Preservation Duplicates and Backup Files

Human-Readable Preservation Duplicates

Records identified in their relevant records schedules as having long-term value must be preserved. If an office with permanent records creates a preservation duplicate, then those duplicates must comply with §132-8.2:

“Preservation duplicates shall be durable, accurate, complete and clear...”

Permanent records with certain characteristics require preservation duplicates that are human-readable. Some examples of these characteristics include:

  • Affect multiple people, without regard to relation
  • Have significance over a long span of time
  • Document governance
  • Document citizenship
  • Available for routine public inspection

Examples of Records that Require Preservation Duplicates

Tab/Accordion Items

Minutes of governing bodies at the state and local levels are the basic evidence of our system of governance and are routinely provided for the public to read.

Records, such as deeds and tax scrolls, about land document changes in ownership and condition. Counties maintain offices expressly for the purpose of making those records available to the public. 

Other records in local and state governments document potential public health hazards, such as hazardous materials spills.

Adoptions, marriages, and divorces document changes in familial relationships and document citizenship. Though adoptions are confidential (not available for public inspection), they document citizenship and changes in inheritance and familial succession.

Court records, such as wills, estates, and capital cases, affect people within and across family groups, are made available for public inspection, and often involve transactions related to the examples above.

What Formats Qualify as Human-Readable Duplicates?

Preservation duplicates should be either a paper or microfilm copy of the original records, since both paper and microfilm are human-readable media, able to be read independent of computer technology. Article G.S. §8-45, the “Uniform Photographic Copies of Business and Public Records as Evidence Act," recognizes microfilm as a legally acceptable replacement for original records. International standards for manufacture, production, use, and storage are available to strengthen the reliability of microfilm.

Other considerations:

  • Acceptable environmental conditions for paper and microfilm are similar to those of normal office environments.
  • Records in paper or on film may be secured with simple lock-and-key mechanisms.
  • Computer technologies play an important role in the production and management of records, but they can also provide challenges for long-term preservation.
  • Records on paper or on film may be used in the absence of hardware, software, technical expertise, and even electricity.

Non-permanent records with the characteristics described above are not affected by this guidance and this guidance does not prohibit the use of computer technology for the creation, management, or storage of records.

Security Backup Files

Security backup files are public records (see G.S. §§ 121-2(8) and 132-1) and may not be disposed of, erased, or destroyed (according to G.S. § 132- 3) without specific guidance from the Department of Natural and Cultural Resources. These guidelines provide guidance and permit the recycling, destruction, erasure, and re-use of security backup files and their media when an agency has implemented a written security backup plan and process that:

  • Document the procedures used for each records series appropriate to that series’ organizational value and vulnerability.
  • Provides the minimum acceptable capability for recovery of each records series.
  • Provides for the periodic verification that files and/or systems can be restored from the backup media as appropriate.

Rationale for an Effective Security Backup Policy

Electronic data and information are assets and security backups are critical to the survival of electronic data. Human or natural disasters, accidents involving the handling of media, and human error make electronic media vulnerable to damage.

“Versioning” and “Archiving” do not create security backup files. Versioning intentionally maintains copies of data files as the files are changed. Each version becomes a distinct record. Archiving is the process of moving a record from one medium (usually quickly accessible, but fragile) to another (usually more permanent) medium.

When meticulously planned and properly implemented, security backups make possible the retrieval of lost data and the resumption of system operations. Such procedures are a critical part of digital operations at all levels, especially those involving the storage of long-term or permanent records on electronic media. Security backups may also be critical to the fulfillment of audit requirements and the maintenance of audit trails in fiscal systems. For many applications, multiple copies and/or generations of backups may be recommended.

Planning for Security Backups

Tab/Accordion Items

Security backup files are not used as most records are. Backup files are created to protect against data loss. Backup files are typically created according to a schedule or policy; they are created, retained, and then destroyed. Security backup files provide the comfort of being able to, for a limited time, reverse an action that would normally result in the loss of a record. Backup files are created and maintained by the agency creating the original records, or by a separate agency or unit (LAN administration, information technology unit, etc.) performing this service.

Security backup files are records but should always be associated with the records they serve to protect. Since electronic records must be indexed or otherwise made accessible for official use, security backup files will not normally be used to meet records retention requirements. Security backup files are generated expressly for the purpose of restoring computer systems in the event of a disaster or accidental damage. The content of security backup files may not be indexed and may not reflect the order, arrangement, or structure of the original data.

Security backup files will be found everywhere, whether done by the originating office or by a separate unit. Agencies should keep track of all information assets and document the controls they have in place for safeguarding those assets.

Evaluating Your Backup Policy

There are three attributes that can be used to measure the quality of any system used to create and keep security backup files.

Tab/Accordion Items

This measures how well a system can store data reliably. Every medium and structure has an error rate; the lower this rate, the better the medium. This base-line persistence can be enhanced by creating more than one copy, keeping copies off-site or at multiple locations, media rotation, and controlling the environmental conditions.

Granularity is the frequency with which backup files are made. A system in which backup files are created daily is more current than one in which backups are made weekly.

This is the length of time backup files are kept: specifically, the length of time after a change is made that allows that change to be reversed.

Documenting Backup Policies

Backup policy specifications should be recorded in several ways:

  • Agencies should document the backup policies they employ or have employed for them.
  • Agencies often employ only a small number of distinct backup policies. Some record series are very important and receive the best care, while other record series are less important and receive less care. Once a policy is established for one record series, it is often applied identically to other records with similar value. Therefore, the most efficient way to document each record series backup policy is first to describe each distinct policy and then to identify to which record series the policy applies. This kind of documentation should be written down.
  • Each agency should establish the minimum acceptable capability for recovery that must be provided for each record series.
  • Some record series may not warrant an explicit declaration of backup policy requirements. Agencies are, however, required to take proper care of those records that are necessary for the agency’s day-to-day operations.
  • For records that have archival, legal, fiscal, or other value that also require longevity past the duration of the agency’s normal use, the duration of the backup copies and the granularity with which they are created should reflect the requirements of those values.
  • A system for maintaining security backup files and their associated procedures must be continued for as long as the approved retention period of the original records and data requires. Retention of security backup files for longer than the retention period specified for the original records and data may subject the agency to unnecessary risks.

For more important record series, the agency should establish specifications regarding how often copies are moved from their normal storage environment, when duplicate copies must be made, the storage method, and what provisions are in place to verify files or entire systems can be restored from the backup media. For record series stored only electronically and especially for those with enduring archival, legal, fiscal, or other value, more thorough documentation may be required in addition to the types of specifications noted above. Backup documentation should cover, among others, the elements of granularity and frequency, duplication (if applicable) and frequency, and offsite storage and frequency (how often copies---either duplicate or original security backup files---are moved from their normal storage environment).

Off