Guest post by Richard Medina. First published on RichardMedinaDoculabs.com.
In What Should You Do with Your Legacy Archiving System?, I offered a simple procedure for helping you decide what to do with your archiving systems. And in Selecting an Enterprise Archive Solution, I provided a quick overview of the three general solution options you have for archiving. In this post I’m going to outline the 6 most important requirements for enterprise document archiving.
An “archive” is a system that:
- Securely stores primarily customer documentation
- Retains the documents as long as needed
- Purges documents when they are no longer needed for legal, compliance, or business purposes
- Provides authorized users (both internal and external) with access to the documents for various purposes (e.g. for business processes, customer service, customer or agent self-service, and discovery)
The types of documents in scope for this kind of archive are primarily system-generated output (e.g. statements, EOBs, correspondence), and sometimes also include images and e-communications. The scope should not include unstructured “dynamic” documents such as Microsoft Office documents that require version control or collaboration capabilities. (But you’d be surprised what some folks put in archives.) The scope also does not include structured data such as information in line-of-business applications or databases. The following figure depicts the primary, secondary, and out-of scope types of documents (shown as green, yellow, and red, respectively).
Here are the most important high level requirements for enterprise document archiving:
- Scalability and performance. The archive should provide the ability to handle (moderate, high, or very high – whichever applies to you) volumes of ingestion within time windows needed to provide the business with access to documents when needed within business processes. In addition, the archive should provide reasonable response times for document search and retrieval, and the solution should have the ability to perform ingestion and archive functions without negatively impacting overall system performance for users.
- Accessibility and availability. The archive should provide a mechanism for authorized users to search for and retrieve documents. In addition, the archive should provide the ability for certain external users to retrieve documents, such as e-presentment for customers or agents.
- Security and protection. The archive should have the ability to restrict access to documents, such as for documents that are private, confidential, privileged, secret, or essential to business continuity. This may include requirements for encryption of stored content.
- Retention and integrity. The archive should be able to retain documents for defined periods of time, taking into account legal, regulatory, fiscal, operational, and historical requirements. In addition, the archive should provide a suitable guarantee of authenticity. Finally, (if this applies to you) the archive should provide the ability to retain information on unalterable storage platform when needed (e.g. WORM storage for SEC 17a-4 compliance).
- Disposition. The archive should support disposition (purging) of documents upon expiration of defined retention periods (both time- and event-based). In addition, the archive should support a formal approval process before purging, and it should support override of purging in cases where documents are under legal hold. Finally, the archive should enable authorized staff to periodically review and potentially modify retention periods.
- Integration. The archive must provide a standards-based architecture and open API that allows integration with other systems or middleware components, including existing legacy systems in use at your company.