Library and Archives Canada
Symbol of the Government of Canada

Institutional links

Government

Previous | Table of Contents | Next

8. Details of Individual Metadata Elements

8.37 Releasable To

Attributes

Attribute

Value

Identifying Attributes

Name

releasableTo

Label

Releasable To

Defined by

Government of Canada Records Management Metadata Standard - releasableTo

Element URI

[To be actioned by Treasury Board of Canada, Secretariat before publication]

Definitional Attributes

Definition

The entity to which a record or file may be disseminated outside the originating institution.

Purpose

To restrict the release of records to foreign governments, organizations and/or their representatives.

To provide a further level of protection against the compromise of national security interests.

Rationale

"The regulatory environment, in which the organization operates, establishes broad principles on access rights, conditions or restrictions that should be incorporated into the operation of records systems…Records may contain personal, commercial or operationally sensitive information. In some cases, access to the records, or information about them, should not be permitted…. Ensuring appropriate access controls is done by assigning access status to both records and individuals." ISO International Standard 15489-1, s. 9.7

"Managing the access process involves ensuring that:

a) records are categorized according to their access status at a particular time,
b) records are only released to those who are authorized to see them,
c) encrypted records can be read as and when required and authorized,
d) records processes and transactions are only undertaken by those authorized to perform them, and
e) parts of the organization with responsibility for particular business functions specify access permissions to records relating to their area of responsibility." ISO International Standard 15489-1, s. 9.7

"Control measures such as access monitoring, user verification, authorized destruction and security should be implemented to prevent unauthorized access, destruction, alteration or removal of records." ISO International Standard 15489-1, s. 8.2.3

"Key elements of security metadata, such as basic access rights or restrictions, should be identified and applied at the point of record creation and capture in order to facilitate a record's ongoing preservation and management." ISO Technical Specification 23081-1, s. 9.2.4.1

"Access to records should only be restricted when there is a business need or when the law requires it. Security metadata should be monitored and updated to ensure the ongoing applicability of all identified restrictions…Security metadata need to be maintained and kept current throughout a record's existence." ISO Technical Specification 23081-1, s. 9.2.4.2

Value Domain

Enumerated strings of text representing entities.

Datatype Name

String

Constraint

Applicable at record level and file level.

Obligation

Mandatory, if applicable, at record level; mandatory, if applicable, at file level.

Relational Attributes

Encoding Scheme

For country codes use ISO 3166 - Codes for the representation of names of countries

OTHERWISE

Institution-specific or domain-specific schemes

Linkages

Event Type; Supplemental Markings

Conditions of Application - Record

Format

Text, based on encoding scheme.

Modifiable

Pre Record Declared Locked

Post Record Declared Locked

Yes

Yes, by authorized official only.

Occurrence

Repeatable

Conditions of Application - File

Format

Text, based on encoding scheme.

Modifiable

Yes, by authorized official only.

Occurrence

Repeatable

Comments and Guidance

a) Explanation of Definition/Usage

Releasable To is an important element for the security of records and files. The intent is to identify those countries and their representatives that are granted access to sensitive records and files.

b) Best Practices

While it is important that this element be applied to information that is of a sensitive nature, the vast majority of records and files do not require this level of diligence. Each institution is required to perform a security audit to identify policies and procedures for handling their sensitive information. These policies and procedures must be in compliance with all legislation and Government of Canada security policies.

Recommended best practice is to select a value from an institution-specific scheme. If only a country name is required, recommended best practice is to select a value from ISO 3166; use the two-character code set.

The value for this element may change over the course of the record's or file's lifetime based on changes to the element Sensitivity, new international agreements or other factors that may affect who can see the record or file. Only an authorized official may modify the values for Releasable To.

c) Obligation

This element is mandatory in order to ensure the integrity and security of information.

d) Default Values/Auto-populate

None.

e) Linkages

This element is linked to Supplemental Markings, since the instructions contained in that element may affect who can view the record or file.

Releasable To is linked to the element Event Type in cases where a change to the status of the record or file must be noted in the management and event history log.

f) Examples

  1. "CA" - Canada

  2. "CA Eyes Only" - Canadian Eyes Only

  3. "CAUS Eyes Only" - Canadian/United States Eyes Only

Previous | Table of Contents | Next