|Failing to maintain control over critical
documents -- say, blueprints of a moon-
sized space station -- can be devastating.
When Rogue One: A Star Wars Story arrives in theaters this week, audiences will finally learn how the Rebel Alliance got their hands on the Death Star plans, an event referenced in the opening crawl of the original 1977 film. The space station schematics were central to the plot of A New Hope, ultimately enabling the Rebellion to uncover the key weakness that Luke Skywalker exploited to destroy the Empire's ultimate weapon.
For the Empire, failing to secure its critical information – the Death Star plans – was catastrophic. For an organization working in a regulated environment, failing to maintain control over all of its critical documents and data can also be devastating.
Despite the risks of not securely managing controlled content in a regulated environment, many companies continue to maintain manual document management or document control processes that are error-prone, cause delays and introduce product quality problems.
In recent survey findings from Harris Interactive, 83 percent of knowledge workers said they face problems relating to document management and collaboration on a daily basis. Common issues include: wasting time looking for files; confusion about the right version of a document; manually merging changes from multiple contributors; working on the wrong or outdated version; and sending the wrong version to someone.
Imagine producing a batch of pharmaceutical ingredients and only then discovering that an outdated version of the standard operating procedure (SOP) was followed. The consequences can be disastrous.
One solution is to automate document control processes. Automating document management and control – with either electronic document management software (EDMS) or enterprise quality management software (EQMS) – enables organizations to securely create, modify, store and control their critical documents and records.
For regulated organizations using automated systems, a key advantage is the ability to cease the unauthorized or unwanted circulation of printed and electronic “rogue” documents. For organizations using manual systems, rogue documents often get shuffled around offices and shop floors or transmitted via email. In many cases, important documents can be copied, distributed and shared with unauthorized people. Rogue documents can result in anything from inefficient processes, time wasted, rework and poor decisions, to costly penalties, delayed time to market, product recalls and even loss of clients.
By automating their document control processes, regulated organizations are better armed to strike a blow against rogue documents in three key ways.
When it comes to creating or updating documents, issues often occur when employees use manual collaboration methods such as routing via paper or email. These methods often generate multiple versions of the same document and increase the likelihood of numerous disparate edits that need to be reconciled. Moreover, in a manual system, the document being passed around for changes can easily be misplaced or sit in a collaborator’s desk or inbox indefinitely.
Robust document control software enables authorized personnel to easily collaborate, no matter their location, in a secure environment. A virtual collaboration workspace lets users route, review, revise or approve a document in real time. Such a workspace allows each collaborator to view the contributions of others immediately and add input without waiting for someone else to unlock the document. Redlines visible to all team members minimize duplication of efforts.
To further manage collaborative changes that will result in a single version of a document, the system should automate document routing, approval and escalation, and follow-up should be automatic. Customizable notifications should notify collaborators or approvers in a route to act on their specific tasks. To expedite collaboration and approval, the system should incorporate time-based escalation, so if a team member is unavailable for a certain period of time, the document is sent to the next person authorized to approve it.
Tracking down the right document is made all the more difficult when multiple versions of the document are in circulation. In a paper-based or partly electronic system, there could be multiple unwanted versions of a document, meaning users may use an obsolete or uncontrolled version of an SOP, technical drawing or product specification that is too readily available.
Ineffective version control and archiving is a common problem for companies with paper-based document management systems. Approximately 81 percent of Harris Interactive respondents reported having worked on the wrong version of a file.
When the newest revision of a document is approved and released, the previous version(s) should be automatically archived so only the current version is accessible. An automated document control system helps ensure that employees are using the most recent – and correct – version. With automatic revision control, a document in the revision process becomes available for reference only upon approval of the revision.
To further control rogue electronic documents, an electronic system should enable copies to “self-destruct” after the time allotted to a document expires. The software should provide capabilities to manage printed copies of documents – such as expiration dates automatically watermarked on the document – and prevent unauthorized printing, saving or copying of documentation.
The theft of the Death Star plans – the premise of Rogue One – highlights, among other things, the importance of securely managing an organization’s critical information. Document security is vital for organizations facing strict regulatory requirements relating to document control. For instance, the Food and Drug Administration’s (FDA) 21 CFR Part 11 emphasizes security practices that limit access to authorized users and hold them accountable for written policies.
A robust electronic system will enable FDA-regulated companies to maximize document security in a number of ways. It provides vault functionality that ensures authorized access only, as well as a reliable audit trail of any change made to a document. The software allows system administrators to create individually tailored user and roles; some users’ rights may be limited to viewing while others’ may include edit privileges. Login and approval are automatically locked when either is compromised.
It is important to remember that effective document control requires balancing security with accessibility. That is why any EDMS or EQMS should serve as a single, centralized source repository, enabling authorized users to search for, access and review the latest version of any stored document. This way, documents will not get lost because the automated system can track every document’s exact location while employing approval history tracking, time-stamped audit trail, reporting and electronic signature capabilities.