Kamusal Bilgi ve Veri Yönetimi Politikaları Çerçevesinde Özel Güvenlik Gerektiren Belgelerin Yönetimi

Abstract

In enterprise information systems, data, information and records with various and different characteristics are created or provided. Confidentiality, which is the most important of these features, is a special security measure used to prevent unauthorised access to data, information and records. When records requiring special security cannot be managed successfully, it leads to failure to take the necessary security measures, damage to personal privacy and national security, national and international interests, increase in the workload and cost of records processes and decrease in effectiveness, and prevention of the right to information. The purpose of this research is to establish a framework for confidential document management in public institutions, to determine policies and procedures for ensuring document confidentiality and security, to determine the requirements for confidential document management processes carried out in different environments, and to propose a model for document management that requires special security, including documents that are not confidential but require special security. The research data obtained by document analysis method were analysed using descriptive analysis technique. As a result of the research, the hypothesis determined as ‘Since holistic policies for the management of records requiring special security have not been established within the framework of public information and data management policies in public institutions in Turkey, there are uncertainties in defining the degree of confidentiality for the relevant records series, organizing, using, archiving and protecting these records and using technological tools in the processes’ has been confirmed. It has been determined that confidential records management is carried out at different organisational levels in physical or electronic environments according to the degree of confidentiality. It has been observed that different structures have been established within the scope of the units where confidential records will be created and maintained, the evaluation of the degree of confidentiality, the reduction, removal or destruction of the degree of confidentiality, and information request objections. In line with the research findings, a model has been developed for records requiring special security. Recommendations have been made to improve the existing confidential records management practices of public institutions, to establish more effective confidentiality policies and procedures, and to improve audit processes.