SharePoint

Records Management in SharePoint Online

Records Management

An important consideration when using any software to replace existing paper methods is records management. This is especially true in regulated environments, where laws may enforce requirements around record retention, control, and auditing. This post covers records management in SharePoint Online.

Any type of SharePoint content could be considered a record, including documents (MS Word, Excel, PDF, etc.), wiki pages, and lists. A record is any content that you want to control in some way and/or have an “official” version of. Treating content as a record can prevent it from being modified or deleted, track (audit) actions against it, make it easier to retrieve, and apply lifecycle and retention policies to it.

So when is content a record? It depends on your business needs. SharePoint allows records to exist in place (e.g. in Document Library) or in a central location (e.g. Records Center). It is typical that a document is handled in place until it is reaches some stage (e.g. document approval), where it is then made a record. Later down the line (say when a project ends), the document record may be moved to a central location for archiving.

Integral to records management in SharePoint are the Information Management Policies of a content type. To create or modify an information management policy, perform the following steps:

  1. Navigate to your Content Type and click “Information management policy settings”:1. Content Type Information Management Policy Settings
  2. Enter any Administrative Description and Policy Statement:2. Administrative Description and Policy StatementNote: the Administrative Description shows up in the list of policies, and the Policy Statement is visible to the user when they open the document.

There are four options for the information management policy: Retention, Auditing, Barcodes, and Labels. Retention settings allow action based on a date property of the document. The action may be to delete the document, move it to another location, start a workflow, etc. Retention settings can be applied to record and/or non-records:4. Retention Settings

Auditing enables the audit log, which is not set by default. Enabling this feature is a key part of 21CFR11 compliance.5. Auditing Settings

This is an example of what an audit log looks like:6. Audit Report

Barcodes and/or labeling can be used to ensure paper copies are the latest or approved version, another key component of compliance:7. Barcode and Labels

3. Click OK.

Once you have your information management policies in place, you’ll want to enable Records management for the content of interest. In order to do this, follow these steps:

  1. Enable In-Place Records Management under Site -> Site Settings -> Site Collection Features:8. In Place Records Management Activation.png
  2. Enable manual declaration in Site -> Site Settings -> Record Declaration Settings ( or in Library Settings -> Record Declaration Settings for a particular library) and configure settings as desired:9. Enable Manual Record Declaration.png
  3.  Verify document in your library can be declared as a record:10. Compliance Details Declare as a Record

Now documents can be declared as a record and will follow the configured rules, taking you one step closer to compliance!

Further information from Microsoft can be found here and here.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s