The Abbey Newsletter

Volume 21, Number 8
1997


Vital Records Protection Issues

By Pat Moore

Because your business survival may depend on the availability of time-sensitive business information--how thoroughly do you prequalify your offsite storage vendor, alternate storage location or in-house vault or backup location? What technical standards criteria do you use to protect your vital information? Without the data, there is no recovery, but storing critical information offsite requires more than just a storage warehouse.

In light of the increased frequency with which offsite storage vendors have been experiencing major losses to their facilities and the vital records stored therein, it is of utmost importance to review and understand what protection and response standards your selected vendors or alternate storage locations adhere to. Five of the most recent and serious offsite storage facility losses have caused contingency planners, risk managers, facility managers, records management personnel, information managers and offsite storage vendors to take a closer look at their exposures in this area.

Recent Vital Records Offsite Storage Vendor Disasters:

October 26, 1996--Fire (ruled accidental by the Chicago Fire Department and independent investigators) heavily damages the Brambles Information Management Center in Chicago--220,000 boxes of archival and vital records information destroyed.

March 7th, March 17th, and March 19th, 1997--Three disastrous fires at the Iron Mountain Record Centers in South Brunswick, NJ (arson is suspected)--200 companies affected, and nearly 1 million boxes of paper records destroyed.

May 6th, 1997--Fire totals facility at the Diversified Records Services Center near Scranton, PA (ruled suspicious due to similar fires at similar locations in the area)--Paper documents and microfilm stacked 45 feet high from floor to ceiling inside a steel building the size of a football field, burned to the ground.

Although enormous amounts of archival and vital records were destroyed in these fire losses, natural disasters such as hurricanes, flooding, earthquakes, blizzards and tornadoes have wreaked havoc with offsite storage locations as well. Since the Midwest floods of 1993, each subsequent year's flood damage has brought about a tremendous loss of not only facilities, but the vital records, media and equipment stored therein. Who among us can ever forget the media reports and pictures of the flooded cities and their buildings (including corporate, municipal, academic and institutional facilities, and their critical contents) in the Midwest, the Southeast, the Pacific Northwest, Kentucky, Nevada, and most recently, towns in North Dakota and Minnesota? Hard copy vital records became paper mache, and electronic and data recovery equipment were lost to corrosion while damage assessment teams and restoration companies waited for the waters to recede.

Earthquakes have made many types of facilities, including a nationwide offsite storage vendor's major warehouse in California, unfit for access due to loss of structural integrity. This posed a major problem to their clients whose archival and vital records were stored in the seriously damaged building. In these situations the jurisdictional authorities will provide either extremely limited access or none at all

Photograph

A nationwide, major healthcare corporation's stand-alone, in-house vital record center, housed in California, was contaminated due to asbestos which became friable during the earthquake. Retrieving the one-of-a-kind medical records stored in this building was extremely difficult and required expensive and lengthy removal, decontamination, and restoration procedures.

Tornadoes tear through Tornado Alley in Oklahoma, Texas, Nebraska, Kansas, Arkansas and Georgia on a regular basis, not only causing loss of life, but destroying buildings and their critical contents as well.

One Texas town saw their buildings destroyed or roofs of most of their buildings torn off, leaving their contents totally exposed. Their City Hall, with its vital records center containing one-of-a-kind documentation, not only lost its roof, but was then inundated with rain and wind, drenching and scattering vital hard copy documents, microfilm, microfiche and magnetic media for miles.

Photograph

In addition to fire and water damage, as well as natural disasters that could affect your vital records' storage location, you must consider the potential for terrorism, vandalism and breach of security at these sites. Many vital records were destroyed in the bomb blast at the Alfred P. Murrah Federal Building and surrounding buildings in Oklahoma City.

During the Rodney King trial and its aftermath in Los Angeles, extreme acts of vandalism and subsequent fire bombings occurred. A major offsite storage facility, adjacent to a fire-bombed building, was badly damaged, and access to the damaged and stored vital records was denied for an extended period of time. However, in this particular case, the offsite storage vendor had identified, in their own disaster recovery plan, an external resource who was able to obtain permission to enter the facility (under escort) and retrieve trailer loads of records to be transported to the restoration site.

As you review the credentials, services and integrity of your offsite storage vendor, as well as your potential in-house records storage areas, make sure your evaluation includes, at minimum, the following selection criteria:

Limitation against unauthorized access

Your ease of accessibility to your records

Disaster-resistive construction of the facility and its vaults that meets compliance issues

Fire prevention systems that comply with NFPA Standards

Auxiliary power systems

Proper environmental controls

Magnetic shielding

Fail-safe communication capabilities

Fail-safe transportation and handling capabilities

High impact-resistant transportation and storage containers

Necessary personnel security clearances for classified, confidential or proprietary data

A disaster recovery and business continuity plan that addresses your priorities

In addition, numerous standard setting and testing organizations in the United States require compliance with, and provide the framework for, protecting and preserving, among many items, vital records, media and electronic equipment. These standards apply not only to the vital records themselves, but the actual facility and vaults housing the vital records and data recovery equipment as well. The focus of these organizations can be somewhat different from each other. For example, one might focus more on types of construction and materials that are used in the building trades, and one can migrate more towards security programs such as the utilization of sprinklers, modular security vaults and camera systems. There is, however, a great deal of overlap among them.

As such, it is imperative that you research which standards these expert organizations provide, and then make your educated decisions on choosing a vendor and an alternate in-house or offsite storage location and vendor that are in compliance with them. In some cases, you will choose more than one location and vendor.

Some examples of these organizations and their standards and ratings, as well as their contact information, are as follows:

American National Standards Institute (ANSI) New York City, NY (212) 642-4900

ANSI/ASME NQA-1: Quality Assurance Requirements for Nuclear Facilities Applications

ANSI IT9.11: Standard for Imaging Media--Processed Safety Photographic Film Storage. Also, Air Conditioning Requirements and Air Purity

American Society For Testing and Materials (ASTM) West Conshohocken, PA (610) 832-9500

ASTM E 119: Test Method for Fire Test of Building Construction Materials

Factory Mutual Research Corporation (FM) Norwood, MA (617) 762-4300

FM Approval Class 4200: Storage of Records and Valuables

The National Fire Protection Association (NFPA) Quincy, MA (617) 770-3000

NFPA 232: Standard for the Protection of Records

NFPA 40: Standard for the Storage and Handling of Cellulose Nitrate Film Records

NFPA 232AM: Standard for Fire Risk Evaluation of Structures Containing Vital Records

NFPA 75: Standard for the Protection of Electronic Computer/Data Processing Equipment

Numerous other NFPA Standards address such areas as Protective Signaling Systems, Automatic Fire Detectors, Fire Extinguishing Systems, Gaseous Extinguishment, Operating Procedures and Rack Storage.

National Institute of Standards and Technology (NIST) (U.S. Dept. of Commerce) Gaithersburg, MD (301) 975-2000

NIST Special Publication 500-199: The 3480 Type Tape Cartridge: Potential Data Storage Risks, and Care and Handling Procedures to Minimize Risks

Underwriters Laboratory (UL) Northbrook, IL (847) 272-8800 x 43731

UL 72: - Test for Fire Resistance of Record Protection Equipment

UL 155: -Tests for Fire Resistance of Vault and File Room Doors

These are only a few examples of the standards, testing and compliance criteria used for the protection of vital records and data recovery equipment.

All of the above organizations provide catalogues which list and define their information and publications.

In addition to ensuring that your vendors or alternate storage locations are in compliance with the necessary criteria, it is equally important to understand the terminology used by the vendors. For example, Hugh Smith, Vice President of FIRELOCK in Kutztown, PA, states that

the basic misunderstanding that leads to the destruction of many vital records and media involved in a catastrophic fire, is that the client does not understand the difference between a two-hour fire rating versus a two-hour classified fire rating. Media stored within a vault chamber cannot exceed a certain temperature (125°F) and humidity (80% relative humidity) for the duration of the rating.

Typical building construction elements such as metal doors and gypsum board walls are only tested for the time it takes to burn through them, not heat migration. That means that the temperature inside the room climbs above the level at which the media is destroyed long before the fire actually eats through the wall assembly or metal door. Most standard building walls only provide 15-30 minutes of protection, but they represent 70-80% of the vaults constructed for vital records protection. Clients making the decision as to where their offsite records will be stored should inspect the vault facility and ask for specifications on the vault chamber. A responsible vendor should be willing to supply the shop drawings and performance standards for their vault.

In addition to adhering to the proper standards and test criteria at their storage locations, offsite storage vendors should also be true business partners to their clients. Dick Drutman, President and CEO of ARCUS Off-site Data Storage, Disaster Recovery Services and Information Technology Staffing Solutions in Pleasanton, CA, states, "The focus of an offsite data storage vendor is to ensure that the vital information to run any business is not only stored, protected and cycled continually, but that they have the ability to immediately provide the linkage between the media vendor and the alternate processing site seven days a week, twenty-four hours a day."

As you review what exposures you have in offsite or in-house alternate locations for your vital records, also ensure that there is a current inventory for the stored data. There should be a backup copy of this inventory stored at another site so if the storage area is damaged or demolished, you will know what was there, and what you might have to recreate. This is important not only from a business or service continuation standpoint, but in order to meet your legal retention schedules.

A thorough vital records recovery plan will also address and provide, at minimum, the following information for vital records stored in-house:

A list (with a backup copy stored offsite) of the most vital records, along with their building and room locations, accompanied by floor plans.

A list (with a backup copy stored offsite) of all safe and vault combinations, and location of keys to all file cabinets or desks or containers which house vital records.

Identification of the procedures for removing these records, including a tracking method (e.g. bar coding), relocation destination, transportation, handling and restoration, vendors 24 hour contact information, necessary clearances, permits and internal or external personnel assigned to accompany the records.

Identification of specific recommended handling and preservation techniques, based on the media involved.

Identification of the person or team in charge of this recovery, and their 24 hour contact information.

Prioritization of records to be recovered and or restored.

Identification of the criteria necessary to meet specific legal retention schedules.

Acquiring of adequate insurance to address, for example, retrieval of data from the damaged medium, or business interruption issues.

As you review potential or existing exposures in the protection of your vital records, do not forget to protect your critical work in progress which may not be backed up every day and is sitting out on desks, or in desk drawers, or placed in open shelving. For example, critical work in progress could include recently updated asset inventories, financial or claim documentation, personnel or medical records, vendor and customer contracts and agreements which are being negotiated, manufacturing specifications, formulas, research and development information, compliance documentation, special permits, building engineering drawings and updates, equipment operating and repair reference manuals, plant management reporting data and progress reports, financial analysis and minutes of stockholder and board meetings.

All data is not always backed up or stored offsite. Which departments or business units have exposure in these areas? What vital information is sitting unprotected in your work environment at the end of the business day? What financial analysis, inventory data, research and development projects, application or permitting information, design and engineering specifications, change orders, patents, formulas, scheduling, patient or medical history, claims or insurance documentation, legal depositions, training, certification, historical or compliance data, for example, has not yet been backed up at the time of the disaster? What originals stay in your facilities unprotected? It is important to identify and prioritize your critical work in progress and then establish procedures, such as a clean desk policy or additional safety measures to reduce your exposure.

The word protect is defined by Webster as "to shield or defend against danger or injury." How well does your, or your vendors', vital records protection program meet this definition?

This article may not be reprinted, reproduced or distributed in part, or in total, without the express written consent of the author. Copyright ©Strohl Systems 1998. All Rights Reserved.

This article has been reprinted with permission from the Summer 1997 issue of the Disaster Recovery Journal, p. 26-28.

About the Author

Pat Moore, a Certified Business Continuity Professional (CBCP) and a Fellow of the Business Continuity Institute (FBCI), is Vice-President, Business Continuity Education for Strohl Systems, headquartered in King of Prussia, PA. Strohl Systems and its global network of distributors provide disaster recovery, business continuity, and business impact analysis software, as well as educational and consulting services. Pat is known internationally for her real world experience and expertise in the disaster recovery and business continuity industry, and lectures worldwide on these subjects.

Files damaged at a company vital records center during a recent earthquake.

Substantial losses can result when records storage facilities are damaged.

 [Contents]  [Search]  [Abbey]


[Search all CoOL documents]