[CSG Winter 08] Information Management Policy


Rodney Hill, Educause

Professor Chun Wei Choo at Toronto – has a good definition of info management.

The systematic, imaginative, and responsible management of information so that:

* the creation and use of information contributes strategically to the organization’s goals

* groups and individuals have efficient access to and make effective use of the information they need to do their work and to develop themselves.

How many CSG schools have info management policies? Not many.

What is Information Management – informal survey of policies from the working group of the eudcause security task force:

Data retention; records retention schedules; e-discovery; data classification; tools for encryption.

Paul Hill, MIT

from a security consultant: most organizations don’t know all the locations where data resides – the problem seems to be getting worse in many cases. they concentrate on asking people about data they have that they shouldn’t have.

The Institute archivist – wants to preserve context along with content. Need to ensure appropriate destruction of non-permanent records in a timely manner.

Sponsored programs – want to get rid of excess data. Concerned about data that’s distributed on campus.

Researchers – need to preserve data for long term – example is the Framingham Heart Study that started in 1948 and is now in its third generation of participants. Data gets repurposed – eg. in 2003 went into that data to mine the social network graphs. There’s all sorts of metadata and workflow context that needs to preserved along with the data.

Enterprise architect – every project should be asked “why are you collecting this data?” and “what is the necessary lifetime of this data?”

Informal survey – we’re all over the map.

Length of preservation of DHCP logs? never, 2 weeks, all the way to multiple years.

Length of authentication logs? from 48 hrs up to seven years.

Nobody seems to have URLs for policies related to log file retention.

Educause is going to have a half-day workshop on developing electronic records policies in early May in Arlington.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s