Indiana University Electronic Records Project
Phase I: 1995-1997
Functional Requirements, Latest Indiana University Version - 1998
- Does the unit comply with current laws, regulations, and statements of best practice?
- Are the laws, regulations, and statements of best practices appropriately cited and readily available?
- Are references to these laws, regulations, and statements of best practice kept current?
Record Keeping Systems: Accountable
- Are documented policies, assigned responsibilities, and formal methodologies for this record system in place?
- Are these policies, etc., routinely implemented?
- Do these policies and procedures conform to common practices in the industry for this transaction type?
Question:Do the records representing this transaction type faithfully reflect and represent the business-relevant facts resulting from this business transaction?
B. Accurate and Consistent:
Are quality control mechanisms used to ensure that consistent and accurate records are created?
Was each record for this transaction type originated by an authorized records creator?
Can the virtual records representing this transaction type be reassembled such that the transaction can be reconstructed, and its meaning can be understood?
Do policies and procedures exist which protect the record from being deleted, altered or lost once the transaction which generated it has occurred?
B. Migrated: Records are routinely transferred from one hardware/software configuration to another, or from one generation of computer technology to a subsequent generation.
Are policies and procedures in place which ensure that records of this transaction type are routinely and regularly migrated?
Is it possible to migrate the records representing this transaction type, while continuing to reflect their content, structure and context?
Can records of this transaction type be removed while leaving intact the appropriate metadata?
- Is the existence of records for this transaction type known to potential, authorized users?
- Do access policies exist which define who can access these records and under what conditions:
- Are procedures in place for implementing access policies?
Is it possible to render or display records of this transaction type as they appeared to creators?
Is it possible to deliver redacted, summarized or censored copies of the records of this transaction type in accordance with applicable laws, regulations, and best practices, and to document this transaction?