Government of Canada Records Management Metadata Standard - encryptionStatus
[To be actioned by Treasury Board of Canada, Secretariat before publication]
An indicator that a record is systematically scrambled so that it cannot be read without knowing the coding key.
To identify whether or not a record is encrypted.
"The regulatory environment, in which the organization operates, establishes broad principles on access rights, conditions or restrictions that should be incorporated into the operation of records systems…Records may contain personal, commercial or operationally sensitive information. In some cases, access to the records, or information about them, should not be permitted….Ensuring appropriate access controls is done by assigning access status to both records and individuals." ISO International Standard 15489-1, s. 9.7
"Managing the access process involves ensuring that:
a) records are categorized according to their access status at a particular time,
b) records are only released to those who are authorized to see them,
c) encrypted records can be read as and when required and authorized,
d) records processes and transactions are only undertaken by those authorized to perform them, and
e) parts of the organization with responsibility for particular business functions specify access permissions to records relating to their area of responsibility." ISO International Standard 15489-1, s. 9.7
"Control measures such as access monitoring, user verification, authorized destruction and security should be implemented to prevent unauthorized access, destruction, alteration or removal of records." ISO International Standard 15489-1, s. 8.2.3
Yes/No or On/Off representations.
Applicable at record level only.
Optional at record level.
Encryption Description; Event Type; Sensitivity
Conditions of Application - Record
Yes/No or On/Off representations.
Pre Record Declared Locked
Post Record Declared Locked
Yes, by authorized official only.
Conditions of Application - File
Comments and Guidance
a) Explanation of Definition/Usage
The purpose of this element is simply to identify whether or not a record is encrypted. It is not intended to identify how the record is encrypted or the security level of the encryption. Details of what constitute a reliable encryption will be determined by each institution.
b) Best Practices
Recommended best practice is to use a Boolean indicator (i.e. Yes/No or On/Off) to identify the presence of an encrypted record.
It is important for an institution to understand that encryption affects the information management lifecycle of a record, in that future use of the record will rely on the encryption key that is applied to that record. Further, transfer of the record may require decryption. Institutions are encouraged to create business rules to ensure procedures are in place to decrypt a record in a timely fashion.
Once an encrypted record is locked, the value of this element may be modified by an authorized official only. Such modification may be necessary, as stated above, to indicate that an encrypted record was decrypted for transfer to Library and Archives Canada. Alternatively, in some cases, a locked non-encrypted record may need to be encrypted for transfer outside the GC.
It is important to note that in the cases cited above, both the metadata record and the actual record itself are being modified.
Encryption Status is generally handled by a document management system and is not a records management specific requirement; therefore, this element is optional.
d) Default Values/Auto-populate
Given that in most applications, this element is simply a flag; the default setting will indicate that the record is not encrypted.
This element is intrinsically linked to the Encryption Description element. Institution-specific business rules may dictate that information of a certain sensitivity level be encrypted, hence a link to the element Sensitivity.
Encryption Status is linked to the element Event Type in cases where a change to the status of the record must be noted in the management and event history log.