- A. In accordance with R.S. 44:39 and 44:411, agencies must establish and maintain a program for the maintenance, access, use, security, and preservation of the records in its custody.
B. Agencies must ensure they can locate, retrieve, access, and use the electronic records for the entirety of the records’ retention periods.
- 1. Agencies should name electronic records at the point of creation. Files names must convey enough information to allow the records to be easily retrieved for discovery, public information requests, disposition, and operational use.
- 2. Agencies must monitor if the retention period for any record series is longer than the life of the information system the agency is using to store, access, or use the records.
- 3. Agencies must convert a record’s file format to a usable format if its current file format is at risk of becoming obsolete.
- 4. Agencies must carry out system upgrades of hardware and software when needed to ensure continued access and use of the records.
- 5. Agencies must migrate records to a new information system before the records’ current system becomes inoperable.
- 6. Agencies must ensure any migration of records does not neglect inactive records or records stored offline.
- 7. Agencies must retain responsibility for managing their electronic records, regardless of whether the records reside in a public, private, or community cloud, a contracted environment, or under the agency’s physical control.
- 8. Agencies must monitor changes to third-party terms of service that may alter the management of records.
- 9. Agencies must ensure that if the records are stored in a proprietary system, the agency has an exit strategy, which allows the agency to retain legal ownership of the records and have the records returned in a usable format should the agency or vendor terminate the contract.
C. Agencies must create metadata to access and manage the electronic records.
- 1. The metadata must be sufficient to understand the content, context, and structure of the records.
- 2. The metadata must be sufficient to understand the relationships between the electronic records with each other and any associated records.
- 3. The metadata must be sufficient to identify and later retrieve the records.
- 4. The metadata should include administrative, descriptive, structural, and technical metadata elements.
- 5. When migrating records between information systems or converting to new file formats, agencies must ensure informational content remains unaltered and that sufficient metadata describing the context and structure of the records is retained so the records can be used for all the same business purposes as the source records.
- 6. When migrating records to a new information system, all records and associated metadata in the originating system must be retained until the migration is complete and the destination system has been deemed reliable and secure.
D. Agencies must preserve the integrity of the records.
- 1. Agencies must monitor and review access rights and permission rules for electronic records regularly.
- 2. Agencies must have controls for file integrity monitoring to prevent unauthorized use, alteration, concealment, or deletion of records such as checksums, audit trails, and access lists.
- 3. Agencies must ensure they have appropriate security and records management controls in place to manage the records throughout the records’ entire lifecycle including preventing the unauthorized access to, alteration of, or disposal of records.
Authority Note
AUTHORITY NOTE: Promulgated in accordance with R.S. 44:405.
Historical Note
HISTORICAL NOTE: Promulgated by the Department of State, Office of the Secretary of State, Division of Archives, LR 51:1878 (November 2025).