Specific procedures for generating and preserving hash algorithms will depend on many factors including individual workflows, storage environments, and the quantity of discrete files or data. Integrity protection requires on-going communication and coordination with storage management providers. Calculated hash values should be kept alongside the materials for which they reference or in a reference file. Hash values should be kept for as long as needed to verify that a file hasn't changed.
Since cryptographic hash digests are subject to corruption and obsolescence, the Archives should have a plan to migrate its hash digests every few years. Keep in mind that new, more secure hashes are likely to have larger outputs (e.g., 256 bits for SHA-2 vs. 160 bits for SHA-1) and be more computationally expensive.