Procedure: Records Management

Purpose

To outline the procedures in relation to records management that meet National Archives of Australia required standards to:

• Implement fit-for-purpose information management processes, practices and systems; and
• Reduce information management inefficiency and risk.

Definitions

Please refer to the definitions as outlined in the Policy: Records and archives management.

Procedure

Record creation

1. All records created by staff or contractors at the University or received as part of University business must be placed into an approved records management system promptly.
2. Records may be generated automatically or manually.
3. Where possible, business records are captured into the ERMS using automated processes such as integration of systems or via electronic forms
4. University systems that manage records and information are assessed and approved as primary recordkeeping systems through system information management plans.
5. The ANU Electronic Records Management System (ERMS) is the major central repository for the management of electronic records. As a formal recordkeeping system, ERMS enables ANU records to be managed in accordance with requirements of recordkeeping legislation and standards and to meet compliance obligations.

ERMS roles and responsibilities

6. ERMS is administered by the University Records team who are responsible for:

• managing the system and processes within ERMS in conjunction with ITS and external partners
• creating and managing membership of security groups
• updating and managing disposal authorities in ERMS to support compliant retention or disposal of records
• providing organisation-wide business support, training and advice for ERMS.

7. ERMS Power Users are staff nominated by College and Service Divisions to:

• create folders and folder structures, under the BCS framework, to allow staff to contribute records
• receive and create lists of approved individuals who are to have access to particular folders
• submit requests to the ERMS Administrator for creation of folder access groups (i.e. security groups)
• apply security groups to restrict access to records or folders (as authorised).

8. Power Users may also fulfil the ERMS Representative role. ERMS Representatives are staff nominated by College and Service Divisions to:

• coordinate the ERMS and records management effort within the local area
• be the first point of contact for ERMS communications
• disseminate communications to staff
• receive, answer or source answers for questions from staff about ERMS or records management.

Record description (metadata)

9. Metadata (descriptions) for records in all university systems must meet the minimum standards recommended by the National Archives of Australia.
10. Metadata and contextual information must be sufficient to enable information and records to be identifiable, discoverable, and usable.
11. Descriptive information is meaningful and consistently applied in titling and classifying records. University Records staff provide guidance for ERMS document and folder titling and the principles can be applied to naming and describing any University records.

Security of records

12. The University ensures through the design and management of its recordkeeping systems that records maintain their integrity and authenticity through control mechanisms to prevent unauthorised access, alteration or removal. Properly designed and managed systems mean that records held in the University’s recordkeeping systems meet the requirements of the Evidence Act 1995 and the Electronic Transactions Act 1999 to be considered as admissible evidence.
13. The University provides storage facilities and systems appropriate to the format, usage, confidentiality, and continuing value of its records, according to the NAA's Standard for the storage of archival records, so that they remain useable for as long as they are needed and any special requirements for security are met. Records held in electronic form are backed up on a regular basis and migrated to new systems when necessary so that they remain usable for as long as they are needed.

Storage and preservation

14. The University provides systems and facilities that support preservation of University records in accordance with their value. This includes meeting file format and digitisation standards issued by the National Archives of Australia
15. Upgrade, migration or decommissioning of systems takes account of recordkeeping requirements so that disposal is authorised and improvements in system design are incorporated.

Access to records

16. The University provides access to University records to staff that are authorised by the appropriate delegates. Where there is a particular reason to do so, access may be restricted to particular staff positions or business areas. Restrictions such as commercial-in-confidence are used where the University has a contractual obligation to maintain confidentiality or is required by law to do so.
17. Access to personal information is provided subject to the privacy principles in the Privacy Act 1988 and the access provisions of the Freedom of Information Act 1982. The University provides public access to University records under the provisions of the Freedom of Information Act 1982 and the Archives Act 1983.
18. The University's records must only be provided to external agencies or organisations following consultation with University Records or other relevant staff such as the Freedom of information Officer or Privacy Officer and in accordance with the appropriate guidelines.
19. Executive Data Stewards are responsible for ensuring guidelines are in place about appropriate authorisation of access to records.

Retention of archives

20. The University uses the National Archives of Australia disposal authorities to determine the retention and destruction requirements for records regardless of format. Disposal authority requirements are implemented through the ERMS and may be incorporated in other business systems and procedures.
21. Disposal authorities cover general administrative records and unique functions of the University including research, teaching and learning, and student administration and services.
22. Records identified as having continuing value under disposal authorities must be transferred to the University Archives for ongoing preservation and access.

Disposal of records

23. Disposal of University records occurs through applying records authorities authorised by the NAA.
24. Destruction of records in approved business systems is designed to be in accordance with disposal authorities.
25. Destruction of other records held by the University (not in ERMS or approved business systems) must follow retention periods required in disposal authorities or be with the approval of the University Librarian.
26. Information must be retained about when and under what authority records have been destroyed.