Records Management

The University recognises that the efficient management of its records is necessary in order to support its core functions, to comply with its legal and regulatory obligations and to enable the effective management of the institution.

The policy follows from the University 's Records Management Strategy. Its purpose is to ensure the creation and maintenance of authentic, reliable and useable records, with appropriate evidential characteristics, within the University by establishing a framework and accountabilities for records management, through which best practice can be implemented and audited.

The policy covers:

• Scope of the policy
• Objectives of a records management system
• Responsibilities
• Relationship with existing policies and legislation
• Guidance available
• Status of this document
• Contacts

1. Scope of the policy

1.1 This policy applies to all records created, received or maintained by University staff in the course of carrying out their University functions. Records and documentation created in the course of research, whether internally or externally-funded, are also subject to contractual and academic record-keeping requirements.

1.2 Records are defined as all those documents, regardless of format, which facilitate University activities (e.g. teaching, learning and research) and the business carried out by the University and which are thereafter retained (for a set period) to provide evidence of its transactions or activities. These records may be created, received or maintained in hard copy or electronically, and include email.

1.3 Records management is defined as a field of management responsible for the efficient and systematic control of the creation, receipt, maintenance, use, distribution, storage and disposal of records (ISO/DIS 15489). It constitutes a series of integrated systems related to the core processes of the University that ensure that evidence of, and information about, its activities and transactions are captured and maintained as viable records.

1.4 A small percentage of the University's records will be selected for permanent preservation, as part of the institution's archives, for historical research and as an enduring record of the conduct of University functions and business.

2. Objectives of a records management system

2.1 Records contain information that is a unique and invaluable resource and important operational asset. A systematic approach to the management of the University's records is essential to protect and preserve records as evidence of our actions.

2.2 Records management is necessary to

•  ensure that the University conducts itself in an orderly, efficient and accountable manner

•  realise best value through improvements in the quality and flow of information and greater coordination of records and storage systems

•  support core University functions, teaching and research, providing evidence of conduct and the appropriate maintenance of associated tools, resources and outputs

•  meet legislative and regulatory requirements

•  deliver services to staff and stakeholders in a consistent and equitable manner

•  assist and document policy formation and managerial decision making

•  provide continuity in the event of a disaster

•  protect the interests of the organisation and the rights of employees, clients and present and future stakeholders

•  establish an institutional and cultural identity and maintain a corporate memory.

3. Responsibilities

3.1 The University has a corporate responsibility to maintain its records and record-keeping systems in accordance with the regulatory environment. The member of the University's senior management with overall responsibility for this policy is the Registrar and Secretary. Since records management is a business and accountability issue, the Registrar and senior management of the University have a major stake in the implementation of best practice.

3.2 The University's Records Manager is responsible for drawing up guidance for good records management practice and promoting compliance with this policy in such a way as to ensure the easy, appropriate and timely retrieval of information. The Records Manager will advise on policy and best practice and will report to the Keeper of Archives and the Registrar and Secretary. The Records Manager also has responsibility for the University Archive and is the University's Data Protection and Freedom of Information Officer.

3.3 Heads of departments and units have overall responsibility for the management of records generated by their departments' activities, namely to ensure that the records created, received and controlled within the purview of their department or unit, and the systems (electronic or otherwise) and procedures they adopt, are managed in a way which meets the aims of the University's records management policy. They are assisted in this by departmental Records Liaison Officers.

3.4 Members of staff with designated responsibilities for computing and systems' administration are accountable to their head of department for ensuring that electronic systems and the functions/transactions performed by their programs comply with this policy and related requirements.

3.5 Records Liaison Officers, nominated from within University departments, provide a key point of contact between departments and the University Records Manager in the implementation of records management and compliance policies. Designated by their Head of Department, they are responsible for liaising with the Records Manager on behalf of their departments, disseminating central guidance to colleagues and assisting in the local implementation of procedures and best practice.

3.6 Committee Secretaries are responsible for ensuring that a full record of a committee's business (its minutes, agenda and all supporting papers) is preserved and that any documents generated or received electronically are printed in hard copy format and form part of the full and official record. This official record, in paper format and designated for permanent retention in the University Archive, will be taken as the definitive and authentic copy where minutes are not signed. Copies of minutes, reports and papers may then be distributed and shared electronically. Such copies will be the personal responsibility of individual committee members.

3.7 Individual employees must ensure that the records for which they are responsible are complete and accurate records of their activities, and that they are maintained and disposed of in accordance with the University's records management guidelines.

4. Relationship with existing policies and legislation

4.1 This policy has been formulated within the context of University policies and guidelines, national legislation and sectoral/professional standards and is intended to act as a framework to support standards and promote compliance with legislative and regulatory environments. Key policies and legislation related to this policy are cited below.

4.2 University documents

• Ordinances and Regulations
• Information Strategy
• Records Management Strategy
• University Data Protection Policy
• Information Access and Security Policy
• Freedom of Information Policy
• Policy for the University Archive
• Web Strategy

4.3 Legislation ( http://www.opsi.gov.uk/ )

• Environmental Information Regulations 2004
• Privacy and Electronic Communications (EC Directive) Regulations 2003
• Freedom of Information Act 2000
• Regulation of Investigatory Powers Act 2000
• Data Protection Act 1998
• Human Rights Act 1998
• Disability Discrimination Act 1995
• Copyright, Design and Patents Act 1988
• Limitations Act 1980

4.4 Professional Standards / Codes of Practice

• Lord Chancellor's Codes of Practice under Sections 45 and 46 of the Freedom of Information Act 2000
• BS 6498:2002 Guide to the preparation of microfilm and other microforms that may be required as evidence
• ISO/TR 10200:1991 Legal admissibility of microforms
• BSI DSC PD0008:2004 A Code of Practice for Legal Admissibility and Evidential Weight of Information Stored Electronically (3rd edition)
• BSI DSC PD5000:2002 Legal admissibility: an international code of practice for electronic documents and e-business transactions for evidence, audit, long-term duty of care
• ISO 15489:2001 Information and Documentation – Records Management
• BS 4783 Storage, transportation and maintenance of media for use in data processing and information storage
• BS 7799 Code of practice for information security management
• ISO 9706:1994 Information and Documentation – Paper for Documents – Requirements for Permanence
• ISO/IEC DIS 11799 Information and Documentation – Documentation and Storage Requirements for Archive and Library Materials
• The National Archives, 1999 Functional Requirements and Testing of Electronic Records Management Systems
• JISC, Study of the Records Lifecycle (revised 2003)
• HEFCE, Information on Quality and Standards in Higher Education

5. Guidance

This policy establishes a framework for guidance on the procedures necessary to comply with the policy. Advice and guidance on the following areas is available from the Records Manager:

• creation and receipt of records
• records survey
• retention periods for records
• security and storage of records
• disposal of records
• freedom of information
• data protection
• copyright
• transfer and transmission of records
• references
• ownership of records
• electronic records
• archival records: selection criteria
• legislation, standards and external codes of practice affecting record keeping
• glossary of terms

6. Status of this Document

Approved by Information Committee.

7. Contacts

Records Management, Compliance and the University Archive

Dr Charles Fonge, Borthwick Institute, cf13@york.ac.uk

Keeper of Archives, Borthwick Institute

Mr Christopher Webb, Borthwick Institute, ccw1@york.ac.uk