QIC Guru

The standard states: Records established to provide evidence of conformity to requirements and of the effective operation of the quality management system shall be controlled. The organization shall establish a documented procedure to define the controls needed for the identification, storage, protection, retrieval, retention and disposition of records. Records shall remain legible, readily identifiable and retrievable. (ref. 4.2.4)

Let’s spell out each requirement:

• Legible – You must ensure handwritten records can be easily read and that you protect paper records from deterioration that might affect their readability.
• Readily Identifiable – Each record should be uniquely identified through a number, code, title, date, storage location or other appropriate method. Anyone looking at the records should be able to easily tell what they are looking at.
• Retrievable – Every record should be filed and stored in such as way as to be easy to find and access when needed.

In addition, you must have a documented procedure for controlling records. In the procedure you must address how your organization handles the following:

• Identification – What minimum information must be added to every record for identification (see “Readily Identifiable” above).
• Storage – How hardcopy and electronic records are stored to protect them.
• Protection – What methods must be used to preserve records from loss or wear and tear. For hardcopy records, you may want to include where files are kept, in what types of storage containers and any environmental concerns (moisture, temperature, etc.). For electronic records, be sure to include how the data is backed-up regularly.
• Retrieval – Describe how records are cataloged or otherwise organized to aid easy access.
• Retention Time – Specify minimum and/or maximum retention requirements for each type of record. Be sure to establish a schedule to review your records according to your requirements.
• Disposition – Determine how you will dispose of records when scheduled. For confidential records, be sure you are clear about how you intend to destroy the records.