APPENDIX B
Laws and Major Regulations Related to Records Management

United States

Records management practices and standards are delineated in many federal regulations. Also, there are a number of state statutes that have passed and in some cases they actually supersede federal regulations; therefore it is crucial to understand compliance within the state or states where an organization operates.

On the federal level, public companies must be vigilant in verifying, protecting, and reporting financial information to comply with requirements under Sarbanes-Oxley and the Gramm-Leach-Bliley Act (GLBA). Healthcare concerns must meet the requirements of HIPAA, and investment firms must comply with a myriad of regulations by the Securities and Exchange Commission (SEC) and National Association of Securities Dealers (NASD).

Following is a brief description of current rules, laws, regulators, and their records retention and corporate policy requirements. (Note: This is an overview, and firms should consult their own legal counsel for interpretation and applicability.)

Gramm-Leach-Bliley Act

The Financial Institution Privacy Protection Act of 2001 and Financial Institution Privacy Protection Act of 2003 (Gramm-Leach-Bliley Act) was amended in 2003 to improve and increase protection of nonpublic personal information. Through this Act, financial records be properly secured, safeguarded, and eventually completely destroyed so that the information cannot be further accessed.

Healthcare Insurance Portability and Accountability Act of 1996 (HIPAA)

HIPAA requires that security standards be adopted for: (1) controlling who may access health information; (2) providing audit trails for electronic record systems; (3) isolating health data, making it inaccessible to unauthorized access; (4) ensuring the confidentiality and safeguarding of health information when it is electronically transmitted to ensure it is physically, electronically, and administratively secure; and (5) meeting the needs and capabilities of small and rural healthcare providers.

PATRIOT Act (Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001)

The PATRIOT Act: (1) requires that the identity of a person opening an account with any financial institution is verified by the financial institution, and they must implement reasonable procedures to maintain identity information; and (2) provides law enforcement organizations broad investigatory rights, including warrantless searches.

Sarbanes-Oxley Act (SOX)

The key provisions of SOX require that: (1) public corporations implement extensive policies, procedures, and tools to prevent fraudulent activities; (2) financial control and risk mitigation processes be documented and verified by independent auditors; (3) executives of publicly traded companies certify the validity of the company's financial statements; and (4) business records must be kept for not less than five years.

SEC Rule 17A-4

SEC Rule 17A-4 requires that: (1) records that must be maintained and preserved and be available to be produced or reproduced using either micrographic media (such as microfilm or microfiche) or electronic storage media (any digital storage medium or system); and (2) original copies of all communications, such as interoffice memoranda, be preserved for no less than three years, the first two in an easily accessible location.

CFR Title 47, Part 42—Telecommunications

CFR Title 47, Part 42 requires that telecommunications carriers keep original records or reproductions of original records, including memoranda, documents, papers, and correspondence that the carrier prepared or that were prepared on behalf of the carrier.

CFR Title 21, Part 11—Pharmaceuticals

CFR Title 21, Part 11 requires: (1) controls are in place to protect content stored on both open and closed systems to ensure the authenticity and integrity of electronic records; and (2) generating accurate and complete electronic copies of records so that the Food and Drug Administration (FDA) may inspect them.

US Federal Authority on Archives and Records: National Archives and Records Administration (NARA)

The National Archives and Records Administration (nara.gov):

  • Oversees physical and electronic recordkeeping policies and procedures of government agencies, requiring adequate and proper documentation on the conduction of US government business;
  • Defines formal e-records as machine-readable materials created or received by an agency of the US federal government under federal law or in the course of the transaction of public business;
  • Requires that organized records series be established for electronic records on a particular subject or function to facilitate the management of these e-records.

NARA regulations affecting Federal agencies and their records management programs are found in Subchapter B of 36 Code of Federal Regulations Chapter XII.1,2

  • Part 1220—Federal Records; General
  • Part 1222—Creation and Maintenance of Records
  • Part 1223—Managing Vital Records
  • Part 1224—Records Disposition Program
  • Part 1225—Scheduling Records
  • Part 1226—Implementing Disposition
  • Part 1227—General Records Schedule
  • Part 1228—Loan of Permanent and Unscheduled Records
  • Part 1229—Emergency Authorization to Destroy Records
  • Part 1230—Unlawful or Accidental Removal, Defacing, Alteration, or Destruction of Records
  • Part 1231—Transfer of Records from the Custody of One Executive Agency to Another
  • Part 1232—Transfer of Records to Records Storage Facilities
  • Part 1233—Transfer, Use, and Disposition of Records in a NARA Federal Records Center
  • Part 1234—Facility Standards for Records Storage Facilities
  • Part 1235—Transfer of Records to the National Archives of the United States
  • Part 1236—Electronic Records Management
  • Part 1237—Audiovisual, Cartographic, and Related Records Management
  • Part 1238—Microform Records Management
  • Part 1239—Program Assistance and Inspections
  • Part 1240–1249—[Reserved]

US Code of Federal Regulations

In the Code of Federal Regulations there are over 5,000 references to retaining records. The Code can be found online at: www.ecfr.gov.

Canada*

The National Standards of Canada for electronic records management are: (1) Electronic Records as Documentary Evidence CAN/CGSB-72.34–2005 (“72.34”), published in December 2005; and, (2) Microfilm and Electronic Images as Documentary Evidence CAN/CGSB-72.11–93, first published in 1979 and updated to 2000 (“72.11”).3 72.34 incorporates all that 72.11 deals with and is therefore the more important of the two. Because of its age, 72.11 should not be relied upon for its “legal” content. However, 72.11 has remained the industry standard for “imaging” procedures—converting original paper records to electronic storage. The Canada Revenue Agency has adopted these standards as applicable to records concerning taxation.4

72.34 deals with these topics: (1) management authorization and accountability; (2) documentation of procedures used to manage records; (3) “reliability testing” of electronic records according to existing legal rules; (4) the procedures manual and the chief records officer; (5) readiness to produce (the “prime directive”); (6) records recorded and stored in accordance with “the usual and ordinary course of business” and “system integrity,” being key phrases from the Evidence Acts in Canada; (7) retention and disposal of electronic records; (8) backup and records system recovery; and (9) security and protection. From these standards practitioners have derived many specific tests for auditing, establishing, and revising electronic records management systems.5

The “prime directive” of these standards states: “An organization shall always be prepared to produce its records as evidence.”6 The duty to establish the “prime directive” falls upon senior management:7

5.4.3 Senior management, the organization's own internal law-making authority, proclaims throughout the organization the integrity of the organization's records system (and, therefore, the integrity of its electronic records) by establishing and declaring:

  1. The system's role in the usual and ordinary course of business.
  2. The circumstances under which its records are made.
  3. Its prime directive for all RMS [records management system] purposes, i.e. an organization shall always be prepared to produce its records as evidence. This dominant principle applies to all of the organization's business records, including electronic, optical, original paper source records, microfilm, and other records of equivalent form and content.

Being the “dominant principle” of an organization's electronic records management system, the duty to maintain compliance with the “prime directive” should fall upon its senior management.

Because an electronic record is completely dependent upon its ERM system for everything, compliance with these National Standards and their “prime directive” should be part of the determination of the “admissibility” (acceptability) of evidence and of electronic discovery in court proceedings (litigation) and in regulatory tribunal proceedings.8

There are 14 legal jurisdictions in Canada: 10 provinces; 3 territories; and the federal jurisdiction of the Government of Canada. Each has an Evidence Act (the Civil Code in the province of Quebec9), which applies to legal proceedings within its legislative jurisdiction. For example, criminal law and patents and copyrights are within federal legislative jurisdiction, and most civil litigation comes within provincial legislative jurisdiction.10

The admissibility of records as evidence is determined under the “business record” provisions of the Evidence Acts.11 They require proof that a record was made “in the usual and ordinary course of business,” and of “the circumstances of the making of the record.” In addition, to obtain admissibility for electronic records, most of the Evidence Acts contain electronic record provisions, which state that an electronic record is admissible as evidence on proof of the “integrity of the electronic record system in which the data was recorded or stored.”12 This is the “system integrity” test for the admissibility of electronic records. The word “integrity” has yet to be defined by the courts.13

However, by way of sections such as the following, the electronic record provisions of the Evidence Acts make reference to the use of standards such as the National Standards of Canada:

For the purpose of determining under any rule of law whether an electronic record is admissible, evidence may be presented in respect of any standard, procedure, usage or practice on how electronic records are to be recorded or stored, having regard to the type of business or endeavor that used, recorded, or stored the electronic record and the nature and purpose of the electronic record.14

There are six areas of law and records and information management (RIM) applicable to paper and electronic records:

  1. The laws of evidence applicable to electronic and paper records15
  2. The National Standards of Canada concerning electronic records16
  3. The records requirements of government agencies, such as the Canada Revenue Agency17
  4. The electronic commerce legislation18
  5. The privacy laws19
  6. The guidelines for electronic discovery in legal proceedings20

These six areas are closely interrelated and are based upon very similar concepts. They all make demands of records systems and of the chief records officer or others responsible for records. Therefore, a failure to satisfy the records management needs of any one of them will likely mean a failure to satisfy all of them. Agencies that manage these areas of law look to the decisions of the courts to determine the requirements for acceptable records.

Each of these areas of law affects records and information management, just as they are affected by the laws governing the use of records as evidence in legal proceedings—the laws of evidence. These relationships make mandatory compliance with the “prime directive” provided by the national standards, which states: “an organization shall always be prepared to produce its records as evidence.”21

United Kingdom

Regulations and Legislation Impacting Records Retention

“The following Acts and Statutory Instruments of the UK and Scottish Parliaments contain provisions that are relevant to records retention and disposal:”22

Acts of the UK Parliament

  • 1957 c31 Occupiers Liability Act 1957
  • 1969 c57 Employers’ Liability (Compulsory Insurance) Act 1969
  • 1970 c41 Equal Pay Act 1970
  • 1970 c9 Taxes Management Act 1970
  • 1973 c52 Prescription and Limitations (Scotland) Act 1973
  • 1974 c37 Health and Safety at Work (etc.) Act 1974
  • 1975 c65 Sex Discrimination Act 1975
  • 1976 c74 Race Relations Act 1976
  • 1980 c58 Limitation Act 1980
  • 1992 c4 Social Security Contributions and Benefits Act 1992
  • 1994 c30 Education Act 1994
  • 1994 c23 Value Added Tax Act 1994
  • 1995 c50 Disability Discrimination Act 1995
  • 1998 c29 Data Protection Act 1998

Acts of the Scottish Parliament

  • 2002 asp13 Freedom of Information (Scotland) Act 2002

Statutory Instruments of the UK Parliament

  • SI 1977/500 The Safety Representatives and Safety Committees Regulations 1977
  • SI 1981/917 The Health and Safety (First Aid) Regulations 1981
  • SI 1982/894 The Statutory Sick Pay (General) Regulations 1982
  • SI 1986/1960 The Statutory Maternity Pay (General) Regulations 1986
  • SI 1989/1790 The Noise at Work Regulations 1989
  • SI 1989/635 The Electricity at Work Regulations 1989
  • SI 1989/682 The Health and Safety Information for Employees Regulations 1989
  • SI 1991/2680 The Public Works Contracts Regulations 1991
  • SI 1992/2792 The Health and Safety (Display Screen Equipment) Regulations 1992
  • SI 1992/2793 The Manual Handling Operations Regulations 1992
  • SI 1992/2932 The Provision and Use of Work Equipment Regulations 1992
  • SI 1992/2966 The Personal Protective Equipment at Work Regulations 1992
  • SI 1993/3228 The Public Services Contracts Regulations 1993
  • SI 1993/744 The Income Tax (Employments) Regulations 1993
  • SI 1995/201 The Public Supply Contracts Regulations 1995
  • SI 1995/3163 The Reporting of Injuries, Diseases and Dangerous Occurrences Regulations 1995
  • SI 1996/1513 The Health and Safety (Consultation with Employees) Regulations 1996
  • SI 1996/341 The Health and Safety (Safety Signs and Signals) Regulations 1996
  • SI 1996/972 The Special Waste Regulations 1996
  • SI 1997/1840 The Fire Precautions (Workplace) Regulations 1997
  • SI 1998/1833 The Working Time Regulations 1998
  • SI 1998/2306 The Provision and Use of Work Equipment Regulations 1998
  • SI 1998/2307 The Lifting Operations and Lifting Equipment Regulations 1998
  • SI 1998/2573 The Employers’ Liability (Compulsory Insurance) Regulations 1998
  • SI 1999/3242 The Management of Health and Safety at Work Regulations 1999
  • SI 1999/3312 The Maternity and Parental Leave (etc.) Regulations 1999
  • SI 1999/584 The National Minimum Wage Regulations 1998
  • SI 2002/2675 The Control of Asbestos at Work Regulations 2002
  • SI 2002/2676 The Control of Lead at Work Regulations 2002
  • SI 2002/2677 The Control of Substances Hazardous to Health Regulations 2002

Other Provisions

  • HMCE 700/21 HM Customs and Excise Notice 700/21: Keeping [VAT] records and accounts
  • IR CA30 Statutory Sick Pay Manual for Employers CA30

Australia

Archives Act

The Archives Act 1983 empowers the Archives to preserve the archival resources of the Australian Government—those records designated “national archives.” Under the Act, it is illegal to destroy Australian Government records without permission from the Archives unless destruction is specified in another piece of legislation or allowed under a normal administrative practice.

The Act also establishes a right of public access to nonexempt Commonwealth records in the “open access period” (transitioning from 30 years to 20 years over the period 2011 to 2021 under amendments to the Act passed in 2010). Different open access periods exist for Cabinet notebooks (transitioning from 50 years to 30 years over the period 2011 to 2021) and records containing Census information (99 years).

Freedom of Information Act

The Freedom of Information Act 1982 gives individuals the legal right to access documents held by Australian Government ministers, departments, and most agencies, including Norfolk Island Government agencies. From November 1, 2010, the FOI Act also applies to documents created or held by contractors or subcontractors who provided services to the public or third parties on behalf of agencies.

The FOI Act applies to records that are not yet in the open access period under the Archives Act unless the document contains personal information (including personal information about a deceased person). The Archives Act regulates access to records in the open access period.

When a member of the public requests information, your agency must identify and preserve all relevant sources, including records, until a final decision on the request is made. The FOI Act also sets out how agencies may correct, annotate, or update records if a member of the public shows that any personal information relating to them is incomplete, incorrect, out of date, or misleading.

The FOI Act also establishes the Information Publication Scheme (IPS), which requires agencies subject to the FOI Act to take a proactive approach to publishing a broad range of information on their website. The IPS does not apply to a small number of security and intelligence agencies that are exempt from the FOI Act.

Australian Information Commissioner Act

The Australian Information Commissioner Act 2010 established the Office of the Australian Information Commissioner. The OAIC has three sets of functions. These are:

  1. Freedom of information functions—protecting the public's right of access to documents under the amended Freedom of Information Act and reviewing decisions made by agencies and ministers under that Act.
  2. Privacy functions—ensuring proper handling of personal information in accordance with the Privacy Act 1988.
  3. Government and information policy functions, conferred on it by the Australian Information Commissioner Act 2010—these include strategic functions relating to information management and ensuring maximum coordination, efficiency and transparency in government information policy and practice.

As part of its government and information policy function, the OAIC is committed to leading the development and implementation of a national information policy framework to promote secure and open government. It aims to achieve this by driving public access to government information and encouraging agencies to proactively publish information.

Privacy Act

The Privacy Act 1988 regulates the handling of personal information by Australian Government agencies, ACT government agencies, ACT government agencies, Norfolk Island Government agencies, and a range of private and not-for-profit organizations. The Privacy Act regulates the way in which personal information can be collected, its accuracy, how it is kept secure, and how it is used and disclosed. It also provides rights to individuals to access and correct the information that organizations and government agencies hold about them. Records in the open-access period as defined in the Archives Act 1983 are not covered by the Privacy Act. The Privacy Act also sets out requirements that may apply when an agency enters into a contract under which services are provided to the agency.

Evidence Act

The Evidence Act 1995 defines what documents, including records, can be used as evidence in a Commonwealth court.23

All agencies need to take account of evidence legislation. A court may need to examine records as evidence of an organization's decisions and actions. General advice on the impact of the Evidence Act is given in the publication Commonwealth Records in Evidence (pdf, 418kb).

Electronic Transactions Act

The Electronic Transactions Act 1999 encourages online business by ensuring that electronic evidence of transactions is not invalidated because of its format. This Act does not authorize the destruction of any Australian Government records, whether originals or copies. The obligations placed on agencies under the Archives Act 1983 for the preservation and disposal of Commonwealth records continue to apply.

Financial Management and Accountability Act

The Financial Management and Accountability Act 1997 states that an APS employee who misapplies, improperly disposes of, or improperly uses Commonwealth records may be in breach of the Financial Management and Accountability Act (s. 41). Regulation 12 of the Act requires that the terms of approval for a proposal to spend money be recorded in writing as soon as practicable.

Australian Government records fall within the meaning of “public property” as defined in this Act.

Crimes Act

The Crimes Act 1914 outlines crimes against the Commonwealth. Several parts of the Act relate to records. For example, section 70 prohibits public servants (or anyone working for the Australian Government, including contractors and consultants) from publishing or communicating facts, documents, or information that they gain access to through their work unless they have permission to do so. This includes taking or selling records that should be destroyed.

This Act also makes it an offence for someone to intentionally destroy documents that they know may be required as evidence in a judicial proceeding.

Identifying Records Management Requirements in Other Legislation

Your agency [or business] needs to be aware of the legislation governing its own records practices.

Some legislative requirements apply to many agencies [and businesses]. For example, occupational health and safety legislation requires an organization to keep certain types of records for prescribed periods of time. Requirements that apply to all agencies are included in the National Archives’ Administrative Functions Disposal Authority.

Other legislative requirements may apply only to the particular business of one or a number of agencies.

Recordkeeping requirements may be stipulated in your agency's enabling legislation (legislation that established the agency) or in specific legislation that your agency is responsible for administering.24

Notes

  1. 1. NARA Records Management Guidance and Regulations, www.archives.gov/records-mgmt/policy/guidance-regulations.html (accessed October 17, 2012).
  2. 2.   NARA Records Management Guidance and Regulations, www.archives.gov/about/regulations/subchapter/b.html (accessed October 17, 2012).
  3. 3.   These standards were developed by the CGSB (Canadian General Standards Board), which is a standards-writing agency within Public Works and Government Services Canada (a department of the federal government). It is accredited by the Standards Council of Canada as a standards development agency. The Council must certify that standards have been developed by the required procedures before it will designate them as being National Standards of Canada. 72.34 incorporates by reference as “normative references”: (1) many of the standards of the International Organization for Standardization (ISO) in Geneva, Switzerland. (“ISO,” derived from the Greek word isos (equal) so as to provide a common acronym for all languages); and, (2) several of the standards of the Canadian Standards Association (CSA). The “Normative references” section of 72.34 (p. 2) states that these “referenced documents are indispensable for the application of this document.” 72.11 cites (p. 2, “Applicable Publications”) several standards of the American National Standards Institute/Association for Information and Image Management (ANSI/AIIM) as publications “applicable to this standard.” The process by which the National Standards of Canada are created and maintained is described within the standards themselves (reverse side of the front cover), and on the CGSB's website (see “Standards Development”), from which website these standards may be obtained; online: www.ongc-cgsb.gc.ca.
  4. 4.   The Canada Revenue Agency (CRA) informs the public of its policies and procedures by means, among others, of its Information Circulars (ICs), and GST/HST Memoranda. (GST: goods and services tax; HST: harmonized sales tax, i.e. the harmonization of federal and provincial sales taxes into one retail sales tax.) In particular, see: IC05-1, dated June 2010, entitled, Electronic Record Keeping, paragraphs 24, 26 and 28. Note that use of the National Standard cited in paragraph 26, Microfilm and Electronic Images as Documentary Evidence CAN/CGSB-72.11-93 is mandatory for, “Imaging and microfilm (including microfiche) reproductions of books of original entry and source documents….” Paragraph 24 recommends the use of the newer national standard, Electronic Records as Documentary Evidence CAN/CGSB-72.34-2005, “To ensure the reliability, integrity and authenticity of electronic records.” However, if this newer standard is given the same treatment by CRA as the older standard, it will be made mandatory as well. And similar statements appear in the GST Memoranda, Computerized Records 500-1-2, Books and Records 500-1. IC05-1. Electronic Record Keeping, concludes with the note, “Most Canada Revenue Agency publications are available on the CRA website, www.cra.gc.ca, under the heading ‘Forms and Publications.’”
  5. 5.   There are more than 200 specific compliance tests that can be applied to determine if the principles of 72.34 are being complied with. The analysts—a combined team of records management and legal expertise—analyze: (1) the nature of the business involved; (2) the uses and value of its records for its various functions; (3) the likelihood and risk of the various types of its records being the subject of legal proceedings, or of their being challenged by some regulating authority; and, (4) the consequences of the unavailability of acceptable records—for example, the consequences of its records not being accepted in legal proceedings. Similarly, in regard to the older National Standard of Canada, 72.11, there is a comparable series of more than 50 tests that can be applied to determine the state of compliance with its principles.
  6. 6.   Electronic Records as Documentary Evidence CAN/CGSB-72.34-2005 (“72.34”), clause 5.4.3 c) at p. 17; and, Microfilm and Electronic Images as Documentary Evidence CAN/CGSB-72.11-93 (“72.11”), paragraph 4.1.2 at p. 2, supra note 49.
  7. 7.   72.34, Clause 5.4.3, ibid.
  8. 8.   “Admissibility” refers to the procedure by which a presiding judge determines if a record or other proffered evidence is acceptable as evidence according the rules of evidence. “Electronic discovery” is the compulsory exchange of relevant records by the parties to legal proceedings prior to trial. As to the admissibility of records as evidence see: Ken Chasse, “The Admissibility of Electronic Business Records” (2010), 8 Canadian Journal of Law and Technology 105; and, Ken Chasse, “Electronic Records for Evidence and Disclosure and Discovery” (2011) 57 The Criminal Law Quarterly 284. For the electronic discovery of records see: Ken Chasse, “Electronic Discovery—Sedona Canada is Inadequate on Records Management—Here's Sedona Canada in Amended Form,” Canadian Journal of Law and Technology 9 (2011): 135; and Ken Chasse, “Electronic Discovery in the Criminal Court System” Canadian Criminal Law Review 14 (2010): 111. See also note 18 infra, and accompanying text.
  9. 9.   For the province of Quebec, comparable provisions are contained in Articles 2831-2842, 2859-2862, 2869-2874 of Book 7 “Evidence” of the Civil Code of Quebec, S.Q. 1991, c. C-64, to be read in conjunction with, An Act to Establish a Legal Framework for Information Technology, R.S.Q. 2001, c. C-1.1, ss. 2, 5-8, and 68.
  10. 10. For the legislative jurisdiction of the federal and provincial governments in Canada, see The Constitution Act, 1867 (U.K.) 30 and 31 Victoria, c. 3, s. 91 (federal), and s. 92 (provincial); at online: www.canlii.org/en/ca/laws/stat/30---31-vict-c-3/latest/30---31-vict-c-3.html.
  11. 11. The two provinces of Alberta and Newfoundland and Labrador do not have business record provisions in their Evidence Acts. Therefore “admissibility” would be determined in those jurisdictions by way of the court decisions that define the applicable common law rules; such decisions as, Ares v. Venner, [1970] S.C.R. 608, 14 D.L.R. (3d) 4 (S.C.C.), and decisions that have applied it.
  12. 12. See for example, the Canada Evidence Act, R.S.C. 1985, c. C-5, ss. 31.1-31.8; Alberta Evidence Act, R.S.A. 2000, c. A-18, ss. 41.1-41.8; (Ontario) Evidence Act, R.S.O. 1990, c. E.23, s. 34.1; and the (Nova Scotia) Evidence Act, R.S.N.S. 1989, c. 154, ss. 23A-23G. The Evidence Acts of the two provinces of British Columbia and Newfoundland and Labrador do not contain electronic record provisions. However, because an electronic record is no better than the quality of the record system in which it is recorded or stored, its “integrity” (reliability, credibility) will have to be determined under the other provincial laws that determine the admissibility of records as evidence.
  13. 13. The electronic record provisions have been in the Evidence Acts in Canada since 2000. They have been applied to admit electronic records into evidence, but they have not yet received any detailed analysis by the courts.
  14. 14. This is the wording used in, for example, s. 41.6 of the Alberta Evidence Act, s. 34.1(8) of the (Ontario) Evidence Act; and, s. 23F of the (Nova Scotia) Evidence Act, supra note 10. Section 31.5 of the Canada Evidence Act, supra note 58, uses the same wording, the only significant difference being that the word “document” is used instead of “record.” For the province of Quebec, see sections 12 and 68 of, An Act to Establish a Legal Framework for Information Technology, R.S.Q., chapter C-1.1.
  15. 15Supra notes 54 to 59 and accompanying texts.
  16. 16Supra notes 49 and 52 and accompanying texts.
  17. 17Supra note 50 and accompanying text.
  18. 18. All 14 jurisdictions of Canada have electronic commerce legislation except for the Northwest Territories. See for example, the Personal Information Protection and Electronic Documents Act, S.C. 2000, c. 5, Parts 2 and 3; Ontario's Electronic Commerce Act, 2000, S.O. 2000, c. 17; and, British Columbia's Electronic Transactions Act, R.B.C. 20001, c. 10. The concept of “system integrity” in the Evidence Acts (supra note 58 and accompanying text), is also found in the electronic commerce legislation. See for example, s. 8 of the Ontario Electronic Commerce Act, 2000, under the heading, “Legal Requirement re Original Documents.”
  19. 19. For example, Part 1, “Personal Information Protection,” of the federal Personal Information Protection and Electronic Documents Act (PIPEDA), S.C. 2000, c. 5, which applies within provincial legislative jurisdiction as well as federal, until a province enacts its own personal information protection Act (a PIPA”), which displaces it in the provincial sphere. British Columbia, Alberta, and Quebec are the only provinces that have done so.
  20. 20. The dominant guideline for electronic discovery in Canada is, The Sedona Canada Principles—Addressing Electronic Discovery; online: The Sedona Conference, Canada, January 2008: www.thesedonaconference.com/content/miscFiles/canada_pincpls_FINAL_108.pdf or www.thesedonaconference.org/dltForm?did=canada_pincpls_FINAL_108.pdf and, E-Discovery Canada website, hosted by LexUM (at the University of Montreal), online: www.lexum.umontreal.ca/e-discovery. And see also the law journal articles concerning electronic discovery cited in note 54 supra.
  21. 21Supra notes 52 and 53 and accompanying texts.
  22. 22. “Information Governance Record Retention Guidance, www.rec-man.stir.ac.uk/rec-ret/legislation.php (accessed October 17, 2012).
  23. 23www.comlaw.gov.au/Details/C2012C00518(accessed November 30, 2012).
  24. 24. National Archives of Australia, www.naa.gov.au/records-management/strategic-information/standards/recordslegislation.aspx (accessed October 17, 2012).
  25. *  This section was contributed by Ken Chasse J.D., LL.M., member of the Law Society of Upper Canada (Ontario) and of the Law Society of British Columbia, Canada.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.224.95.38