If you’re looking for a reliable definition of what a ‘record’ is, refer to the ISO (the International Organization for Standardization) standard 15489-1 on information and documentation - records management. It defines a record as, “information created, received, and maintained as evidence and information by an organization or person, in pursuance of legal obligations or in the transaction of business.”

The standard specifies that a record should contain associated metadata or link to it. This metadata should include:

1. The structure of the record, including its format.

2. The date, time, participants, and other information on the business process the record is part of.

3. Links to other documents.

A record must be authenticated; be an accurate representation of a transaction; be readily useable; and have its integrity protected. So organizations should have policies to confirm the authorship of records and their time of creation. Records should be created at the same time the transactions to which they relate take place. It must be possible to retrieve records and understand them in their proper context. Records cannot be altered without authorization.