This website uses cookies to store information on your computer. Some of these cookies are used for visitor analysis, others are essential to making our site function properly and improve the user experience. By using this site, you consent to the placement of these cookies. Click Accept to consent and dismiss this message or Deny to leave this website. Read our Privacy Statement for more.
Privacy Policy | Print Page | Report Abuse | Sign In | Become a Member!
IRMS Midlands Group Events
Group HomeGroup Home Blog Home Group Blogs
This blog talks about the Midlands Group Events so if you couldn't make it to the meeting, or want a reminder of the day, go ahead and read on!

 

Search all posts for:   

 

Top tags: #IRMSMids  #datascience  #InformationGovernance  #IRMSMids #GDPR #Dataprotection #Digitalpreservati  #IRMSMids #GDPR #Dataprotection #Microsoft #RMGirl  #managingemail  #Office365 #socialmedia #archiving #Intelogy #mirr  #RecordsManagement 

IRMS Midlands Webinar: 22 June 2020 - Records management as a data science

Posted By Emily Gresham, 06 July 2020
In our second Midlands Group webinar we were joined by James Lappin to discuss records management as a data science. James outlined a potential paradigm shift for records managers, moving away from a policy function to a data science. Proposing that our approach to records management problems may need to be re-examined. As records management decisions tend to carry high levels of risk, James suggested we should: start small, have a safe fail and start simple. Using the example of managing email to set out how this might work James proposed a 5 step approach for starting to use AI and machine learning to manage information. Step 1 - assign retention rules to email accounts based on the role of the individual Step 2 - Distinguish business from non-business email within individual accounts Step 3 - Group emails by business activity within individual email accounts Step 4 - Apply retention and access rules to business activity groupings Step 5 - Create links between the business activity groupings of different individuals The webinar was well attended and there was lively debate between attendees, discussing how organisations are approaching some of the challenges raised.

Tags:  #datascience  #IRMSMids  #managingemail  #RecordsManagement 

Share |
PermalinkComments (0)
 

IRMS Midlands Webinar: 12 June 2020 - Information Governance in Uncertain Times

Posted By Colin Sawers BA(Hons) MCLIP, 27 June 2020
Emily Gresham, Chair of the Midlands Group welcome everyone to our first Midlands Group webinar. This was the first in a series of webinars to replace our planned spring event which sadly could not take place due to the pandemic. Simon Allen from Oyster was the speaker for this first webinar and gave a presentation on the topic of information governance in uncertain times. As well as his presentation there was plenty of opportunities for questions and chat about the topic thanks to the webinar technology. Simon started of his presentation by focussing on some of the challenges organisations had faced following lockdown and how things were now starting to settle into a new normal. Simon focused on the challenges of people having to quickly implement new ways of working and cloud solutions to keep their businesses up and running. This has obviously meant challenges for records managers and information governance teams in making sure that implementations consider their requirements. Some other areas of increased workload have included Subject Access Requests under the Data Protection Act 2018 and the challenges of knowing exactly what information your organisation holds, especially when working remotely.

Tags:  #InformationGovernance  #IRMSMids 

Share |
PermalinkComments (0)
 

Bakewell event on 25 September

Posted By Jaana Pinnick MSc AMIRMS, British Geological Survey, 18 October 2018

This year’s second Midlands meeting took place at the Peak District National Park Authority offices in Bakewell, with 12 delegates enjoying the view over the PDNPA back garden on a beautiful sunny day.

Robert Bath started the event with Advanced Data Governance Features in Office 365. He looked at the timeline and development from uncontrolled records to full compliance and presented the numerous elements of Office 365, before showing us what the system can achieve in terms of security and compliance. By using labels, label policies and workspaces the user can create and implement their own retention schedules as required. The labels also allow you to prevent records from being edited, shared, or deleted. Robert gave us a live demo which despite his concerns worked perfectly!

Jonathan Kingsley from MirrorWeb presented us a Guide to Social Media Archiving, showing how organisations can create permanent records of their online communications. This is a challenging process as direct crawling only captures a static record whereas much of the information is relationally linked and requires all the linkages to be captured also. Other challenges include capturing photos and video, the myriads of forms of modern communication, and large volumes of data compared to conventional records. To finish off his presentation, Jonathan showed us an example of a MirrorWeb Twitter archive.

A delicious lunch was served by the Derbyshire Larder, including some delicious mini-Bakewell tarts – or puddings as the locals call them. I don't think there were many leftovers?

After the guest speakers' presentations we had a lively discussion about the GDPR world after the 25th May, revisiting some of the major media news and developments and sharing delegates’ own experiences. We also looked beyond using an information asset register for personal data to developing a digital asset register to enhance digital continuity, courtesy of some slides kindly shared with us by the Digital Preservation Coalition. Finally, the delegates were given a brief news update from the IRMS Executive and a reminder about the IRMS Conference at the Celtic Manor in 2019, before being invited to write down some ideas for future talks for the Chair to include in her future planning.

On behalf of the whole IRMS Midlands group, many thanks for Michele Sarginson for inviting us to her workplace. The drive there was well worth it for the views and the beautiful boardroom!

 Attached Thumbnails:

Tags:  #Office365 #socialmedia #archiving #Intelogy #mirr 

Share |
PermalinkComments (0)
 

IRMS Midlands Group Meeting on 22 March 2018 in Nottingham

Posted By Jaana Pinnick MSc AMIRMS, British Geological Survey, 14 May 2018

This year’s first Midlands meeting took place at the British Geological Survey (BGS) in Keyworth, Nottingham with 22 delegates travelling to hear three talks about the GDPR.

John Day, the Information Security Officer at the BGS, gave an overview of his work on the IT security in relation to data protection. IT security comprises of five elements: confidentiality, integrity, availability, reputation, and compliance. John talked about cyber incidents reported to the Information Commissioner’s Office over the last two years and highlighted some high profile cases such as Equifax, TalkTalk and TescoBank. He went on to review the major changes which the GDPR will bring for IT professionals, such as the new types of personal data including IP addresses and cookies.

BGS and its parent body Natural Environment Research Council (NERC) have been developing an information systems register which contains information on where data is stored and what protections are in place. IT departments can support staff by advising them on technical matters including data encryption, access controls, perimeter controls, logging and reporting of events, and mobile device management. As a public sector organisation under the UK Government, BGS is required to comply with an industry standard which currently is Cyber Essentials, but is now looking into working towards compliance with a more extensive ISO 27001 standard.

The first guest speaker, Stefanie Jacobs from Microsoft, had travelled over three hours to join us on the day! The title of Stefanie’s talk was “Grasping the compliance nettle – GDPR and other fun topics for dinner parties”. She started by telling us that Microsoft believes that the GDPR is an important step forward for clarifying and enabling individual privacy rights. Stefanie looked at new rights for individuals, e.g. to object to processing of their personal data, and new obligations for organisations, such as to keep records detailing data processing and to outline processing purposes and use cases.

A key point with the GDPR is to recognise that compliance is a shared responsibility. Microsoft have made contractual commitments to its customers for cloud services that meet the new requirements, and Stefanie shared their top GDPR considerations and solutions with the delegates. She also gave us a simple roadmap on how we can get started (discover – manage – protect – report) and concluded by sharing the Microsoft mission statement: “Our mission is to empower every person and every organization on the planet to achieve more”. Not a mean feat!

And last, but by no means least, we heard from our very own IRMS Vice-Chair Emily Overton, this time with her RM Girl Consulting hat on (or should I say: a lovely dress!). Emily’s presentation was entitled “Information Asset Registers: What are they good for? Absolutely… everything… including GDPR!”

To help us focus on the essential attributes of the new regulations, Emily had come up with a new description for the acronym GDPR: it is now Good Documented Practice (with) Records.  The starting point for this, like to any good records management, is to know what you have, where you have it and how long you have to keep it. She went through some possible forms of information assets, such as documents on the screen, processes, services, servers etc. These assets are live, and updated and reviewed regularly. They act as a dashboard for the management and help to mitigate and manage the risks within the organisation.

Emily gave us an example of an information asset register with columns capturing information, which can be added to as required. We were also introduced to a sample data flow which helps us to see the big picture – what are the data collection points, actions and assets themselves, with whom is the information shared, what are the security issues etc. She concluded by sharing her top tips instructing us not to rush it – better to take your time and get it right one thing at a time.

There is a write up of Emily’s presentation in the March issue of IRMS bulletin, which members can also access online. In addition, all three presentations are now available in the Midlands Members’ area of the IRMS website.

Tags:  #IRMSMids #GDPR #Dataprotection #Microsoft #RMGirl 

Share |
PermalinkComments (0)
 

Report from the IRMS Midlands Group Meeting on 14 July 2017 in Birmingham

Posted By Jaana Pinnick MSc AMIRMS, British Geological Survey, 11 August 2017
Report from the IRMS Midlands Group Meeting on 14 July 2017 in Birmingham

By Sarah Rudge, Manager Information Assurance, Ofqual, and Amy Cawood, Senior Officer Information Assurance, Ofqual

It is great to see the Midlands Branch fully up and running again after a bit of a quiet time – thanks to Jaana Pinnick and Jane Proffitt for taking the lead. This was an excellent event of 2 halves – focusing on the looming General Data Protection Regulation (GDPR) and then digital preservation and continuity. And as always, it was a great opportunity for members to get together and network over a hearty lunch, kindly made possible through the day’s sponsor Automated Intelligence.

Melody Allsebrook: Getting to grips with the General Data Protection Regulation (GDPR)

Melody Allsebrook took us through the morning focussing on all things GDPR and getting ready for the 25 May 2018. Melody’s sessions were supported with a demonstration of Automated Intelligence’s AI.DATALIFT tool that can help comply with the GDPR. As she said at the beginning, this is the biggest change to data protection law in nearly 20 years so there is a lot for us all to do.

Melody took us all through the key changes to the legislation and what we all need to be thinking about as information and records management practitioners. She talked about the new definition of personal data and the new Principles for processing personal data – what has changed and what is more or less the same as under the current Data Protection Act 1998 (DPA). We also learned about the role of the Data Protection Officer (DPO) and the circumstances in which having a DPO is mandatory.

Relying on Consent of the data subject led to some interesting discussion, and I think most of us in the room were trying to bottom out in our heads what our lawful basis for processing might be and the circumstances where it might be different. Melody made it quite clear – we need to be clear about this!

Then following on from the lawful basis for processing is how we communicate that to the data subject and the importance of providing clear and accessible information to people about how we will use their personal data. We need to make sure that we have privacy notices (fair processing notices or whatever you want to call them) in place that are concise, transparent, accessible and clear. Plenty of work for many of us on that front, I’m sure!

We talked about contracts and working with third parties too – the GDPR means there will be changes to our existing and future contracts with suppliers. Data processors are now subject to all of the provisions in the regulation and joint data controller relationships are formalised. What it means in practice is that our contracts with existing suppliers need to be reviewed and revised to ensure they are GDPR compliant, and new contracts will need to make sure they have the right clauses to be compliant too.

We talked about the new fining regime too… It is not just about data loss and incidents anymore; it is about breaches of the regulation too.

A key theme from Melody’s sessions was about the new Accountability principle – being able to prove we are complying with the GDPR and have the evidence in place and ready, should the supervisory authority – the Information Commissioner’s Office (ICO) – come calling. We need to be able to prove that we are doing the right thing and to be able to demonstrate compliance. So it is vital that we get a good handle on what personal data we have, why we have it, how and why it is processed, and how it is protected. A lot of effort and time needs to be invested first in this and then developing and writing the policies, principles and tools that govern the processing.

So now is the right time to be looking at our current data protection policies and procedures, our information asset register, our retention schedules, privacy notices and breach reporting. And then there are the Data Protection Impact Assessments (DPIAs), which are not only a really helpful tool to help us identify what new or additional controls we might need to put in place, but also another part of the puzzle – another piece of evidence to demonstrate compliance with the GDPR.

So this was a really interesting session, the only downside being that I now have an even longer ‘to do’ list! Had better get cracking…the 25 May 2018 doesn’t seem that far away! 

Sharon McMeekin: Introduction to Digital Preservation

Another hot topic for records and information managers is that of digital presentation, so the group was pleased to welcome Sharon McMeekin from the Digital Preservation Coalition (DPC), who gave a stimulating introduction to all things digital.

Sharon began by outlining the key differences in approach required for the preservation of traditional records and digital objects.  Traditional records are fairly robust and can stand long periods of benign neglect and remain accessible and readable to us. Digital material, on the other hand is far less forgiving: it is ephemeral in nature, prone to obsolescence, and requires both software and hardware in order for us to make sense of it. Preserving digital records is both complex and immensely rewarding, but it is also vital if we are to function as a society and to document our cultural heritage.

Sharon introduced three of the most common models for digital preservation: the three-legged stool, DCC life-cycle model and the Open Archive Information System (OAIS). These can be used to provide a framework or visualisation for the implementation of a functional programme for digital preservation. Although complex, the OAIS model provides much of the basic technical language used to describe the processes surrounding the preservation of digital objects.

The second part of Sharon’s presentation looked at the first steps to take as part of a preservation project. This included deciding which preservation approach to take: bit-level, migration, emulation, hardware preservation, virtualisation etc., and the risks associated with doing nothing. Digital objects can suffer from media obsolescence, media failure (unsightly bit-rot), disaster (fire, flood, even cosmic rays!) and we might not even be aware of these even taking place until it is too late.

So what can we do?  Sharon suggested that we keep more than one copy, preferably in different locations; refresh storage media (regularly); integrity check the data (also called “Fixity”), this involves the use of checksums and integrity checking tools. Above all, take time to make sure we understand what we have in our collections, assess the risks, plan and then take action to preserve. Create a digital asset register; find out the quantity and size of the files and the range of different formats; does it contain personal data or is it a dynamic or multimedia file? Finally, look at the range of storage options, from hard disc and magnetic tape to the Cloud.

Sharon finished by recommending a range of resources to help and the services of the DPC.

Jaana Pinnick: Planning Digital Preservation for Geological Time Scale

As if that was not enough to think about, Jaana Pinnick concluded the afternoon with a case study on planning digital preservation for geological time scale – no mean feat! The National Geoscience Data Centre (NGDC) is an approved place of deposit for physical records, but not for digital records, however, there is an imperative to ensure digital records are retained in perpetuity. Jaana described the scale of the project she and her team have embarked on to map the digital records they hold and to fulfil the NGDC’s ambition to maintain the long-term reusability and accessibility of born-digital and digitised geoscience data objects. Geoscience data comprises a wide range of data types and formats and is used by many different stakeholders for a staggering variety of purposes, from building and surveying to mining and insurance. There are issues with the scale and resolution of the datasets and the variety of data structures and granularity at which the data are processed; on top of this are the complexities of file formats, proprietary data and data that is constantly changing.

Jaana talked about her MSc case study “Exploring digital preservation requirements: a case study from the National Geoscience Data Centre”. The key concern for geoscience data is not just its long validity (geoscience data can go back millennia), but also its uniqueness. Loss of this irreplaceable data could be catastrophic. But where to start? Jaana’s study has already identified the key challenges to overcome: legacy data, changing semantics and scientific vocabularies over the years, simply identifying what is worth keeping from the vast quantities of “big data”. In addition, there are the problems and vagaries of funding and shortage of skills in the area of digital preservation.

Jaana’s recommendations include defining and agreeing digital preservation objectives and continuity requirements, raising awareness and collaboration with best practice providers in digital preservation (DPC amongst others). The next steps for the NGDC are to develop a business case and create a digital asset register as well as to carry out a capability and maturity assessment and to embed digital preservation into the daily routines of the archive. This will build on the NGDC’s submission for the Data Seal of Approval Trusted Repository Core Certification, the writing of which has already provided the archive with an internal self-assessment and will help to benchmark it against other repositories and to determine the strengths and weaknesses of the NGDC repository.

Jaana has made a brilliant start to the digital preservation programme at NGDC and appears undaunted by, what seems to me at least, a gargantuan amount of work ahead. Congratulations to her on the successful completion of her MSc and we look forward very much to hearing about the next phases of the NGDC digital preservation programme.

 

NB: The presentations are available on the Midlands Group page under the Pages tab. 

 Attached Thumbnails:

Tags:  #IRMSMids #GDPR #Dataprotection #Digitalpreservati 

Share |
PermalinkComments (0)
 
Contact Us

Chester House
68 Chestergate
Macclesfield, SK11 6DY
United Kingdom

Phone: +44 (0)1625 664520
Fax: +44 (0)1625 664510

Email: info@irms.org.uk

Follow Us
Become A Member

With a bi-monthly magazine, annual conference, accreditation possibilities and a competitively priced annual membership, there really is no reason why you shouldn't join this fantastic society!