Skip to main content
 
Creating and Maintaining Proper Systems for Electronic Record Keeping

Abstract

National Electronic Commerce Co-ordinating Council

I. Introduction: Accounting for Electronic Records in E-Government

II. Identifying the Risks and Benefits of Moving From Paper to Electronic Transactions and Records

III. Identifying the Requirements, the Records, and Their Value

IV. Managing the Risks of Moving to Electronic Records

V. Conclusion

VI. References and Resources
print html versionPrint Chapter (html)
print pdf versionPrint Chapter (pdf)
IV. Managing the Risks of Moving to Electronic Records

Ensure the appropriate level and type of security.

To mitigate the risks discussed in Section II, " Identifying the Risks and Benefits of Moving From Paper to Electronic Transactions and Records," section of this document, the appropriate levels and types of security functionality must be built into the system. This functionality must be consistent with the risk assessment and cost/benefit analysis discussed in that section. A detailed discussion of security levels, methods and technologies is beyond the scope of this document. Following is a very high-level description:
  1. Levels of security based on risk assessment:
    1. High
    2. Medium
    3. Low
  2. Types of security that may be required:
    1. Authentication establishes the validity of a transmission, message, and its originator.
    2. Confidentiality restricts access of a record to only those authorized to view it.
    3. Data integrity addresses the unauthorized or accidental modification of a record.
    4. Non-repudiation prevents an individual from denying that previous actions had been performed or intent expressed in a record.
  3. Types of security tools:
    1. PINs and passwords
    2. Digital signatures
    3. Encryption
    4. Biometric devices