Understanding Digitization Regulations
So far in this series, we’ve discussed the general nature of a records management program and the ways that your records and metadata have to be maintained. This installment will be about the rules surrounding digitization.
Much of the information in this post was drawn from the Canadian General Standards Board (CGSB) document Electronic Records as Documentary Evidence. Sections from that document are referenced here using its numbering scheme; any other references are linked directly. This blog series is not intended to serve as official legal counsel, but rather, to complement it by providing additional context and explanation for the concepts laid out in the CGSB’s guide.
Why/When should I digitize my records?
As we’ve discussed in previous posts, digital information systems have numerous advantages over physical documents, including remote access, incredible storage efficiency, better security, and easier redundancy. There are also significant risks in sticking with physical documents when digital options are available, like permanent damage, insecurity, and incompatibility with your own or partners’ information systems. All of these factors mean that holding onto physical documents when you don’t need to is holding your organization back from greater efficiency and security, and exposing it to unnecessary risk. If you can digitize a file, it’s best to digitize it as soon as possible.
Furthermore, CRA record retention policy requires you to keep important business documents like official correspondence and records of transactions for many years, often long after they’re still relevant to your current goals. The storage efficiency of digital technology, in both cost and space, makes deciding to keep these necessary archives in physical form another unnecessary cost; especially when most organizations already have the digital infrastructure to accommodate these files.
But what about legal reliability?
It’s a common misconception that physical documents are more legally reliable than digital files. While this may have been true in the past, innovations in digital systems have made it possible for digital files to far surpass the reliability of physical documents. Digital metadata systems make it possible for every interaction with a record to be automatically recorded, and protected file formats like PDF-A make it nearly impossible to tamper with documents. On the other hand, a physical document can be undetectably edited and replaced or read without authorization. Of course, a document is not just more legally reliable because it is digital; you’ve got to use the right accountability tools to make your digital files more reliable than paper.
But what about signatures? Many regulations around document authenticity require “wet” signatures, which just means physical documents with ink signatures. The Canadian General Standards Board (CGSB) makes specific mention of signatures and indicates that digital images of signed documents are legally equivalent, so long as all of the requirements for proper digitization have been followed. Specifically:
“Where there is a requirement to maintain records with wet signatures (i.e. signatures made on the physical document using physical means) to provide evidence of approval, authorization, acknowledgement, verification, notarization or the witnessing of an act, such requirement can be satisfied by digitizing the record and maintaining a digital image of it, provided that all of the conditions set out for the digitization of paper records have been met.” (5.5.2)
So then, what are the requirements that must be met for the digitization of a file to be counted as “proper?” What makes a digital version valid, and why?
What are the minimum requirements for digitization?
The short answer, is quality, non-redundancy, transparency, documentation, systematic policies, and quality control.
Quality
In a perfect world, where your organization has a limitless budget, infinite access to cutting-edge technology, and all the time in the world, you’d want digital copies of your documents to be as close to perfect as possible. In the real world, however, this will not always be possible. Some amount of information or image quality will be lost in the transformation into digital. The good news is that with modern imaging technology, nearly perfect scans are not difficult to achieve.
The regulations specifically just require that the digital versions of your documents be “…sufficiently high-quality…substitutes of analogue records…[to] serve ongoing business needs as well as unanticipated future requirements,” (6.4.2.2).
In other words, the digital copies just have to be functionally identical, not necessarily perfect. This means that the minimum image quality required will vary based on the purpose and contents of a record. A text-only document won’t require as good image quality as a printed image, for example.
Whatever the physical record contains, the principle benchmark for sufficiency is that the digital copy contains all of the information from the original.
Non-Redundancy
Redundancy isn’t normally an issue for digital files, as any file stored on at least two hard drives is already duplicated, and the time and monetary cost of creating more are negligible. However, the CGSB guide specifically forbids the re-digitization of “born-digital” records. “Born-digital” records are any files or documents originally created in a digital format.
Even though the process of creating a digital record, printing it off, and sending it to someone else for digitization is obviously inefficient, it does happen. If your organization received or imported a born-digital record from another party in physical format, the physical file may be the only version in your possession. If this is ever the case, regulations require that you attempt to get the original digital file from the original party, before trying to get it digitized.
Not only is it less efficient to digitize a print-out of a once-digital file, but it’s also detrimental to the image quality, and is thus doubly unnecessary: unnecessary cost, and unnecessary information loss.
Quality-Control Procedures
The quality-control procedures required by regulation are extensive, but when digitizing hundreds or thousands of records at a time, it is essential that nothing is lost, so having redundant quality controls is important.
Specifically, you are required to double-check the records at “…the document preparation stage, at scanning and indexing, and at the bulk upload stage,” (6.4.2.2). So that means that, before scanning, you have to make sure that the physical documents are both readable and properly prepared for the scanning process.
During scanning, you must check that the process is working properly and that the digital copies created are sufficiently high quality.
After the scanning process, you need to check each digital copy before it is uploaded to the final storage location.
If you find that any file is of insufficient quality at any stage in this process, for any reason, it has to be noted, and re-digitized.
Transparency & Documentation
Consistent with the other prescriptions discussed in this series, everything having to do with your digitization process needs to be transparent, and thoroughly documented. The regulations around digitization require your Records Management manual to contain comprehensive, updated, and accurate explanations of all of your policies, requirements, and approved digitization procedures.
Not only do your standing policies and approved procedures need to be documented, but the actual process does as well, including which documents were digitized, for what reason, when, and by whom. You also need to record the “legal and business rationales for authorized destruction of any source records,” (6.4.2.2) So every time you approve the destruction of physical documents for any reason, including that they have been appropriately digitized, it must be documented, along with the reason.
Furthermore, both the requirements imposed on you by the regulations and your own records management policies need to be imposed on any third-party vendors doing the digitizing for you. This includes the requirement to document the proceedings, including who digitized a file, how, and when. All of this information must be available to you from the vendor, and they must be required to follow all of the same rules as you would if you were to do the job in-house.
By the end of the digitization process, the following must be true:
- The digital versions are complete and accurate copies, which are just as capable of serving as evidence as the original physical documents.
- Every step of the digitization process was documented, including what happened to the original source documents.
- The source and digital records are organized and available to everyone with the appropriate clearance; including the relevant authorities.
High-Quality Digitization Solutions with Consentia
Consentia has been providing high-quality transformation solutions for over 50 years, including document imaging, data entry, transcription, and microfilm/microfiche scanning. We refuse to take any risks with the safety and security of your information. That’s why our service bureau is secured behind two locked doors, and only staffed by trusted and vetted individuals. Security personnel are on-site 24 hours a day, and all visitors are always supervised by staff for the entirety of their visit.
We are fully equipped to handle simple and complex projects and can scale our operation to handle high volumes or urgent deadlines. Our in-house I.T. team and experienced scanning professionals mean we have the expertise and technical flexibility to tailor solutions to suit your specific needs. Contact us today to find out how we can help you bring your physical documents into the digital world.