records management policy and procedures

RTI and Privacy 2.3 All staff, consultants and contractors must make and keep full and accurate records of their activities to en… In this function, the RTI and Privacy Officer may deal with prospective applicants and liaise with organisational units regarding access to documents. They should include the management of all records and media types, including email. Title: Records Management Policy and Procedures: Description: The policy details the responsibilities of Department staff in relation to the creation and maintenance of records, whether in paper or electronic format.It highlights the penalties for non-compliance with the State Records Act 2000. Charges may apply for providing copies of requested information. For the purposes of this policy, a record is any document or data, irrespective of format, which evidences business activities. Vice-Chancellor and President. These policies define what information your organization must keep as a record, the procedures for managing those records, their retention periods, and procedures for ensuring their secure destruction. 2.2 Records created, received or discovered which contain information that may allow people to establish links with their Aboriginal or Torres Strait Islander heritage will be protected and made accessible. Personal information held by the University is collected and managed in a responsible, secure manner, in compliance with the Information Privacy Principles outlined in the Information Privacy Act. Your company may have separate policies for records retention, active files, unused files, emails, and several other areas … Assistance in determining records of this nature is available via Information Management Services, following criteria outlined by Queensland State Archives for substantial contribution to community memory. Making initial decisions regarding release of documents within the time periods stipulated in the RTI Act. x��\[��8�~���G{�ś.���\&��������>L�Acˎ�m�Gr:��t��)Q7w����$iQ$�XUd}U,�՛����S���՛�)_.6�oW���]�~�/�n�ݾ�O�cy����'l�[�o���:x��]���Q�i�� Transfer of inactive records must be completed as outlined in the Records Management Procedure – Retention and Disposal of University Records. Refer to Policy Site for latest version. Approved by Executive Committee: 25 January 2012 . The Records Management Policy and Outreach Program, under the Office of the Chief Records Officer for the U.S. Government, is responsible for developing Federal records management policies and guidance related to records creation, management, and disposition with an emphasis on electronic records. 5.1 The University approach to information access is one of openness, encouraging a culture of information sharing to ensure organisational effectiveness. Filing System; Record Retention Policy and Long Term Storage; Record Destruction; Files Records Management Procedure References. According to the ISO 15489-1:2001, records management involves tasks like setting policies and standards, assigning responsibilities and authorities, establishing procedures and guidelines, providing access to management and use of records, and integrating records management into business systems and processes. Information management resources for staff are available on the Staff Intranet. 4.3 Endorsed systems for the storage of corporate information are listed in the ICT Security - Operational Policy, Schedule A – Business Systems. stream 1. 2.1 The Directorate has requirements under the Act to make, manage and keep records to support its business needs, legal and regulatory obligations and to meet broader community expectations. To access the Information Asset Register, contact Information Management Services unit. 8.5 The University has a commitment to monitoring information practice compliance, and risk, via the Information Management Services unit. Records Management Policy and Records Management Procedures. Information asset management, authority and accountability. The University uses a number of general and agency-specific authorities to determine retention, destruction and transfer actions for its records. Searching {{ model.searchType }} for returned no results. Records management, also known as records and information management, is an organizational function devoted to the management of information in an organization throughout its life cycle, from the time of creation or receipt to its eventual disposition.This includes identifying, classifying, storing, securing, retrieving, tracking and destroying or permanently preserving records. Pro tip: To search, just start typing - at any time, on any page. Your records management program should support policies and procedures both legally and operationally. Ownership of the policy rests with the Chief Information Officer who is responsible for reporting to NSW State Archives regarding compliance with l… In the event that information cannot be located, a written explanation of what steps have been taken to locate them must be provided to the RTI and Privacy Officer. The records management procedures of Ingquza Hill Municipality comply with legal requirements, including those for the provision of evidence. Information asset quality is in line with business needs. Corporate records are destroyed after fulfilling the minimum retention period set out in records authorities issued by the Queensland State Archives. endobj Guidelines for Managing Trustworthy Digital Public Records. Assisting the RTI and Privacy Officer in the related duties. <> It forms the basis for formulating policy, managing resources and delivering services to the public. Business processes must ensure the maintenance of reliable information and records. Document and Records Management Procedure is to ensure that documents and records are appropriately created, captured, accessed, managed and stored in a manner that reflects business, corporate and regulatory compliance requirements. 1 1. 8.6 A Records Disaster Recovery Plan is maintained to minimise the loss of University records in the event of a disaster. The objectives should be aligned with the agency's business outcomes. 3 0 obj Records Management Policy . Because it includes so many things, records management can be a bit daunting, but … ×. No charges apply for applications to access or amend a person’s own personal information. It is not necessary to attach paper copies of born-digital records to official folders. This includes ensuring: Administration of information asset, as directed by the relevant Information Asset Steward. CQUniversity CRICOS Provider Code: 00219C. Updating information relating to their units under the Publication Scheme. 1 0 obj USC acknowledges the Traditional Custodians of the land on which its campuses sit. 7.1 The University demonstrates a commitment to maintaining a robust information security environment, further addressed in the Information and Communication Technology (ICT) Security – Managerial Policy. Please refer to the University’s Glossary of Terms for policies and procedures. Corporate records must not be maintained in email folders, shared drives, personal drives or external storage media as these lack the necessary functionality. Files Records Management Procedure Activities. Information management activities are delivered via annual Information Management Action Plans, overseen by the Information Management Committee. Understanding the business process, value, security level, and risks of the information asset. 8.4 Information and records management training is provided for University staff to the level of their responsibility under this policy, via the Information Management Services unit. The default information asset security classification is INTERNAL. These procedures apply to all University information and records, in all formats. The timely disposal of information and records is essential for effective management. Guidelines on managing information in specific systems are available on the Staff Intranet, including: Information in shared network drives – Guidelines. Records management also provides a basis … Retention Schedule revised 23 November 2020. It has been developed in consultation with staff and will be revised on a regular basis. <>>> Processing of applications is conducted within the timeframes set out in the RTI Act. See Personal information – Guidelines. Establishing business processes to locate information held in their areas. Add digitised copies of born-physical records and attach the physical record to the official folder. Published 28 July 2015 From: Endorsed systems for the storage of records … Records Management Programme A records management programme is the systematic and consistent control of all records throughout their lifecycle. The use of organisational templates is encouraged (accessed via the Staff Intranet). Establishing business processes to locate information held in their areas. In this function, the RTI and Privacy Officer may deal with prospective applicants and liaise with organisational units regarding access to documents. <> This policy has been authorised by the Director and is available to all staff. Formal internal reviews of decisions made by the RTI and Privacy Officer, if requested by the applicant. The Vice-Chancellor and President has delegated this responsibility as per the Information Management Framework – Governing Policy. These objectives should be clearly defined, measurable, achievable, relevant and set with a time frame in mind. Endorsed systems for the storage of records are listed in Schedule A. 8.3 Whilst information re-use is encouraged, information duplication is discouraged. The purpose of this policy is to provide guidance and direction on the creation and management of information and records and to clarify staff responsibilities. Minutes from these committee meetings are available on the Staff Intranet. 1. 1. Under the Information Privacy Act, a person has the right of access to documents of the University that contain that person’s personal information. Review Officer / Deputy Vice-Chancellor (Academic). It has been developed in consultation with Councillors and … This includes records substantially contributing to the knowledge and understanding of aspects of University history, society, culture, environment and people. The RMP policies are listed below and are housed on the University Policy Office site. Organisations such as staff and student unions, sports associations and companies such as the Innovation Centre Pty Ltd are regarded by the University as independent for the purposes of RTI applications. Providing leadership, direction and strategic advice on the planning and delivery of the Information Management Strategy, Roadmap and Action Plan in alignment with USCs Planning Framework. Born-physical records include documents containing wet signatures. Records and Information Management Procedures. endobj All employees of the University of Connecticut are required to be aware of the fact that records management procedures exist, and to ensure that records are maintained, retained, stored, disposed of and, as appropriate, destroyed only in accordance with such procedures and the Records Retention Schedules. Refer to Identifying records – Guidelines. Information intended for public use/consumption and intended for distribution outside the University. Retention periods in records authorities take into account all business, legal and government requirements for the records. Health Insurance Portability Accountability Act (HIPAA) Age Discrimination in Employment Act (ADEA) Americans With Disabilities Act (ADA) Civil Rights Act of 1964 Business process for the information asset is established. USC is a member of the Regional Universities Network, Institute for Cyber Investigations and Forensics, Information and Records Management - Procedures, Disposal of Digitised Records - Procedures, Information Management Framework - Governing Policy, Glossary of Terms for policies and procedures, Assessing corporate systems as recordkeeping systems – Guidelines, ICT Security - Operational Policy, Schedule A – Business Systems, Information in shared network drives – Guidelines, Disposal of Digitised Records – Procedures, Information and Communication Technology (ICT) Security – Managerial Policy, Information asset security and handling – Guidelines. 4.2 All University records must be captured in an approved records management system. Retention Retention indicates how long the records have to be kept before the disposal action is undertaken. The Information Asset Register records organisational information asset metadata to assist with information asset management, classification, and planning. Information asset value to the organisation is fully realised. POL005 – Records Management Policy and Procedures V7.1 and any new legislation affecting records management as it arises. We recognise and pay respect to Elders past, present and emerging. 5.2 Ownership of information, and records created or received during the course of business is vested in the University, unless otherwise agreed. The Policy and Outreach Program champions the critical importance of Federal records management … � n��ǏI��a�`GO�}������_���_����ߗ/������*4����H�:�L�QL����_�zQ��K���+���c���˕^�%�����P�ϧ ;�������z�Jߖ�. Assigning responsibilities for information asset management ensures the information asset is appropriately identified and managed throughout its lifecycle and is accessible to appropriate stakeholders. Records Management Policy and Procedure Effective Date: 02/09/2020 Reference Number: 503 Page 4 of 18 Once PRINTED, this is an UNCONTROLLED DOCUMENT. These procedures provide guidance and direction on the management of information and records throughout the information lifecycle. The University will release requested documents to an applicant unless on balance it is considered contrary to the public interest to do so, the documents are considered exempt under the Act, or documents are unable to be located. To promote in-place recordkeeping within business systems, the Assessing corporate systems as recordkeeping systems – Guidelines outlines criteria covering the assessment and management of systems against the minimum requirements needed to be considered before approval as a corporate recordkeeping system (as per ISO16175.3.2012). 6.1 The University collects and uses personal information about its students, staff and others in order to operate effectively. Information may also be released administratively on request. Fees and charges for formal applications, processing and access provision are applied as specified in the RTI Act. Your records management policy should include an annual review and assessment of internal and external compliance in relation to appropriate acts and standards. Applications for access to, or amendments of, documents must be made via the application form available. Visible support of and adherence to these procedures and related policy. Developing records management policies and procedures for University as a whole; Establishing corporate standards for records management; Measuring performance of the University against these standards; Providing consulting services to University staff as required; Ensuring that staff receive appropriate record management induction and ongoing training and review ; Working with relevant … 4.2 All University records must be captured in an approved records management system. Ensuring staff are aware of, and are supported to follow, the information management practices defined in these procedures. The register outlines information asset: security, content type, location/source system, Information Asset Steward, Information Asset Administrator, and other related metadata. 4.5 Staff should not dispose of records by either destruction, deletion, transfer, sale or donation, without prior approval from Information Management Services. The Vice-Chancellor and President has delegated this responsibility as per the Information Management Framework – Governing Policy. Further review by the Queensland Right to Information Commissioner is also available. Introduction . These approved systems appropriately support information and records management processes, and are secure from unauthorised access, damage and misuse. 3.13 Consultation and Communications with Stakeholders EEAST is committed to involving staff and key stakeholders in the development, review and monitoring of key procedural documents. Records Management to help educate and support you in meeting the legal and institutional requirements of the DePaul University Records Management Policy. LEGISLATION/POLICY SUPPORTED. The operational management of information through the information lifecycle is promoted. In this section, you should outline the purpose of the policy and detail the business drivers for creating it. The Ingquza Hill Municipality follows sound procedures for the security, privacy and confidentiality of its records. Records determined to be of historical or cultural significance to the University can be retained for longer than the minimum period required. %���� LfB%�T�0�AU�|�Ͽ��oo_��� �,���v��v�h�Y$ 8.1 All information and records management practices in the University are to be in accordance with these procedures and related policy. 4.4 To ensure University staff have access to the right information at the right time, regardless of location, all records stored in either RecFind or ECM are required to be captured digitally. RTI and Privacy Coordinator / Administration & Finance Officer, Information Services. Sound records management is fundamental to good governance and effective and efficient administration. Our staff is available The RTI and Privacy Officer must provide to the applicant reasons for decisions not to release documents or to give only partial access to documents. %PDF-1.5 At the center of your records management program are your records management policies. Legal records, contractual records, and administrative records. Narromine Shire Council Policy – Records Management Policy And Procedures For Councillors Page No 3 of 18 1.3 Authority of this document This document has been adopted by the Council by formal minute based on the General Manager’s report and recommendations. 8.2 Organisational information is created, collected, classified, and organised in a manner that ensures its integrity, quality and security. 4.1 Corporate information and records must be captured by all staff and should provide reliable and accurate evidence of business decisions and actions. Some records may be eligible for early disposal in accordance with the Disposal of Digitised Records – Procedures. Access to personal information within the University is restricted to authorised staff with business process requirement. Determining the outcome of applications made under the Information Privacy Act 2009 (Qld). 4 0 obj This includes: The correct management of information and records as defined by these procedures and related policy. This includes: Principal officer / In the event that information cannot be located, a written explanation of what steps have been taken to locate the information must be provided to the RTI and Privacy Officer. Officer / Legislative references updated 05 December 2018 . 5.3 The University complies with the requirements of the Right to Information Act 2009 (Qld). Policies and procedures set the standard for a compliant records management system. Making initial decisions regarding release of documents within the time periods stipulated in the Information Privacy Act. Further review by the Queensland Privacy Commissioner is also available. As part of a regular review process, this policy replaces the previous Records Management Policy adopted by Council on 20 November 2009. A person also has the right to amend, if inaccurate, incomplete, out of date or misleading documents relating to their personal information. These procedures are further supported by guidelines and other local documents as identified. Director, Information Services. For handling requirements related to information asset security, see Information asset security and handling – Guidelines. PROCEDURAL DETAILS . Establishing business processes to locate information held in their areas for RTI and information privacy requests and updating areas under the Publication Scheme. <>/ExtGState<>/XObject<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/Annots[ 19 0 R 20 0 R 21 0 R 22 0 R] /MediaBox[ 0 0 595.32 842.04] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>> Information Asset Owners (IAOs)- are responsible for ensuring that their directorates have local procedures and guidance in place which comply with the records management policy and standards. This includes providing for a nominated point of contact with Record Services.