Vulnerable small

Records of transactions for long-lived financial products and services contracted between individuals and corporations.  These records typically contain or depend on significant amounts of personal information and outlast the infrastructure on which they were created.

Group: Sensitive Data

Trend: New Entry

Consensus Decision

Added to List: 2017

Last update: 2017

Previous category: Of Concern

Imminence of Action

Action is recommended within three years, detailed assessment within one year.

Significance of Loss

The loss of tools, data or services within this group would impact on many people and sectors

Effort to Preserve

It would require a small effort to preserve materials in this group, with the deployment of proven tools or techniques.


Applications, correspondence and ancillary records relating to pensions, mortgages and insurances and other contracts of long duration. This includes corporate databases, email, web archives and EDRMS and may require some co-ordination of paper, microfiche, born digital and digitized records.  Records will likely include the scope and duration of the contract as well as any agreed changes during the lifetime of the product.  It may also include evidence of misselling or other sharp practice which only becomes apparent after the fact.  This entry pertains to the corporate records rather than personal records. 

‘Endangered’ in the Presence of Aggravating Conditions

Lack of corporate preservation planning; lack of preservation within procurement of corporate systems; companies conflating backup with preservation; loss of integrity and authenticity; loss of context and connections to provide meaning; lack of preservation capability within agencies; lack of preservation voice at executive level; poor planning and roadmap for corporate infrastructure; proliferation of legacy systems; slapdash procurement or migration of new systems; mergers and acquisitions leading to confusion of corporate systems; lack of compliance, audit or accountability at operational levels; encryption.

‘Lower Risk’ in the Presence of Good Practice

backup and documentation; use of open formats and open source software; considered data management planning; licencing that enables preservation; preservation capability in designated repository; resilient to hacking; selection and appraisal in place; authenticity and integrity of records managed; resilient funding and recognition at executive level; technology watch; regular preservation audits; accreditation and participation in professional preservation community.

2019 Review

This entry was introduced in 2017 but was outside the competence of the judges to assess at that time.  It was assessed in 2019 with additional expertise invited to the panel to support this assessment.

Additional Jury Comments

This is a diverse category which may need to be sub-divided again. 

Scroll to top