Records created or received by staff in the process of conducting University business are vital assets of the University, providing evidence of its decisions, business activities and transactions.

The University’s primary recordkeeping systems are:

• the Central Records System consisting of paper-based files and a web-based management and search facility
• the Financial Management System: ESP Financials
• the Human Resources System: ESP HR
• the Student Administration System: Student21
• the Research Data Management System: ARIES.

This policy applies to records in all formats (paper, digital or audiovisual) whether registered files, working papers, electronic documents, emails, online transactions, data held in databases or on tape or disks, maps, plans, photographs, sound and video recordings, or microforms.

The University’s policy and practice is based on its legislative responsibilities as a Commonwealth agency and on AS ISO 15489, Australian Standard on Records Management and other applicable standards.

Creation of records

The University ensures that records are created to document its business and are captured in recordkeeping systems for:

• business continuity: so that staff undertaking University business can access past decisions and activity
• protection of rights: the University’s own legal, financial and other rights and its obligations to its staff, students, and others affected by its actions
• accountability: so that scrutiny can be made of its business by anyone authorised to do so.

Records must accurately reflect the activities they document and include adequate contextual information or metadata for them to be meaningful, such as the identity of staff who are undertaking University business on its behalf and the date the business is undertaken. The University has adopted the National Archives’ Recordkeeping Metadata Standard for Commonwealth Agencies.

Records should be captured into a recordkeeping system as soon as possible after creation so that evidence is readily available to support University business.

University records created or received by email or electronic documents held on personal computers must be incorporated into a recordkeeping system (ie printed and filed in the Central Records System). Electronic documents are particularly vulnerable to change or deletion and may not otherwise be readily accessible to staff who need to access the information.

Oral decisions and commitments should be recorded and incorporated into a recordkeeping system, eg documented in a ‘note for file’ attached to the relevant file. Formal meetings should be documented by an agenda, minutes and any documents considered at or resulting from the meeting.

Security of records

The University uses a functional thesaurus to classify records in the Central Records System so that records can be easily located. The thesaurus uses broad functions and more narrowly focused activities to classify files. File movements are tracked to monitor access and regular file censuses are conducted.

The University ensures through the design and management of both electronic and paper-based recordkeeping systems that records maintain their integrity and authenticity through control mechanisms to prevent unauthorised access, alteration or removal. This means that records held in the University’s recordkeeping systems meet the requirements of the Evidence Act 1995 and the Electronic Transactions Act 1999 to be considered as admissible evidence.

The University provides storage facilities appropriate to the format, usage, confidentiality, and continuing value of its records, according to the National Archives’ Standard for the Physical Storage of Commonwealth Records, so that they remain useable for as long as they are needed and any special requirements for security are met. Records held in electronic form are backed up on a regular basis and migrated to new systems when necessary so that they remain useable for as long as they are needed.

Access to records

The University provides access to University records to staff who require access to perform their delegated duties. Where there is a particular reason to do so, access may be restricted to particular staff positions or business areas. Caveats such as commercial-in-confidence are used where the University has a contractual obligation to maintain confidentiality or is required by law to do so.

Access to personal information is provided subject to the privacy principles in the Privacy Act 1988 and the access provisions of the Freedom of Information Act 1982. The University provides public access to University records under the provisions of the Freedom of Information Act 1982 and the Archives Act 1983.

Disposal of records

Disposal of University records occurs through applying disposal authorities developed by the University and approved by the National Archives. These cover the functions Teaching and Learning, Research and Development, Student Progress, and Student Services. The Administrative Functions Disposal Authority developed by the National Archives for all Commonwealth agencies is also used.

The disposal authorities use the same functional thesaurus as is used to classify files in the Central Records System so that files can be retained for the appropriate period of time according to their classification. Where records are destroyed, information about the records and the authority for their destruction is retained.

Retention of archives

Records identified as having continuing value under approved disposal authorities are transferred to the University Archives. Other records of continuing value are also retained by the Archives including personal papers of academic and administrative staff, and records of antecedent institutions and University organisations and societies.

Relevant Standards

AS ISO 15489, Australian Standard on Records Management, 2002

National Archives: Recordkeeping Metadata Standard for Commonwealth Agencies, 1999

National Archives: Standard for the Physical Storage of Commonwealth Records, 2002

Procedures

University Responsibilities

1.      The University is responsible for:

1.1.     creating accurate records to support its business operations

1.2.     designing, implementing and maintaining recordkeeping systems which preserve the integrity and authenticity of records over time

1.3.     storing and providing access to records appropriately according to their format, usage and confidentiality

1.4.     developing disposal authorities for approval by the National Archives and applying them to University records

1.5.     providing procedures, advice and training for staff in records management and on the continuing value of records

1.6.     preserving records of continuing value

1.7.     providing appropriate staff access to records

1.8.     protecting personal information using the privacy principles in the Privacy Act 1988

1.9.     providing access under the Freedom of Information Act 1982 and the Archives Act 1983

2.      Heads of Budget Units are responsible for:

2.1.     making staff aware of their responsibilities in relation to recordkeeping and monitoring compliance

2.2.     designating particular staff to take responsibility for the capture, management and security of records

2.3.     providing facilities and procedures to capture records within the University’s recordkeeping systems and to preserve them over time

2.4.     seeking advice on appropriate recordkeeping procedures and on the storage and disposal of records when needed

3.      Staff users must:

3.1.     observe all relevant policies, laws, regulations, contractual obligations and procedures

3.2.     document activities performed and decisions made on behalf of the University

3.3.     incorporate records created or received into the University’s recordkeeping systems

3.4.     handle records with care to ensure their preservation for as long as they are needed

Authorisation

The University responsibilities identified in this Policy are vested with the Division of Information.

Definitions

Archives: records selected for long-term retention for their continuing value

Continuing value: the value of records beyond their immediate administrative purpose for future business needs, accountability, evidence, and research

Disposal: removal of records from a recordkeeping system by destruction, deletion or by transfer (eg to Archives)

Disposal authority: a formal instrument that defines the retention periods and consequent disposal actions authorised for classes of records described in the authority

Functional thesaurus: a classification tool based on the functions and activities of an organisation which can be used to classify, title, retrieve, and dispose of records

Heads of Budget Units: includes College Conveners, Deans and Directors of Faculties, Schools and Centres, and Directors of Administration and Information Divisions, as defined in the Delegations of Authority Policy

Metadata: structured data describing the context, content and structure of records and their management over time

Personal papers: records created or received by a person which are not part of the University’s recordkeeping systems (but which may include University records)

Record (AS ISO 15489): recorded information, in any form, including data in computer systems, created or received and maintained by an organisation or person in the transaction of business or the conduct of affairs and kept as evidence of such activity

Recordkeeping system: an electronic or manual framework for managing records which ensures their integrity and authenticity over time through control mechanisms to prevent unauthorised access, alteration or removal

University business: activities undertaken by the University including teaching and learning, research, community service, administration, and commercial and cultural activities

University records: information created or received by University employees undertaking University business and maintained as evidence of that activity

Introduced: 27 August 1999

Extensive review 2007, re-released 29 May 2007