Author: Alan Kong

Saving important work notes and photos on your phone may be convenient, but there are risks. Here Alan Kong, Government Services' Manager of Standards and Policy, explores the new record-keeping superpower - the mobile device.


A matter of convenience

We all know what it's like to start drawing a complex diagram on the company white board, and before you can fully appreciate your masterpiece, you have to rush to another appointment.

Without thinking, you whip out your phone and take a quick snap of the drawing. Your ideas and company project plan is now in your phone, and not in a secure environment.


Welcome to 21st Century of record-keeping!

There is little doubt that BYOD (short for Bring Your Own Device) affords us the freedom to complete work outside a traditional office environment. Our phones make it easy to address emerging issues promptly, and this trend is expected to continue and expand.

However, as Voltaire wisely said, ''with great power comes great responsibility''.

Using your mobile device will create new risks. Don't believe me? All you have to do is cast your mind back to any recent hacked celebrity pictures scandal.

Ask yourself, do you want internal documents ending up in the wrong hands?


Mitigate the risks

So what to do? For starters, you can follow the below three steps.

  • First, take a deep breath. No one is taking your iphone away. Consult your office's internal policy on the use of mobile devices in general. If you choose to bring your own device, make sure this is compliant to your office's BYOD policy and procedure, particularly noting any limitations on the use of apps to access, create and manage Agency data.
  • Second, think about your record footprint. What have you created or received today via mobile devices in the course of your duties? What are your responsibilities as the device owner/carrier? Have you synced data back to your record-keeping system?
  • Third, think about the unique risks associated with using your mobile devices when receiving and creating records and what you can do to mitigate these risks.

Consider SIC:

Security (unauthorised physical access, loss of handset, system breaches etc)

Integrity (blurred between personal and business records, work saved across multiple devices etc)

Control (version control, loss of control when creating documents via apps etc).


For more information, please read our Mobile Technologies and Recordkeeping Issues Paper.