Freedom of Information and TRIM Context

Date: 15 July 2005 Author : Stephen Still Introduction Freedom of Information Acts have come into force in an increasingly large number of jurisdictions, placing heavy burdens on government departments, and in some cases private enterprise. This white paper will discuss the unique challenges presented by these new Freedom of Information initiatives, what kinds of functionality are required to support the business processes implied by them, and how TRIM Context can help organisations with their Freedom of Information Compliance strategies. The challenges of Freedom of Information Freedom of Information Acts present a number of unique challenges for organisations. They generally impose a series of strict procedures for the disclosure of information requested, including how quickly a response must be made to an enquiry for information, and what kinds of information must be divulged. These requirements generate a number of significant challenges for organisations which come under the ambit of a FoI Act. Government departments may have to deal with thousands of FoI requests per day, placing a substantial strain on their records management capabilities. Moreover, the strict procedural requirements imposed by these Acts means that organisations must be very careful to ensure that they are capable of tracking and expediting compliance with specific requests, and that they have procedures in place which allow them to respond in the short time periods (often as little as 10 days) which are allowed to them under the Act. In order to meet these challenges, electronic records management solutions can provide a number of critical benefits. What kinds of information must be divulged? The ambit and detail of Freedom of Information Acts differ between regional implementations, but in general the scope of information production requests can be very broad. For example, the ACT Freedom of Information Act stipulates that all government documents and ministerial papers, except for a limited number of exceptions, can be susceptible to FoI requests.1 Organisations must therefore have strategies in place to discover and produce all of the major forms of corporate communications and documents. In particular, organisations must have a central means of locating relevant emails, electronic documents and physical documents. Of course, in situations in which documents contain irrelevant or confidential information, it may also be necessary for documents to be redacted before they are released to the public. Therefore organisations must have an established methodology for systematically assessing documents for confidentiality and applying redactions in a consistent and permanent fashion without affecting the original document.

Freedom of Information Act 1989 (ACT), s10. w w w . t o w e r s o f t . c o m

Implementing a Freedom of Information workflow

The Freedom of Information compliance process In order to comply with Freedom of Information requirements efficiently, organisations must have a number of core information technology processes in place. These include holistic document capture procedures, workflow and action-tracking, document assembly, full-featured search functionality, alerts, redaction, and full auditing and reporting capabilities. TRIM Context provides all of the core functionality required to build efficient FoI processes. Document capture Even before a Freedom of Information request is received and the FoI workflow is begun by an organisation, records managers must ensure that all relevant information is easily accessible and searchable. The easiest way to achieve this is to adopt a records-management tool which is capable of capturing all kinds of information produced by the organisation. Particularly critical is capture of e-mails, electronic documents, and at the very least metadata related to paper records. Ideally an automated process for capture, registration, and OCR of paper files should be in place, to bring the benefits of full context searchability and rapid production to these documents. TRIM Context provides industry-leading document capture capabilities. Our ECM system is capable of capturing any electronic file that is storable on disk, and has viewer and indexing technology for well over 200 file formats. Context is not limited to simply organizing electronic documents, however. Context also features robust e-mail capture, including capture of redundantly stored communication metadata. And Context can also be used to track the location and metadata of physical (i.e. non-electronic files). Finally, where organisations identify that digitization of all corporate paper records is necessary, Context integrates with large scale image capture suites such as Kofax to allow the rapid capture and OCR of large volumes of corporate data. Workflow/action-tracking As soon as a FoI request has been received by an organisation, it is imperative to ensure that the correct procedures for dealing with that request as prescribed by legislation and internal procedural rules are followed. Organisations must be able ensure that the primary response to the request is dispatched in a timely fashion, that relevant documents are identified expeditiously, vetted for confidentiality, and finally released in time to comply with legislative requirements. The penalties for not following these processes carefully are potentially disastrous including the release of confidential information with concomitant scandal, and failure to comply with legislative standards for timely release of information. The process of ensuring procedural compliance can thus be greatly facilitated by action tracking and workflow management software. TRIM Context provides powerful tools to ensure that organisations can develop powerful and flexible workflows. Context includes workflow functionality which allows the design of workflows with logical branches, loops, holds and approval cycles (in which if a process is not approved at any stage, the process is reverted to a previous stage for more work or reconsideration). This workflow functionality allows the efficient flow of work between tasks and workers, ensuring that the organisations business rules are followed at every

stage. Intelligent use of Context workflows can ensure that the FoI process proceeds smoothly. Document Assembly (form responses) Freedom of Information legislation generally mandates that as soon as possible after a FoI request is made, the person filing the request should be informed of its receipt. Thus, the large numbers of requests for information which large organisations receive under FoI provisions results in an equally large number of standard documents being produced in response. This can create a number of problems for communication between the organisation and the public. Firstly, it raises immediate problems of consistency between the many communications produced by the process individual employees cutting and pasting or mail-merging into documents on their own workstations can introduce errors into documents, or be left behind when templates are updated. Secondly, these problems of workload create the very real possibility of unacceptable delays in communicating with the public on FoI matters. One solution to these problems is document assembly, functionality which allows the construction of documents from common content objects in an EDRMS system. This ensures that all content in the automatically produced document is up to date, controlled through central approval processes, and consistent. Context incorporates a powerful document assembly module. Through this functionality, organisations can use their Context dataset as a content repository to automatically produce form responses complete with personalized information, tied to a relevant FoI workflow. This allows the organisation to update common content objects without laboriously informing all staff of the change changes take effect immediately. Moreover, documents produced by the document assembly process can be automatically registered into the EDRMS system after creation, ensuring that each unique form response is maintained for future archival use. Document Search Requests for disclosure of information under FoI will do not always specify a particular document which must be produced, although they must be made with a great enough degree of specificity to enable documents to be identified. Thus, they can often embody requests for all information germane to a particular matter. This requires organisations to search out all documents which are responsive to the information request. In order to prevent this process becoming a nightmarish never-ending search through millions of documents, organisations need to implement efficient and accurate search functionality. Ideally this search ability should include the ability to search all of the documents metadata (such as author, date of production, title etc.) as well as the actual content of the file itself. Search is one of the strongest features of Context. Context provides an industry leading search engine which is capable of searching all of the metadata associated with a document, as well as the full content of the document itself (provided it is in a format which contains text). Content indexing is available for any text-based format which is supported by the TRIM Viewer. Metadata based searching is available for over 80 fields defined by Context, and any user defined fields. Taken together, this allows the search of all meaningful information associated with documents registered in the Context system, allowing rapid and effective identification of relevant documents.

Alerts Most FoI legislation imposes strict limits on the time organisations can use to produce documents. Therefore, as the FoI process proceeds, it is important to remind information workers when a particular request approaches its deadline. In the best of all worlds, the organisations EDRM package should be capable of sending out alerts to relevant workers at various stages of a cases lifecycle, to ensure that cases approaching their deadline are prioritized. In TRIM Context, alerts can be incorporated into workflows, and send out e-mail notification to users to help them track a workflow or remember deadlines. Redaction Once all of the documents relevant to a FoI request have been identified, they must be vetted for confidential information which should not be revealed. Redaction aims to produce a new version of a document which does not contain sensitive information, either by removing the pages which contain the information, or by obscuring parts of the information on a given page. This is a process which can only be undertaken by humans, but software can help to make the process easier in a number of ways. Context provides strong support for redaction on TIFF images. This support is focused both on the editing of the image of the document to be redacted, and on the registration and reuse of the redaction of the document. Context will allow the deletion of pages from multi-page TIFFs, and also provides facilities for obscuring text on pages. The black boxes which obscure the text are burnt indelibly into the image, eliminating the possibility of inadvertent disclosure of information. Context provides support for accountability and reuse with respect to redactions by allowing them to be registered automatically into the Context system, and linking them to the original file. Users can thus easily identify and reuse previous redactions of documents, potentially saving a substantial amount of time in information vetting. Auditing and Reports After the Freedom of Information process has been completed, there is still the matter of auditing and accountability. The emphasis of FoI on transparency has meant that these statutes very often have stringent reporting provisions as to the number of requests, time at which requests were serviced, and whether and to what extent requests were serviced. Context provides robust and comprehensive logging of events. It can be configured to log events such as when a workflow is completed, and whether a workflow is overdue. Moreover, intelligent use of User-defined fields to track information, such as the action taken on a request, allows the use of Contexts powerful built-in search functionality to quickly determine questions such as how many requests were successfully serviced in a given year. Context thus provides a comprehensive audit, greatly facilitating compliance with legislative reporting requirements. Conclusion Freedom of Information processes and Electronic Document and Records Management (EDRM) are a match made in heaven. The highly regulated and structured, high volume Freedom of Information processes demand substantial aid from software to achieve the accountability, accuracy, timeliness and efficiency which the nature of the legislation demands. EDRMS solutions such as TRIM Context can help with almost every major bottleneck

in the FoI business process by managing workflows, expediting correspondence, tracking communications, facilitating the identification of relevant documents, reminding workers when the process approaches deadlines and aiding in the redaction of documents all with full accountability and audit logs.

About TOWER Software

TOWER Software delivers Electronic Document and Records Management (EDRM) Solutions, empowering organisations to take control of their corporate information assets. TOWER Software's award-winning TRIM Context solution is a single, integrated platform that manages business information throughout its complete lifecycle. By relying on its proven domain expertise, strong strategic partnerships, and powerful solutions, TOWER Software enables organisations to maintain accuracy, maximize efficiency, and achieve and maintain standards compliance across industries, resulting in sustained competitive advantage. TOWER Software is a privately held company with operations in North America, Europe and Asia-Pacific. For more information, visit www.towersoft.com.

TOWER Software Asia Pacific www.towersoft.com/ap TOWER Software North America www.towersoft.com/na TOWER Software Europe, Middle East & Africa www.towersoft.com/emea
TRIM Context is a registered trademark of TOWER Software. All rights reserved. Copyright 2005 TOWER Software