Chapter 5: Regulation and institutions: rules, roles and frames – Records Management and Knowledge Mobilisation

5

Regulation and institutions: rules, roles and frames

Abstract:

Governments are a kind of institution with established practices, rules and ways of behaving, and regulate change through various institutional devices. Records management promotes stability and continuity through institutional rules, as an internal regulator. It promotes a logic of consensus, which tends to draw all members of an organisation into common knowledge structures which frame their way of seeing the world. Innovative change must challenge these embedded values to be successful.

Key words

government institutions

institutional norms

institutional change

regulation

knowledge structures

self-reinforcing systems

Opinions on the relative virtues of the administrative state have always differed, and yet it has a tenacity and resilience in maintaining its traditions and practices that endures through time and events. Government is an institution with characteristics and a ‘spirit’ that continues regardless of changes in political complexion, economic and social developments, and personnel: an institution that has the ability to both respond to, and absorb, change whilst maintaining continuity. Many of the features of government administrations have evolved to serve this end, providing checking devices and counterbalances to the pendulum of politics and management fashions. Yet some periods call for a rapid pace of change, when a failure to respond to wider social developments risks losing credibility, and then the institutions of government are a barrier not a bulwark.

In general, government has both a regulatory and a service provider function: it provides some services itself and regulates the market for others. Innovation, fast or slow, is always necessary: in planning outcomes, in deciding how best to deliver objectives, in determining which partners to work with, in drawing effectively on all available resources, in adapting methods of regulation, and so on. Government is a knowledge-based business: innovation drives new knowledge within the public sector, but regulation constrains the extent to which new knowledge can be generated, by setting the conditions in which it operates.

As part of its remit, records management too plays a regulatory role within public bodies, overseeing the information they generate and its conformance with the formal rules of management and governance. The turn towards information management reinforces this role, embedding records management disciplines within business processes and workflows, and requiring users to conform to them. Information management systems also have an innovatory aspect; new systems aim, for example, to rationalise information flow through business processes, to improve decision-making through better information access or to share common data between business processes. This has the effect of reinforcing and polishing existing fundamental structures, often expressed as a wish to organise records and information management around the shape of the business. In contrast, the turn towards knowledge highlights a different role in innovation, shifting the emphasis from a top–down implementation focus to a bottom–up support of knowledge development – emphasising the innovations that bubble up from the business, from seeing new ways to do better things at ground level.

The dilemma for records and information management is: how to be both regulator and innovator at the same time. These two roles are normally separate functions: the innovator enthusiastically forges ahead, overcoming barriers and breaking new ground; and the regulator keeps a (light or heavy) hand of restraint on progress, ensuring that innovations remain within the bounds of legality, balance and good governance. These contrasting roles suit two different kinds of mindset and personality – and how can the two operate successfully in the same body at the same time? Conventionally, records management is seen as a force for stability, while knowledge mobilisation is a force for change, and yet they both have a role in generating, systematising and sharing knowledge. How regulation and innovation can work together to best effect is explored in this and the next chapter.

The role of institutions

Regulation operates through institutions. An institution is not the same as an organisation, although the terms are often used interchangeably. The UK National Health Service is an institution which is made up of many different organisations that share common principles; the university is an institution of higher education which has a well-defined purpose and ethos that is put into practice by many individual universities as independent organisations. A national civil service is an institution, with an accepted role and set of values, sometimes set out in a code of practice with sanctions for its enforcement, and in some countries also operates as a single organisation for administrative purposes. The laissez-faire marketplace is an institution, within which many different commercial organisations compete with each other; their interactions are constrained by formal legal rules (with physical penalties if they are broken) and informal conventions (which, if broken, result in loss of reputation): together, these represent our modern beliefs on the acceptable ways of doing business.

Institutions, as the term is used here, are composed of three sets of elements:

 formal and explicit rules which determine behaviour and govern interaction between members, and to which all are subject;

 informal values, norms and conventions – professional, social, ethical, etc. – that are understood by members, and which inform acceptable behaviour and interactions;

 sanctions which can enforce the rules: through legal statute, corporate policies, peer group pressure, economic incentives, for example.

Institutional arrangements play a vital role in structuring the social bonds that hold a society and economy together, because they give it order and form, and establish a set of practices as standard and routine. These formal rules, conventions, behavioural norms and sanctions promote trust and confidence among participants because they are predictable, reliable and widely understood. Markets rely on a common understanding of contracts, so that each transaction does not have to be negotiated from scratch; governments rely on political institutions that shape the relationships between state and citizen to demonstrate their legitimacy; regulatory regimes delineate the areas that fall within their scope and develop repeatable procedures to ensure fair and consistent treatment.

Institutional practices run across, and operate within, organisations. A lecturer, for example, can relocate to a post in a different university and still expect things to work in broadly the same way: what is expected of her, and what she expects of others, will be similar. The formal and informal rules which govern behaviour are much the same across all central government departments, and across local government administrations. In the National Health Service, patient expectations of medical behaviour are constant regardless of the particular hospital or surgery they are attending; the same conventions of healthcare are enforced across the range of health providers, even though quality may vary, and they are effectively in competition. ‘Institutions are the rules of the game, organizations are the players: it is the interaction between the two that shapes institutional change’ (North, 2005: 59)

Institutions regulate behaviour through highly developed enabling, coordinating, motivating or constraining mechanisms to which all participants are subject because they represent ideas deeply embedded in society as a whole. Formal rules and conventions are often encapsulated as organisational procedures, and sometimes backed up by statute. Procedures can be seen as a kind of knowledge base, accumulating and refining a store of tested and accepted responses to commonly recurring problems; not as objective technical solutions, but as accepted social conventions about the way something works. The point is not whether it actually is the best way or not; the point is that we all, at least for the time, tend to believe it is.

Organisations consist of members brought together by a common interest, whether commercial, professional, economic, political or religious. They work within a framework of institutions and their rules in order to reduce uncertainty and build confidence; but they may also, in pursuit of their own interests, seek to influence the rules and conventions which govern acceptable behaviour – to set the ‘rules of the game’ – in their favour. The participants in a public-private partnership (PPP), for example, will each draw on the resources of parallel institutions – the free market and the bureaucratic state – to influence the formal arrangements in their favour. Organisations respond to the constraints of institutional rules, depending on the nature of the situation, their degree of entrepreneurship and the opportunities for change. In a stable situation, a high consensus on accepted values and acceptable behaviour prevails, and institutional change is low; in a turbulent environment, where ideas are in flux and accepted norms are adapting, public opinion can be influenced and priorities are in debate, or where tools, methods and technologies offer new possibilities, the possibilities for change are higher.

Individuals – how they behave and make decisions, within organisations and within society in general – are also influenced by institutions. In a seminal work, March and Olsen (1989) defined two distinct institutional logics that shape the way decisions are made on policy and practice issues, which they called:

 a logic of consequentiality, which is driven by expectations about the consequences of choosing a course of action; individuals make a rational calculation about the costs and benefits, and likely results, in terms of their own self-interests and preferences, attempting to make outcomes fulfil their own wishes; and

 a logic of appropriateness, in which an understanding of the formal rules and procedures, and informal norms and expectations, shapes what is considered appropriate behaviour; individuals understand their own role in a situation, what is expected of them, what they expect of others, and act accordingly.

In any one organisation, one type of logic or the other will tend to be dominant. Private sector organisations work within the bounds of legally defined market institutions, but show a much stronger logic of consequentiality in their culture: getting results, even by breaking rules, is prized above following correct procedures. This means that they can respond quickly to changes in their environment, adapting rules and operating procedures, and allowing greater latitude to individual judgements. Public sector organisations, which have a strong institutional bias, conventionally display a logic of appropriateness, stressing the importance of following correct and proper procedures. These embody established ideas of accountability and public service, and insulate staff from the pressures of inappropriate influence by sectional interests; but at the expense of agility and rapid change.

Stability, continuity and change

Institutions are a force for stability and continuity. They stress a logic of appropriateness that is embodied in explicit procedures and codes of practice, as well as implicit ideas about appropriate behaviour and values. Normal change comes through adaptation and refinement, in a dynamic process between common understanding of a problem and accepted responses to it. More radical change to institutional procedures is difficult due to:

 high costs and the greater uncertainty which embarking on change invokes;

 existing interests and power relations embedded in procedures;

 path dependency: past choices limit future actions;

 embedded knowledge structures: the ‘stickiness’ of taken-for-granted ideas and social categories.

Rules and procedures may take the form of explicit instructions or programmed workflows in IT systems, but change means much more than simply rewriting them; they represent deeply embedded patterns of thinking and working which have been assimilated by staff over a period of time. Rules cannot make every variation explicit and rely on the ability of staff to apply the principles correctly in new situations. It is the quality of the fit between the formal rules and the informal norms and conventions that guides this interpretation: the two adapt and evolve together, and the costs of redesign can be high, involving cultural as well as procedural change.

Because institutional procedures govern the way individuals, groups and organisations interact with each other, they represent a balance of interests that has evolved over time – in which some interests are more dominant than others. Operational policies and procedures embody a particular set of values – by making clear what is important and what is not – and these in turn are an expression of particular interests, conferring power on some by removing it from others: for example, in the UK, annual settlement budgets fund local government and the central core executive can vary its control over local policies by increasing or decreasing the proportion of ring-fenced grants (which specify allowable spending) to the main formula grant (which does not). Procedural change involves a change in the balance of relative status and powers – here, amending the overall structure of the budget is also a symbolic statement on the relative importance between central and local controls over policy implementation – creating both winners and losers.

An institution evolves over time and is already on a pathway that is determined by decisions taken in the past, which may have made commitments that cannot easily be reversed. The legacy of these inherited commitments constrains the choices that are available for the future: the concept of path dependency. It may be more beneficial to continue on the same path rather than risk the uncertainty of change, even though new thinking suggests that some form of change would give better results: visible in the conflict between evidence-based proposals that promote ‘what works’ and past experience that reinforces ‘we’ve always done it this way’. There may be a high reputational cost to reversing past commitments: for example, once a particular welfare benefit has been established, it tends to be perceived as a right and any attempt at abolition involves significant political risks.

As well as embedding explicit knowledge in procedures, institutions embed a ‘deep structure’ of concepts and categories in the mental models of those who participate in them – a working classification system. This enables fast processing of cases when applying procedures and effective communication about them with others, allowing selection from a set of pre-arranged categories, rather than working through every case anew on each occasion. The concept of family and marriage provides categories such as spouse, civic partner, working parent; the welfare state fixes categories such as benefit claims, unemployment, disability or paternity leave; the concept of immigration classifies individuals as visa-holders, emigrants or asylum-seekers. These knowledge categories are reflected in procedure design and in turn embedded in information systems as organising structures for data: for example, the functional fileplans of records management systems implement a particular categorisation of functions, although there are many possible ways of dividing up the wealth of documents they hold.

In these ways, such knowledge structures are expressed as a common language for perceiving the world they describe, one which is closely bound up with the perceived identity of organisational members that work with them. On the one hand, this is advantageous in building a common culture and purpose, and a more cohesive organisational vision; on the other, it makes changing that culture more difficult. For example, changing an organisational vision of the tax and revenue government department from one of ‘detecting and punishing tax avoidance’ to ‘helping clients to meet their tax responsibilities’ involves a fundamental change in staff ways of perceiving and representing the world of tax – a reclassification of its features – as well as simple changes in procedures.

Records management as an internal regulator

Records management has conventionally assumed its scope to be focused on the organisation by which its managers are employed. From this perspective, its role is to secure the body of core information which is regarded as constituting the formal corporate record, to avoid discovery of a lack of compliance with external regulatory regimes and to protect organisational information against unwanted use by others. It stresses compliance, continuity, stability and retention of corporate memory through a top-down approach that requires users to conform to standard practices and organising principles. Particularly in an electronic environment, users are required to: recognise a record when they create one, categorise it correctly and file it in the right place; know the formal rules that apply to exchange and re-use; and retrieve information from existing records as required. They are discouraged from hoarding personal ‘information silos’, such as individual e-mail inboxes; instead they are expected to make these available to their colleagues.

In short, they are expected to know, and follow, the ‘rules of the game’.

While records management is primarily seen as a function within organisations, the rules and systems of information governance which it draws upon have some of the aspects of an institution in themselves, at least within the public sector. There exists a set of formal rules, many of which are formulated in legislation – data protection, freedom of information, certain retention periods, rules for due diligence – with sanctions for infraction; and a set of professional norms and values that guide practice and, for users, inform the ‘right thing to do’ (whether or not they actually do the right thing is a slightly different question). It counts as an institution to the extent that the same formal rules and informal norms are applied across the range of organisations that make up the sector. These institutional aspects of the regulation of information are clearly set to grow: the trends towards greater public-private coordination, collaboration between public sector organisations, professional direction and community participation all imply the need for a more robust set of rules on information-sharing, knowledgegeneration and ownership, and rights of public access; and the ubiquitous nature of networks and the consequent ‘leakiness’ of information systems will set the framework for them.

Records management also inherits many of its rules from the institutional frameworks to which the parent organisation belongs. As well as being subject to their influences as an overall framework, in some ways it is part of the interface between organisations and institutions. It sits astride the organisational boundary, enabling the organisation to demonstrate that it is meeting expectations and following the formal rules. In fact, there appears to be a good fit between the exhortations of records management and the expectations of institutions: both stress the idea of appropriateness, a desire that members understand and practise correct behaviour. Records management is thus a good partner to institutional forces when there is no clash with organisational working cultures; but where there is, issues of user resistance predominate. This point illuminates, for example, the difficulties that many EDRM systems implementations have found, clashing with users who feel it to be a restrictive and unnecessary administrative burden on their work. This resistance can be understood as a clash between the institutional logic of appropriateness (‘doing the right thing’) and a logic of consequentiality (‘getting a result and moving on’) which may be dominant at the organisational level. In this light, there are implications for the success in the culture change initiatives that records managers often feel are needed: such change is about much more than attitudes to information governance and risk. It involves changing values and assumptions that are deeply embedded in people’s beliefs about their individual and organisational identities: ideas about ‘who we are’ that guide everyday decisions.

Within the organisation, records management promotes a parallel kind of appropriateness that we might call a logic of consensus. It aims to consolidate all corporate information within one, or a very few, organising frameworks and to draw all members of the organisation into this schema. These organising schemas – functional fileplans or business classification systems – are constructed of sets of related categories, which together make up a ‘picture’ of the organisation. All documents which users create must be slotted into one or other of these categories, a repeated process that slowly nudges individuals into thinking about their work in these terms. Schemas ‘frame’ an approved view of the organisation, in the same way that a picture of a landscape is defined by the borders of a physical frame.

Many pictures are possible; setting the position of the borders determines a particular one by defining what is within, and what is without, the frame. Since individual users must create, store and retrieve information for their daily work from these schemas and systems, they are required to match their individual mental models of their work – how they structure their own knowledge and act upon it – to these corporate categories. This is a powerful unifying force, which has particular advantages, because it helps to:

 build a common identity and a common sense of purpose, and to integrate newcomers into this common understanding;

 promote operational efficiency by regulating behaviour, reducing uncertainty and decision-making time, since repeated activities become more automatic;

 promote effectiveness, to the degree that individual and corporate models match up, and the fit these make with wider institutional and social perceptions.

In contrast, it also has disadvantages, where:

 incremental institutional change is not reflected and the fit becomes poor, so the organisation suffers ‘information drift’: information structures mirror the world as it used to be, not as it is now;

 radical institutional change, responding to sudden shocks to the system, challenges the organisation to keep pace, so that fixed ways of thinking and acting can become part of the problem;

 exploration and production of new knowledge, involving partner organisations, service users or experience from other administrations, must be mobilised to reframe – change the perception of – difficult problems, in order to find new solutions to them.

Records management as a self-reinforcing system

From this perspective, records management has a self-reinforcing tendency, with both advantages and disadvantages: the more successful it is as a dominant corporate information system, the more it channels users’ ways of thinking and acting into the model schema it represents, in a positive feedback loop, reinforcing embedded ideas and knowledge structures. Put another way: one of the building blocks of an EDRM system is the business classification scheme which it uses to organise and structure records, and this is derived from an analysis of business functions and the pattern of records they create. At the same time, the existence of the scheme mediates between the individual user and the kind of records they create, constraining and channelling what is possible, rewarding behaviour that reinforces consensus and discouraging attempts to step outside the frame and look at issues afresh. This has important implications for considering the ways that evidence is created and used in public policy and delivery.

A common model for decision-making supposes a hierarchy of data, information and knowledge: firstly, at the base, raw data about a problem is collected as input; then analysed and interpreted as meaningful information; and finally abstracted and synthesised as tested and proven knowledge – each is a building block for the level above. An idealised rational decision-making process assumes that problem-solving proceeds in stages: identifying a problem; researching options for possible solutions; evaluating all options and selecting the best; determining indicators of success and implementing the chosen course of action. We can make this more specific for a records management system: reliable and authentic records on a topic are captured and organised in a particular structure, and these collectively form a base for the production of evidence by analysing their content and context; accumulating a weight of evidence which in turn delivers insights that improve knowledge about that topic (see Figure 5.1). This approach typifies the physical paradigm of knowledge as an explicit entity.

Figure 5.1 Records management as a self-reinforcing regulatory system

Yet we know, from the work of Simon and others on ‘bounded rationality’ (e.g. 1991), that the ability of individuals to interpret quantities of data is quite limited and that decision-makers with limited time are often seeking justification for a course of action they have already decided on by a more intuitive process. We look for patterns rather than process data. We tend to decide on the categories of evidence that we expect to find and then seek it out; and the more firmly these categories are built into the frame of an all-encompassing corporate information system, the more likely it is that such evidence will be created. We tend to create that which we expect to find.

Michaels et al. (2006; see also Tuomi, 2000) describes how the conventional data-information-knowledge hierarchy can be reversed: ‘… knowledge is a prerequisite for information and information is a prerequisite for data … all data is collected with specific purposes, assumptions and expectations in mind and in a particular social and theoretical context.’ First, we have to know about the problem, know why we think it is important, what a better outcome would look like and how to bring it about; then we can decide what constitutes evidence of change and set about collecting the data within the framework defined by those answers. In a records management context, knowledge structures frame ideas about allowable evidence, which in turn stimulates the creation of records. We create the appropriate tools to measure what we are looking for, and this in itself fixes some of the meaning in the data which those tools are working on. This scenario is a manifestation of the cognitive paradigm of knowledge.

These two aspects are brought together in Figure 5.1. Starting from the lower left-hand box, evidence is derived through analysis of the content and context of available records and the results are woven into existing knowledge structures by a process of synthesis – fitting the new knowledge into a recognisable framework of understanding, which is extended incrementally rather than being challenged and radically altered. This predominant knowledge structure, in turn, provides the frame through which other problems and issues are perceived, and sets the criteria that determine what does, and does not, count as legitimate evidence to aid understanding of those issues. Seeking this evidence, codifying and systematising it according to expectations, creates new records which feed back into the start of the cycle. The effect is self-reinforcing: we tend to be more receptive to evidence that fits well with our existing ideas and to look for new evidence that we can make best sense of within the context of what we already know.

Self-reinforcing consultation

One example of this self-reinforcing effect can be observed in a typical public consultation (rather than participation) process. Initial research work is synthesised as a draft report, structured and presented in a particular way, setting the agenda for items that can be discussed

Comments are invited on these items, or questionnaires designed, which frame the evaluation, and evidence from outside this frame is treated as errant and systematised out. The resulting ‘good fit’ of the consultation with the original draft report reinforces its broad assumptions and reasoning. The consultation can influence the details within the existing framework, but any challenges to the overall shape or direction are lost.

The influence of this self-reinforcing effect is present within records management system implementations, in that a logic of consensus encourages conformance with business classification systems, rules on record creation, capture, filing, retention and disposal. This intention to promote a corporate information model aims to pull all staff into the knowledge structures embedded in the records and information systems, to improve consistency and continuity. Without any intervention from outside the system, there is little opportunity for different and challenging forms of knowledge to enter the mix. From this perspective, records management appears quite closed as an information system; good for supporting consensus, stability and continuity, but poor at supporting change.

On the ground, of course, there are many other influences on individuals and organisations, and other routes by which new forms of knowledge are brought in; and the activity of knowledge mobilisation is to encourage the production and synthesis of this new knowledge, from participants, stakeholders, lessons learned elsewhere, and so on. Indeed, the sea-changes that are flowing through the business of government will purposefully bring different organisations and institutions, cultures and perceptions, knowledge and understanding, into the public policy mix, with the hope of benefitting from a broader base of ideas and interests.

Regulating knowledge

The suggestion that knowledge is, and especially that it should be, regulated is at first sight a controversial proposal. The arguments for regulating the production and flow of information are widely understood; such regulation takes two forms:

 preventing the generation, and particularly exchange, of information – examples include: restrictions on the re-use of personal data; security classification of sensitive material; rules for automatic declassification of public records (e.g. after 25 years in the US, now 20 years in the UK); commercial information that carries a competitive advantage;

 requiring the production and distribution of information – examples here include: provision of performance data by public sector agencies and others; contractual details revealing the terms of financial services; company reporting and accounts; requests which do not qualify for refusal under freedom of information legislation.

The idea that knowledge might also, in some circumstances, be subject to regulation tends to raise spectres of totalitarianism and bigotry; but in fact there are many examples where such governance is accepted unquestioningly by most people:

 The transfer of knowledge and expertise on nuclear weapons technology to some countries is controlled at an international level.

 Scientific research and development activity in technologies such as genetic engineering and reproductive cloning are closely regulated.

 National and international systems to oversee intellectual property rights restrict opportunities to deploy knowledge for social and economic development in less advanced countries.

 Foreign policy is largely based on the ability to acquire, and restrict others from acquiring, knowledge for competitive advantage.

The inflow and outflow of knowledge is also controlled in more subtle ways, for example in:

 the description of records management as self-reinforcing, in which the system as a whole acts as a kind of restrictive codebook, in which some forms of knowledge can be encoded as records and made explicit, but others do not have the means to take a recognised form;

 distributing the encoded knowledge, but retaining the codebook through which it can be interpreted; for example, by controlling access to a professional level of practice and experience through membership associations;

 social networking technologies which adopt a restricted language and categories, reinforcing the self-selection of members and ‘silo’ style thinking;

 organisational cultures in which the norms and values of dominant interest groups are so strong as to ‘blank out’ challenging ideas which do not fit the mould.

An interactive knowledge, records and governance approach has to ask:

 How does records management become more hospitable to innovation and change, while still retaining the virtues of governance: stability, continuity and memory, compliance?

 How does knowledge mobilisation make the most productive connections between knowledge resources (generators, synthesisers and users) while still respecting and upholding principles of information governance?

 How does an interactive approach distinguish between situations in which knowledge should be brought within the formal information management regime, and those in which it should be given free rein to develop as it will?

Key principles for an integrated knowledge, records and governance approach

 Understand the rules of the game: both the formal and informal rules, at organisational and institutional levels, and the dominant logics at work.

 Map the relationship between knowledge and records, linking the networks of knowledge with the hierarchies of records.

 Focus on inflows as well as outflows: the positive as well as the negative aspects of governance – making good things happen as well as stopping bad ones.