VITAL RECORDS PROTECTION ISSUES
By Pat Moore, CBCP
Because your business survival may depend on the availability of time-sensitive business information - how thoroughly do you pre-qualify your off-site storage vendor, alternate storage location or in-house vault or backup location? What technical standards criteria do you use? Without the data, there is no recovery, but storing critical information off-site requires more than just a storage warehouse.
In light of the increased frequency with which off-site storage vendors have been experiencing major losses to their facilities and the vital records stored therein, it is of utmost importance to review and understand what protection and response standards your selected vendors or alternate storage locations adhere to. Five of the most recent and serious off-site storage facility losses have caused contingency planners, risk managers, facility managers, records management personnel, information managers and off-site storage vendors to take a closer look at their exposures in this area.
RECORDS OFF-SITE STORAGE
• October 26, 1996— fire heavily damages the Brambles Information Management Center in Chicago. (ruled accidental by the Chicago Fire Department and independent investigators) - 220,000 boxes of archival and vital records information destroyed.
• March 7, March 17, and March 19, 1997 — three disastrous fires at the Iron Mountain Record Centers in South Brunswick, NJ (arson is suspected) - 200 companies affected, and nearly 1 million boxes of paper records destroyed.
• May 6, 1997— fire totals facility at the Diversified Records Services Center near Scranton, PA.(ruled ‘suspicious’ due to other similar fires at similar locations in the area) - Paper documents and microfilm stacked 45 feet high from floor to ceiling inside a steel building the size of a football field, burned to the ground.
Although enormous amounts of archival and vital records were destroyed in these fire losses, natural disasters such as hurricanes, flooding, earthquakes, blizzards and tornadoes have wreaked havoc with off-site storage locations as well. Since the Midwest floods of 1993, each subsequent year’s flood damage has brought about a tremendous loss of not only facilities, but the vital records, media and equipment stored therein. Who among us can ever forget the media reports and pictures of the flooded cities and their buildings, including corporate, municipal, academic and institutional facilities, and their critical contents in the Midwest, the Southeast, the Pacific Northwest, Kentucky, Nevada, and most recently, towns in North Dakota and Minnesota. Hard-copy vital records became paper mache, and electronic and data recovery equipment were lost to corrosion while damage assessment teams and restoration companies waited for the waters to recede.
Earthquakes have caused many types of facilities, including a nationwide off-site storage vendor’s major warehouse in California, become unfit for access due to loss of structural integrity. This posed a major problem to their clients whose archival and vital records were stored in the seriously damaged building. In these situations the jurisdictional authorities will provide either extremely limited or no access at all. A nationwide, major healthcare corporation’s stand-alone, in-house vital record center and vital records, housed in California, was contaminated due to asbestos which became friable during the earthquake. Retrieving the one-of-a-kind medical records stored in this building was extremely difficult and requiring expensive and lengthy removal, decontamination and restoration procedures.
Tornadoes tear through Tornado Alley in Oklahoma, Texas, Nebraska, Kansas, Arkansas and Georgia on a regular basis, not only causing loss of life, but destroying buildings and their critical contents as well. One Texas town saw their buildings destroyed or roofs of most of their buildings torn off, leaving their contents totally exposed. Their City Hall, with its vital record center containing one of a kind documentation, not only lost its roof, but was then inundated with rain and wind, drenching and scattering vital hard copy documents, microfilm, microfiche and magnetic media for miles.
In addition to fire and water damage, as well as natural disasters that could affect your vital records storage location, you must consider the potential for terrorism, vandalism and breach of security at these sites. Many vital records were destroyed in the bomb blast at the Alfred P. Murrah Federal building and surrounding buildings in Oklahoma City.
During the Rodney King trial and its aftermath in Los Angeles, extreme acts of vandalism and subsequent fire bombings occurred. A major off-site storage facility, adjacent to a fire-bombed building, was badly damaged and access to the damaged and stored vital records was denied for an extended period of time. However, in this particular case, the off-site storage vendor had identified, in their own disaster recovery plan, an external resource who was able to obtain permission to enter the facility (under escort) and retrieve trailer loads of records to be transported to the restoration site.
As you review the credentials, services and integrity of your off-site storage vendor, as well as your potential in-house records storage areas, make sure your evaluation includes, at minimum, the following selection criteria:
• Limitation against unauthorized access
• Your ease of accessibility to your records
• Disaster-resistive construction of the facility and its vaults that meets compliance issues
• Fire prevention systems that comply with NFPA Standards
• Auxiliary power systems
• Proper environmental controls
• Magnetic shielding
• Fail-safe communication capabilities
• Fail-safe transportation and handling capabilities
• High impact-resistant transportation and storage containers
• Necessary personnel security clearances for ‘classified, confidential or proprietary’ data
• A disaster recovery and business continuity plan that addresses your priorities.
In addition, numerous standard setting and testing organizations in the United States require compliance with, and provide the framework for, protecting and preserving, among many items, vital records, media and electronic equipment. These standards apply not only to the vital records themselves, but the actual facility and vaults housing the vital records and data recovery equipment as well. The focus of these organizations can be somewhat different from each other. For example, one might focus more on types of construction and materials that are used in the building trades, and one can migrate more towards security programs such as the utilization of sprinklers, modular security vaults and camera systems. There is, however, a great deal of overlap among them.
As such, it is imperative that you research which standards these expert organizations provide, and then make your educated decisions on choosing an alternate in-house or off-site storage location and vendor that is in compliance with them. In some cases, you will chose more than one location and vendor.
These are only a few examples of the standards, testing and compliance criteria used for the protection of vital records and data recovery equipment.
All of the above organizations provide catalogues which list and define their information and publications.
In addition to ensuring that your vendors or alternate storage locations are in compliance with the necessary criteria, it is equally important to understand the terminology used by the vendors. For example, Hugh Smith, Vice President of FIRELOCK in Kutztown, PA states that “The basic misunderstanding that leads to the destruction of many vital records and media involved in a catastrophic fire, is that the client does not understand the difference between a ’two-hour fire rating’ versus a ‘two-hour classified fire rating’. Media stored within a vault chamber cannot exceed a certain temperature (125°F) and humidity (80% relative humidity) for the duration of the rating.
Typical building construction elements such as metal doors and gypsum board walls are only tested for the time it takes to burn through them, not heat migration. That means that the temperature inside the room climbs above the level at which the media is destroyed long before the fire actually eats through the wall assembly or metal door. Most standard building walls only provide 15-30 minutes of protection, but they represent 70-80% of the vaults constructed for vital records protection.
Clients making the decision as to where their off-site records will be stored should inspect the vault facility and ask for specifications on the vault chamber. A responsible vendor should be willing to supply the shop drawings and performance standards for their vault.
In addition to adhering to the proper standards and test criteria at their storage locations, off-site storage vendors should also be a ‘true business partner’ to their clients. Dick Drutman, President and CEO of ARCUS Off-site Data Storage, Disaster Recovery Services and Information Technology Staffing Solutions in Pleasanton, CA., states that “The focus of an off-site data storage vendor is to ensure that the vital information to run any business is not only stored, protected and cycled continually, but that they have the ability to immediately provide the linkage between the media vendor and the alternate processing site seven days a week, twenty-four hours a day.”
As you review what exposures you have in off-site, or in-house alternate locations for your vital records, also ensure that there is a current inventory for the stored data. There should be a backup copy of this inventory stored at another site so if the storage area is damaged or demolished, you will know what was there, and what you might have to recreate.
This is important not only from a business or service continuation standpoint, but in order to meet your legal retention schedules.
A thorough vital records recovery plan will also address and provide, at minimum, the following information for vital records stored in-house:
• A list ( with a backup copy stored off-site) of the most vital records, along with their building and room locations, accompanied by floor plans.
• A list ( with a backup copy stored off-site) of all safe and vault combinations, and location of keys to all file cabinets or desks or containers which house vital records.
• Identification of the procedures for removing these records, including a tracking method (e.g.bar coding), relocation destination, transportation, handling and restoration vendor’s 24 hour contact information, necessary clearances, permits and internal or external personnel assigned to accompany the records.
• Identification of specific, recommended handling and preservation techniques, based on the media involved.
• Identification of the person or team in charge of this recovery, and their 24 hour contact information.
• Prioritization of records to be recovered and or restored
• Identification of the criteria necessary to meet specific legal retention schedules.
• Acquiring of adequate insurance to address, for example, retrieval of data from the damaged medium, or business interruption issues.
As you review potential or existing exposures in the protection of your vital records, do not forget to protect your critical ‘work in progress’ which may not be backed up every day and is sitting out on desks, or in desk drawers, or placed in open shelving.
For example, critical work in progress could include recently updated asset inventories, financial or claim documentation, personnel or medical records, vendor and customer contracts and agreements which are being negotiated, manufacturing specifications, formulas, research and development information, compliance documentation, special permits, building engineering drawings and updates, equipment operating and repair reference manuals, plant management reporting data and progress reports, financial analysis and minutes of stockholder and board meetings.
All data is not always backed up or stored off-site. Which departments or business units have exposure in these areas? It is important to identify and prioritize your critical ‘work in progress’ and then establish procedures, such as a ‘clean desk policy’ or additional safety measures to reduce your exposure.
The word ‘protect’ is defined by Webster as “to shield or defend against danger or injury”. How well does your, or your vendors’ vital records protection program meet this definition?
Pat Moore, a Certified Business Continuity Professional (CBCP) and a Fellow of the Business Continuity Institute (FBCI), is Vice-President, Business Continuity Education for Strohl Systems, headquartered in King of Prussia, PA. Strohl Systems, and its global network of distributors, provide disaster recovery, business continuity, and business impact analysis software, as well as educational and consulting services. Ms. Moore is known internationally for her real world experience and expertise in the disaster recovery and business continuity industry, and lectures worldwide on these subjects.
This article adapted from Vol. 10#3.
|Some examples of these organizations and their standards and ratings, as well as their contact information are as follows:
• American National Standards Institute (ANSI) New York City, NY (212) 642-4900
e.g. ANSI/ASME NQA-1: - Quality Assurance Requirements for Nuclear Facilities Applications
e.g. ANSI IT9.11: - Standard for Imaging Media - Processed Safety Photographic Film Storage. Also - Air Conditioning Requirements and Air Purity
• American Society For Testing Materials (ASTM) West Conshohocken, PA (610) 832-9500
e.g. ASTM E 119: - Test Method for Fire Test of Building Construction Materials
• Factory Mutual Research Corporation (FM) Norwood, MA (617) 762-4300
e.g. FM Approval Class 4200: Storage of Records and Valuables
• The National Fire Protection Association (NFPA) Quincy, Mass. (617) 770-3000
e.g. NFPA 232: Standard for the Protection of Records e.g. NFPA 40: Standard for the Storage and Handling of Cellulose Nitrate Film Records
e.g. NFPA 232AM: Standard for Fire Risk Evaluation of Structures Containing Vital Records
e.g. NFPA 75: Standard for the Protection of Electronic Computer/Data Processing Eqpt.
Other numerous NFPA Standards address such areas as Protective Signaling Systems, Automatic Fire Detectors, Fire Extinguishing Systems, Gaseous Extinguishment, Operating Procedures and Rack Storage, etc.
• National Institute of Standards and Technology (NIST) ( U.S. Dept. of Commerce) Gaithersburg, MD (301) 975-2000 e.g. NIST Special Publication 500-199: The 3480 Type Tape Cartridge: Potential Data Storage Risks, and Care and Handling Procedures to Minimize Risks
• Underwriters Laboratory (UL)
Northbrook, Ill. (847) 272-8800
x 43731 e.g. UL 72: Test for Fire Resistance of Record Protection Equipment e.g. UL 155:Tests for Fire Resistance of Vault and File Room Doors
DR World Main Index | Return to DRJ's Homepage
Disaster Recovery World© 1999, and Disaster Recovery Journal©
1999, are copyrighted by Systems Support, Inc. All rights reserved. Reproduction in whole or
part is prohibited without the express written permission form Systems Support, Inc.