A. The head of each agency must establish internal policies to manage the agency’s electronic records that ensure:
- 1. the agency can access and use all electronic records in its custody for the full durations of the records’ retention periods, which are listed on the agency’s approved retention schedule;
- 2. the agency is able to locate and destroy electronic records that have met retention and are approved by the state archivist for destruction;
- 3. the agency maintains ownership and access to its electronic records whether the records are stored in a public, private, or community cloud, a contracted environment, or under the agency’s control;
- 4. the agency upgrades or replaces technology (hardware, software, storage media, file formats, etc.) used to store, operate, access, and use the records, as needed, throughout the lifecycles of the records, in order to maintain the accessibility, usability, and integrity of the records; and
- 5. the agency protects the integrity of the electronic records by developing a cybersecurity incident response plan to minimize the impact of malware, ransomware, and other cybersecurity incidents.
Authority Note
AUTHORITY NOTE: Promulgated in accordance with R.S. 44:405.
Historical Note
HISTORICAL NOTE: Promulgated by the Department of State, Office of the Secretary of State, Division of Archives, LR 29:957 (June 2003), amended LR 51:1876 (November 2025).