TABLE OF CONTENTS
| Topics | Sections |
| OVERVIEW | 4.1 What is the purpose of this chapter? 4.2 What is the scope of this chapter? 4.3 What is the overall policy? 4.4 What are the authorities for this chapter? 4.5 What terms do you need to know to understand this chapter? |
| RESPONSIBILITIES | 4.6 Who has responsibilities for managing electronic records? |
| CREATING ELECTRONIC RECORDS | 4.7 What requirements apply when creating electronic records? 4.8 What are the requirements for digitizing paper or analog records? 4.9 What records management requirements and controls apply to Service electronic information systems? |
| MAINTAINING AND MANAGING ELECTRONIC RECORDS | 4.10 What is the overall policy on maintaining and managing electronic records? 4.11 What general file management requirements must employees follow? 4.12 What are the requirements for file plans? 4.13 How should employees name files and folders? 4.14 What are the requirements for preserving and managing electronic messaging records? |
| DISPOSITIONING ELECTRONIC RECORDS | 4.15 How do employees disposition electronic records? |
| CONTRACTORS AND OTHER PARTNERS | 4.16 What are the electronic records management requirements for contractors and other partners? |
| DISCLOSURE OF ELECTRONIC RECORDS | 4.17 What requirements apply to disclosing electronic records? |
OVERVIEW
4.1 What is the purpose of this chapter? This chapter describes policy and guidance related to the creation, maintenance, use, and disposition of U.S. Fish and Wildlife Service (Service) electronic records.
4.2 What is the scope of this chapter? This chapter applies to all:
A. Service employees, contractors (through their contracts), and other authorized agents who create, maintain, use, or disposition electronic records on behalf of the Service. For simplicity, we use the term “employee” in this chapter to describe all of these individuals. See section 4.16 for more information specific to contractors, partners, and others outside of the Service.
B. Electronic records, regardless of format, storage medium, or the information system used to create, maintain, or use them. Electronic records include any information recorded in a form that only an automated system can process and encompass both content and associated metadata.
4.3 What is the overall policy? In accordance with 280 FW 1, Records and Information Management Policy and Program, employees must maintain all records in electronic form consistent with Office of Management and Budget (OMB) and National Archives and Records Administration (NARA) requirements. This means that employees must create records electronically and manage them electronically throughout their lifecycle.
4.4 What are the authorities for this chapter?
A. E-Government Act of 2002 (Public Law 107-347).
B. Electronic Records Management (36 CFR 1236).
C. NARA Bulletins:
(1) 2014-04, Format Guidance for the Transfer of Permanent Electronic Records.
(2) 2015-02, Guidance on Managing Electronic Messages.
(3) 2015-04, Metadata Guidance for the Transfer of Permanent Electronic Records.
(4) 2020-01, Guidance on OMB/NARA Memorandum Transition to Electronic Records.
E. OMB Circular A-130, Managing Information as a Strategic Resource.
F. OMB Memorandum M-19-21, Transition to Electronic Records, as amended by M-23-07, Update to Transition to Electronic Records.
G. Records Management by Federal Agencies (44 U.S.C. 31).
H. Rehabilitation Act of 1973 (Section 508), as amended (29 U.S.C. 794d).
4.5 What terms do you need to know to understand this chapter?
A. Accession. The transfer of legal title and the taking of records into the physical custody of NARA.
B. Digitization. Converting physical records into electronic formats.
C. Disposition. Actions taken after records are no longer needed to conduct regular Service business. Disposition of records may include legally deleting, destroying, or transferring the records to NARA or a NARA-approved repository.
D. Electronic Information System (EIS). Technology that contains and provides access to computerized Federal records and other information. This includes major applications, relational databases, and spreadsheets created to capture data and information that the Service uses for program business functions and decision-making activities.
E. Electronic record. Any information in a form that only a computer can process and that satisfies the definition of a Federal record. The term includes both content and associated metadata. Examples of electronic records include, but are not limited to:
(1) Emails,
(2) Databases,
(3) Documents developed using word processing software,
(4) Spreadsheets,
(5) Website content,
(6) Digital images,
(7) Texts and instant messages, and
(8) Records from EISs.
F. Electronic recordkeeping. Automated techniques designed to facilitate record management.
G. Electronic records management system. An information system designed to classify electronic records based on NARA-approved records schedules, apply legal holds due to litigation or court orders, and disposition records. The Department provides approval for using electronic records management systems within the Service.
H. Federal record. 44 U.S.C. 3301 provides the definition of a Federal record. The full definition and criteria for what constitutes a record is in 280 FW 1.
I. File plan. A plan a Service program or office creates that, at a minimum, designates:
(1) The location(s) (physical or otherwise) where files are maintained,
(2) Specific types of files maintained at each location,
(3) Organizational elements who oversee the files, and
(4) Applicable records retention schedule.
J. Metadata. For the purposes of this chapter, metadata are the administrative, descriptive, and technical information that describes the structure structure
Something temporarily or permanently constructed, built, or placed; and constructed of natural or manufactured parts including, but not limited to, a building, shed, cabin, porch, bridge, walkway, stair steps, sign, landing, platform, dock, rack, fence, telecommunication device, antennae, fish cleaning table, satellite dish/mount, or well head.
Learn more about structure and content of an electronic record. Metadata includes contextual information about how, when, and by whom electronic records were created, used, managed, maintained, and deleted.
K. Permanent records. Records that have archival value and warrant NARA’s continued preservation beyond the period that is required for conducting Government business and functions. The Appraisal Policy of the National Archives defines the framework and guidelines that they use to determine archival value.
L. Proactive disclosure. Making copies of certain records available to the public outside of the Freedom of Information Act (FOIA) process, in accordance with 5 U.S.C. 552a(2).
M. Records schedule. A NARA-approved document with mandatory instructions for the disposition of records, including the transfer of permanent records and disposal of temporary records.
N. System owner. Employee or organization having responsibility for an information system’s development, procurement, integration, modification, operation and maintenance, and final disposition.
O. Temporary records. Records that do not have archival value and can be disposed of with the Service Chief Records Officer’s (or delegated employee’s) approval once the record has reached the end of its scheduled retention period.
RESPONSIBILITIES
4.6 Who has responsibilities for managing electronic records? See Table 4-1.
Table 4-1: Responsibilities for Electronic Records Management
| These employees... | Are responsible for... |
| A. The Director | Approving or declining to approve Servicewide Records and Information Management (RIM) policies and procedures. |
| B. Directorate members (e.g., Regional Directors; Assistant Directors; Director, National Conservation Training Center) | (1) Ensuring employees within their Regions or programs are aware of and adhere to the requirements in this chapter; (2) Supporting and providing resources for electronic recordkeeping within their offices; (3) Ensuring employees within their Regions or programs complete annual Information Management and Technology (IMT) training, which addresses appropriate electronic records management; and (4) Ensuring offices within their control establish file plans in accordance with sections 4.11 and 4.12. |
| C. Associate Chief Information Officer (ACIO) (also known as the Assistant Director - Information Resources and Technology Management (IRTM)) | (1) Establishing policies, standards, and guidance for electronic records management; (2) Ensuring Service Regions and programs have the necessary technical infrastructure to appropriately maintain electronic records; (3) Ensuring EISs appropriately incorporate electronic recordkeeping requirements prior to providing systems with an authority to operate; and (4) Ensuring IRTM maintains an inventory of all Service EISs. |
| D. Chief, IRTM Division of Policy and Planning | Assisting the ACIO and the Chief Records Officer with developing policies, standards, and guidance for electronic records and file management. |
| E. Service Chief Records Officer (CRO) | (1) Facilitating the proper management of the Service’s electronic records throughout their lifecycles; (2) Developing Service-specific electronic records and file management policies, standards, and guidance; (3) Ensuring all Service EISs have an applicable records schedule; (4) Serving as the Departmental liaison for all matters related to electronic recordkeeping and electronic records management systems; (5) Coordinating with the Service’s cybersecurity program and others as necessary to develop and implement procedures designed to prevent the loss, removal, theft of, or unauthorized access to Service electronic records; (6) Providing Service programs and offices with training related to maintenance and disposition of electronic records, as well as training on creating file plans and other file maintenance activities; (7) Developing and providing offices with a file plan template; (8) Reviewing and approving all completed file plans; (9) Verifying that the Service implements and uses Department-approved electronic records management system(s) appropriately; (10) Reviewing proposed EIS projects to incorporate electronic records requirements into the systems’ design, development, and implementation in accordance with 270 FW 2, Project Management Office and IMT Project Management; (11) Coordinating with system owners to implement records management controls in their systems that follow records retention and disposition policies; and (12) Reviewing and approving requests to access emails and other records stored in the Department’s electronic records management system. |
| F. Records and Information Management (RIM) Specialists within IRTM | (1) Working with Service employees to disposition electronic records in accordance with the applicable records schedule; (2) Assisting offices within their areas of responsibility with developing and implementing file plans; (3) Assisting employees with accessioning electronic records to NARA; (4) Conducting electronic records and file management training within their assigned areas of responsibility; and (5) Helping employees meet their obligations for preserving electronic records in response to FOIA requests, congressional oversight, or legal hold requests. |
| G. Chief, IRTM Division of Operations | (1) Establishing procedures for IT Specialists in their division to assist with transferring electronic records from a departing employee to the employee’s supervisor to ensure the Service maintains control, and (2) Forwarding requests from employees to access emails and other records stored in the Department’s electronic records management system to a RIM Specialist. |
| H. System owners | (1) Ensuring electronic records created or maintained within an EIS for which they are responsible are managed in accordance with this chapter’s requirements; (2) Coordinating with the Service’s CRO to ensure their EISs incorporate applicable RIM requirements, policies, and procedures into system design, development, implementation, and disposition; (3) Submitting applicable EIS projects through the project review process described in 270 FW 2 and the IMT Project Review and Approval Handbookto ensure electronic recordkeeping requirements are appropriately addressed; (4) Completing applicable electronic records requirements when decommissioning an EIS in accordance with 270 FW 3, Decommissioning Information Systems and IMT Investments; and (5) Delegating these responsibilities, in writing, to a system manager or other individual, as necessary and appropriate. |
| I. Managers/supervisors | (1) Ensuring employees under their supervision are aware of and adhere to the requirements in this chapter; (2) Ensuring employees under their supervision complete annual IMT training, which addresses appropriate electronic records management; (3) Developing file plans for their offices, in coordination with their RIM Specialist, and reviewing those plans every 5 years; (4) Working with IT Specialists and departing employees to ensure the Service retains custody of and access to electronic records as part of the exit clearance process; and (5) Ensuring remote and teleworking employees maintain electronic records in a way that is equal to the controls applied in the physical workplace. |
| J. Employees | (1) Creating, maintaining, using, protecting, and dispositioning electronic records in accordance with this chapter’s requirements and related Federal and Departmental laws, regulations, and guidance; (2) Capturing or creating metadata for electronic records in accordance with NARA requirements; (3) Coordinating with a RIM Specialist to disposition electronic records in accordance with the applicable approved records schedule; (4) Storing electronic records in approved locations to ensure records can be efficiently retrieved; (5) Practicing appropriate file management, including following established file plans and file naming conventions; (6) Coordinating with their supervisors, RIM Specialists, and IT Specialists to transfer custody of electronic records prior to departing from the Service; (7) Completing annual IMT awareness training; and (8) Protecting electronic records to prevent unauthorized access to them and their removal, destruction, or loss. |
CREATING ELECTRONIC RECORDS
4.7 What requirements apply when creating electronic records?
A. As we describe in section 4.3, Service employees must create and maintain records electronically throughout their lifecycle. Employees should not create or maintain paper or analog records unless mandated by law or regulation.
B. Electronic records Service employees create must be:
(1) Accompanied by metadata that, at a minimum, provide contextual information about how, when, and by whom electronic records were created, used, managed, and maintained;
(2) Created in a usable and retrievable file format to ensure the records are accessible for the duration required by the Department’s administrative and policy records schedules, NARA’s General Records Schedules, or the Service’s latest approved records disposition schedule; and
(3) Accessible to the extent required by Section 508 of the Rehabilitation Act of 1974 and the revised Section 508 technical standards and guidelines. See 270 FW 4, Implementing Section 508 of the Rehabilitation Act, for more information;
C. To facilitate creating electronic records and assist with meeting accessibility requirements, employees must use their Personal Identity Verification (PIV) card to digitally sign documents requiring high levels of assurance, whenever possible. Digital signatures must comply with the Department’s RMP 2020-01, Digital Signature Usage in Records.
4.8 What are the requirements for digitizing paper or analog records?
A. Offices undertaking a project to digitize paper or analog records must:
(1) Ensure digitized electronic records meet or exceed the standards established in 36 CFR 1236, Subpart D (for temporary records) or Subpart E (for permanent records). These standards include ensuring the digitized record captures all information in the original source record and is of suitable quality to replace the original source record;
(2) Manage digitized electronic records according to the requirements we describe in the “Maintaining and Managing Electronic Records” section below; and
(3) Receive approval from the Service CRO to dispose of the paper records following digitization in accordance with 280 FW 1, 283 FW 1, and RMP 2020-03, Federal Records Disposal Authorization.
B. For digitizing permanent records, in addition to the requirements above, offices must receive approval from the Service’s CRO prior to beginning the project. To receive approval, the office must complete the documentation that 36 CFR 1236.44 requires and give it to the CRO. Necessary documentation includes:
(1) A project plan that identifies:
(a) Record series or file units to digitize;
(b) Method used to name digitized records;
(c) Estimated date range of the source records;
(d) Gaps, missing records in the series, or missing pages;
(e) Estimated volume, media types, dimensions, physical characteristics, and condition of the source records;
(f) Equipment and software used to digitize the records;
(g) Estimated file storage requirements for digitized records;
(h) Any access or use restrictions that apply to the records;
(i) Method used to capture the relationships that exist between source records once they are digitized; and
(j) Any metadata element labels that differ from the metadata that 36 CFR 1236.54 requires.
(2) Any information needed to associate the digitized records to the appropriate records schedule(s), including the item numbers;
(3) Any related search aids, indexes, inventories, logs, registers, or metadata schemas we use to manage the records that can serve as sources of required metadata; and
(4) A quality management plan that ensures the project meets quality assurance and quality control inspection procedures.
4.9 What records management requirements and controls apply to Service EISs? When employees propose purchasing, developing, otherwise acquiring, or modifying a Service EIS, they must ask the Requirements Management Board (RMB) to review the action using the process in 270 FW 2 and the IMT Project Review and Approval Handbook. The RIM program must work with the RMB and system owner to ensure electronic records created by and stored within the system are covered under a NARA-approved records schedule and that the system owner maintains, manages, and dispositions records in accordance with that schedule.
MAINTAINING AND MANAGING ELECTRONIC RECORDS
4.10 What is the overall policy for maintaining and managing electronic records? Electronic records must be managed within a Department-approved location while in use and preserved for long-term storage within a Department-approved records management system. The following sections provide file management requirements for offices and employees to implement that help facilitate electronic record retrieval and management.
4.11 What general file management requirements must employees follow?
A. To facilitate electronic record file retrieval and management, offices must implement effective file management practices consistent with programmatic business needs and practices, including:
(1) Establishing file plans that align electronic records that the office produces and manages to the appropriate records schedule,and
(2) Naming files in accordance with section 4.13.
B. Employees must not store files on local computer hard drives or removable storage media (e.g., flash drives, external hard drives) to avoid potential record loss due to hardware failure. Employees must instead store files in a Department-approved cloud or network location.
C. Employees must implement controls to limit access to files with sensitive information to authorized individuals. Files subject to the Privacy Act requirements or containing Personally Identifiable Information (PII) must be protected in accordance with 204 FW 1, Privacy Program. Files containing Controlled Unclassified Information (CUI) must be protected in accordance with 32 CFR 2002 and NARA's CUI Registry.
4.12 What are the requirements for file plans?
A. Office file plans must describe:
(1) Types of electronic files that employees use, including both records and nonrecords, and information that third parties provide to the Service to make decisions;
(2) Official storage locations for files;
(3) How files are indexed for retrieval;
(4) Records disposition information for applicable files, including whether the records are subject to temporary or permanent retention; and
(5) Restrictions on access or use for files that are subject to the requirements of the Privacy Act, subject to privilege or exemption under the FOIA, contain PII or CUI, or otherwise must be protected.
B. The Service’s RIM program has a file plan template that offices may use. Offices may reach out to their assigned RIM Specialists for assistance with developing their respective plans.
C. The Service’s CRO must approve file plans. Once approved, file plans must be stored in a readily accessible location for employees to use.
D. Managers/supervisors, or their designees, should review and revalidate their office file plan(s) at least every 5 years. If changes are necessary, the manager/supervisor should work with their RIM Specialist to edit the plan and prepare it for CRO approval.
4.13 How should employees name files and folders?
A. To make it easier to retrieve electronic records, employees should create file names that meet the following requirements, consistent with the practices and needs of their offices:
(1) Place the date at the beginning of the file name and use international standard date notation (YYYYMMDD);
(2) Create file names that are unique, consistently structured, persistent, and not overly complex;
(3) Limit names to no more than 35 characters;
(4) Use leading 0’s to facilitate sorting in numerical order (i.e., 001, 002 rather than 1, 2, etc.);
(5) Include a file extension (.docx, .pdf, etc.);
(6) Use lowercase letters unless the name has more than one word. If there is more than one word in the file name, each word should start with an uppercase letter (e.g., 20251114_Long_File_Name);
(7) Use numbers and letters and avoid using special characters or blank spaces that could cause problems for computer operating systems; and
(8) Use hyphens or underscores instead of spaces.
B. Folder names should align with the applicable file plan and contain only letters, numbers, hyphens, and underscores. Limit the number of characters as much as possible to avoid issues caused by reaching the maximum file path length of 255 characters.
4.14 What are the requirements for preserving and managing electronic messaging records? Employees create electronic messaging records when they use systems to communicate with other employees, partners, and members of the public. They include emails, text messages, instant messages (i.e., chats), social media (e.g., posts, comments, direct messages), and similar forms of communication.
A. General requirements. Service employees must manage electronic messaging records in the same way as other electronic records described in this chapter. This includes preserving messages that meet the definition of Federal records within an approved storage location or Department-approved electronic records management system and producing electronic messages in response to FOIA requests, legal holds, and other similar record requests.
B. Emails. The Department implements a technical solution that captures and manages emails and email attachments in an electronic records management system.
(1) Employees must maintain and produce, as necessary, emails and all associated attachments that are subject to preservation requirements in response to FOIA requests, congressional oversight, legal hold requests, and production for litigation (i.e., administrative records or discovery).
(2) Employees must promptly delete nonrecord email messages.
C. Text and instant messages. To appropriately manage text and instant messages, employees must:
(1) Only use Department-approved text and instant messaging applications to send messages for their work. If an employee wants to use an alternative application, they must coordinate the request through their supervisor and the Service’s RMB. The ACIO approves or declines to approve such requests.
(2) Preserve text or instant message records in accordance with RMP 2020-11, Preserving Text and Instant Messages as Federal Records. Instant messages sent using Department-approved messaging applications are automatically captured with the Department’s electronic record management system.
(3) There is no mechanism in place to capture records created using the native text messaging applications on Government-furnished mobile devices (i.e., smartphones or tablets) or ACIO-approved alternative messaging applications (see above). As a result, employees must preserve these records by:
(a) Performing screen captures or working with an IT Specialist and RIM Specialist to ensure the record is backed up to an approved location;
(b) Capturing and preserving the record and metadata that shows the sender, recipient, date, and time of the message; and
(c) Ensuring all text messages that are Federal records sent or received on Government-furnished mobile devices are preserved prior to disposing of the devices in accordance with 272 FW 3, Managing and Securing Government-Furnished Mobile Devices.
D. Social media posts. The majority of posts on Service social media are nonrecords. However, social media posts that meet the definition of a Federal record and have not been disseminated by other means are electronic records. Employees who create social media posts that are records are also responsible for capturing them in accordance with the Service’s RIM program guidance.
E. Non-official messaging accounts. Employees must not use personal messaging accounts to conduct Service business. If an employee mistakenly uses a personal account to conduct Service business, they must forward any messages they send or receive (including any attachments) to an official account within 20 days. See OCIO Directive 2015-003, Notice of Disclosure Requirements for Official Business Conducted Using Non-Official Electronic Messaging Accounts, for more information.
F. Requesting copies of electronic messages. Under certain circumstances, employees may request copies of email and instant messages stored in the Department’s electronic record management system for business-related needs. To do so, employees must complete an Enterprise eArchive System Audit Request (DI-4003 form) and obtain the appropriate approvals that are required based on the request (e.g., Service FOIA Officer, CRO, Office of the Solicitor, etc.).
DISPOSITIONING ELECTRONIC RECORDS
4.15 How do employees disposition electronic records?
A. Prior to deleting, destroying, transferring, or accessioning electronic records to NARA, employees must receive the approval of the Service’s CRO or a designated RIM Specialist. Part 283 of the Service Manual (Records Disposition) provides exact requirements, including completing FWS Form 3-2513, Regional/Program Records Disposition Certification, before deleting or destroying electronic records.
B. Electronic records may require retention beyond their usual retention period in response to FOIA, congressional oversight, or legal hold requests. Employees must follow guidance from the CRO, Service FOIA Officer, or Office of the Solicitor in these instances.
CONTRACTORS AND OTHER PARTNERS
4.16 What are the electronic records management requirements for contractors and other partners? When the Service enters into a contract or agreement that requires a non-Federal entity to create, work with, or otherwise handle our electronic records, we must include applicable records management contract language from the Department’s “IT Baseline Compliance Contract Guidelines,” dated August 15, 2022, in that contract or agreement. Employees may supplement these requirements with requirements specific to an EIS.
DISCLOSURE OF ELECTRONIC RECORDS
4.17 What requirements apply to disclosing electronic records?
A. In general, Regions, programs, and offices may proactively make any record publicly available in electronic format without a FOIA request if they are not prohibited from release by law, regulation, or policy. Prior to making a proactive disclosure, Regions, programs, and offices must provide the records to the Service’s FOIA office for review to ensure they do not contain any FOIA-exempt information. See 203 FW 1 for more information on the Service’s FOIA program and proactive disclosure.
B. In certain circumstances, we must proactively disclose records. This includes records that:
(1) Are released in response to a properly filed FOIA request without applicable exemptions,
(2) Are or are likely to become the subject of subsequent requests for substantially the same records, and