Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
CAN CSA Z243.301-91 (2004) / CAN CGSB 200.27-91: Electronic Imaging — Legal Admissibility of Records
Comprehensive Guide to the Canadian Standard for Legally Admissible Electronic Records
Scope and Purpose
The standard CAN CSA Z243.301-91 (2004) / CAN CGSB 200.27-91—Electronic Imaging — Legal Admissibility of Records—establishes requirements for the creation, maintenance, and storage of electronic images of records to ensure their admissibility as evidence in legal proceedings in Canada. Originally published in 1991 and reaffirmed in 2004, it remains a key reference for organizations transitioning from paper to electronic record-keeping systems.
The standard applies to all organizations that generate, capture, or retain records in digital image format, including government agencies, financial institutions, healthcare providers, and private enterprises. It covers both the imaging process (scanning, microfilming, and digital capture) and the management system that governs record integrity, authenticity, and security over the entire retention period.
Note: The standard is dual-numbered (CSA and CGSB), reflecting collaboration between the Canadian Standards Association and the Canadian General Standards Board to unify best practices across public and private sectors.
Technical Requirements
Image Quality and Resolution
To achieve legal admissibility, images must be accurate and legible reproductions of the original documents. The standard specifies minimum resolution levels depending on the document type and purpose:
| Document Type | Minimum Resolution (lp/mm) | Bit Depth (Gray Scale/Color) | Test Target |
|---|---|---|---|
| Text documents (e.g., letters, reports) | 5.0 | 1 bit (monochrome) | IEEE 167A or equivalent |
| Technical drawings (A0–A4) | 6.3 | 1 bit (monochrome) | RIT-21 or IEEE 167A |
| Documents with fine detail (e.g., signatures, forms) | 7.1 | 8 bit (gray scale) | ISO 3334 |
| Color originals (e.g., maps, photographs) | 5.0 | 24 bit (color) | ISO 12641 |
Resolution is measured using line-pair test charts that are included in every daily capture batch to verify system performance. The standard also requires that image compression (e.g., CCITT Group 4, JPEG) does not degrade quality below the required thresholds.
System Security and Integrity
Strict security controls must be implemented to prevent unauthorized alteration or deletion of records:
- Access control: Role-based permissions with individual user authentication (e.g., smart cards or biometrics) for both capture and management systems.
- Audit trails: Immutable logs recording every action (capture, retrieval, modification, deletion) with timestamp and operator ID.
- Data integrity: Checksums and digital signatures to detect tampering during storage or transmission.
- Backup and disaster recovery: Offsite copies and periodic restoration tests to ensure record availability.
Important: The audit trail itself must be tamper‑proof and retainable for the same period as the records it tracks. Many legal challenges focus on system logs rather than the images themselves.
Retention and Disposition
Records must be retained for their legally defined life cycle, which may be governed by other regulations (e.g., Canada Evidence Act, provincial statutes). The standard requires:
- Clear retention schedules based on record type and legal hold requirements.
- Storage in non‑rewritable (WORM) media or equivalent technology that prevents erasure or overwriting before expiration.
- Disposal procedures that render records unrecoverable (e.g., degaussing, shredding, or certified deletion).
Implementation Considerations
Successful adoption of the standard requires a holistic approach that integrates technology, procedures, and training.
Procedural Controls
Organizations must develop documented policies that cover:
- Operator training and certification (including annual refresher).
- Daily system verification using test targets.
- Handling of exceptions (e.g., damaged originals, scanners out of calibration).
- Chain of custody from receipt of paper records through scanning, indexing, and archival.
Tip: Include a quality assurance step where a sample of each batch (e.g., 10%) is inspected for image clarity, indexing accuracy, and correct metadata before releasing the batch into the long‑term repository.
Migration and System Upgrades
As hardware and software evolve, records must remain accessible and authentic. The standard calls for:
- Migration plans that preserve image quality and associated metadata.
- Testing of migrated records against the original using checksums or representative sampling.
- Documentation of all migration actions as part of the audit trail.
Compliance and Legal Admissibility Notes
Compliance with the standard does not guarantee automatic legal admissibility—courts evaluate each record on a case‑by‑case basis. However, demonstrating adherence CAN CSA Z243.301-91 / CAN CGSB 200.27-91 provides strong evidence of reliability and trustworthiness, which is essential under common law and the Canada Evidence Act.
Key points for compliance professionals:
- Independent audit: Engage a third party to assess your imaging system against each clause of the standard.
- Records officer: Appoint a designated officer responsible for maintaining compliance and liaising with legal counsel.
- Periodic review: The standard was reaffirmed in 2004; staying current with updates (e.g., newer ISO 12650 series) is advisable even if not mandatory.
- Cross‑referencing: The Canadian standard aligns with international best practices such as ISO/TR 15801 (documentation of electronic imaging systems) and ISO 12651‑1 (electronic records management).
Warning: Using lossy compression (e.g., JPEG with high compression ratios) may render a record inadmissible if the original detail is irreversibly lost. Always verify image quality with a legal expert before finalizing your compression strategy.
Frequently Asked Questions
Q: Is compliance with CAN CSA Z243.301-91 / CAN CGSB 200.27-91 mandatory for all Canadian organizations?
A: No, it is a voluntary standard. However, courts often look to it as a benchmark for establishing the reliability of electronic records. Many regulators (e.g., in financial services and healthcare) require adherence as a condition of retention or as part of industry best practice.
A: No, it is a voluntary standard. However, courts often look to it as a benchmark for establishing the reliability of electronic records. Many regulators (e.g., in financial services and healthcare) require adherence as a condition of retention or as part of industry best practice.
Q: Can scanned PDF files meet the image quality requirements of the standard?
A: Yes, if the scanning resolution, compression, and color depth are set to the minimum levels specified in the standard. PDF itself is a container; the critical factor is the internal image properties. It is recommended to use PDF/A‑1 or PDF/A‑2 for archival purposes to avoid long‑term accessibility issues.
A: Yes, if the scanning resolution, compression, and color depth are set to the minimum levels specified in the standard. PDF itself is a container; the critical factor is the internal image properties. It is recommended to use PDF/A‑1 or PDF/A‑2 for archival purposes to avoid long‑term accessibility issues.
Q: Does the standard cover born‑digital records or only scanned documents?
A: The primary focus is on electronic images derived from paper or microform originals. For born‑digital records, other standards (such as those from the ISO 12650 series or the Open Archival Information System, ISO 14721) may be more suitable. However, the security and audit trail requirements of this standard are still applicable.
A: The primary focus is on electronic images derived from paper or microform originals. For born‑digital records, other standards (such as those from the ISO 12650 series or the Open Archival Information System, ISO 14721) may be more suitable. However, the security and audit trail requirements of this standard are still applicable.
Q: How long must audit trails be retained?
A: At least as long as the records they describe. The standard recommends retaining audit logs for the full retention period plus a statutory period (e.g., one audit cycle) after record destruction, to document the lawful disposition.
A: At least as long as the records they describe. The standard recommends retaining audit logs for the full retention period plus a statutory period (e.g., one audit cycle) after record destruction, to document the lawful disposition.
Last updated: 2026