300:2020)
• Any symbols or characters that represent raw facts or figures and form the basis of information. (ARMA: 2016 vetted by ANSI the American National Standards Institute)

Record:

• Information created, received, and maintained as evidence and as an asset by an organisation or person, in pursuit of legal obligations or in the transaction of a business. (ISO 15489-1:2016)
• Any recorded information, regardless of medium or characteristics, made or received and retained by an organisation in pursuance of legal obligations or in the transaction of business. (ARMA: 2016 vetted by ANSI the American National Standards Institute)

Information

• Data in context with a particular meaning. (ISO 30300:2020)
• Data that has been given value through analysis, interpretation, or compilation in a meaningful form. (ARMA: 2016 vetted by ANSI the American National Standards Institute)