Records Management

Records Management Policy

Policy Code: IM1696

Purpose

This policy establishes the framework under which official records of the University are created and managed.

Scope

This Policy is applicable to all University staff including sessional staff, researchers and research staff.

It also applies to individuals who undertake work on behalf of the University, but are not employed by the University including:

  • Partner Providers (onshore/offshore)
  • Commercial Delivery
  • VETiS (including Auspicing)
  • Volunteers

and covers all University records (including work completed by or on behalf of the University) in any format and from any source.

No University employee is exempt from this policy.

Definitions

Term Definition
Assessments The determination of results to be awarded for a component of study (e.g. assignment, test, exam, subject, course)
Authorising Officer Senior officer responsible for approving the destruction of their business unit / department / faculty or school’s records, this includes: Dean / Executive Dean, Program Co-ordinator, Faculty Business Manager, Director , Manager, or other authorised officer as specified in Minimum Retention Requirements for University Records.
Business Classification Scheme (BCS) A classification structure that allows for like records to be grouped together based on business activities.
Corporate
Business System

An approved business system used by the University for the storage of records relating to a particular function. For Federation University, these systems include but are not limited to -

Aviarc - Student Surveying System

Campus Solutions - Student Management System

My Finance - Finance System

ECM - Records Management System

Empower - Human Resources System

WMMS - Works Management and Maintenance System

SmartFleet - Fleet Management System

PAMS - Policy Management System

QWeb - IT Helpdesk System

Medical Director / Pract Soft - Health Services / Patient Management System.

Contributor Relations - Alumni / Donor Management System

ECM Technology One Product "Enterprise Content Management" , the University’s Electronic Document and Records Management System (EDRMS), the corporate recordkeeping system.
Metadata

Data about data. Provides context to a record allowing it to be found, understood and used by others within the organisation.

Permanent Records Public records that have been identified as being worthy of preservation in a Public Records Office Retention and Disposal Authority, or have been identified by the University as having historical significance.
Public Record Also referred to as a University Record, Business Record or Corporate Record. Any record which is created or received by the University that captures evidence of a University business activity or transaction. Public records are governed by the Public Records Act 1973.
Public Record Office Victoria (PROV) Established under the Public Records Act 1973, the role of the Public Record Office Victoria is to ensure the preservation and utilisation of public records. Their role includes issuing standards regulating the creation, maintenance and security of public records including the selection and disposal of public records not worthy of preservation and the preservation of records considered historically significant. (Source: Public Record Office Victoria)
Public Records Act 1973 Defines the responsibilities for consistent records management practice by government agencies (Source: Public Record Office Victoria)

PROV Recordkeeping

Standards

A set of mandatory principles reflecting best practice methodology that Victorian Government agencies must comply with in order to meet the legislative requirements of the Public Records Act.

(Source: Public Records Office Victoria)

Records Disposal Authorisation Authorisation process for the disposal of records, which must be signed off by the Department Head, Co-ordinator Records Management Services and the Director, Academic Services or their delegate. Ensures compliance with the Public Records Act 1973 and associated Standards.
Retention and Disposal Authority (RDA) A mechanism for the disposal of public records in accordance with the Public Records Act 1973. Details the minimum retention period of public records and authorises records to either be destroyed or retained permanently.
Record Any information created by or received by an officer at the University, regardless of format or source that is evidence of a business transaction or activity. A record records an action, policy, decision or decision making process, renders the organisation accountable or commits the organisation to an action.
Records Management Field of management responsible for the efficient and systematic control of the creation, receipt, maintenance, use and disposition of records, including processes for capturing and maintaining evidence of and information about business activities and transactions in the form of records. (Source:  AS ISO 15489.1 – 2002)
Records Management Program Consists of the Recordkeeping framework, recordkeeping procedures, processes and practices, as well as the systems, structures, people and resources required for the effective management of the University’s records. (Source: Public Record Office Victoria)
Temporary Records Records identified by an authorised Retention and Disposal Authority as being temporary. Temporary records can be disposed of once their minimum retention has been reached and there are no further business or legal requirement for their retention.
University Business Areas Refers to an academic, research or administrative area, which may include a Faculty, School, Portfolio, Section, Department, Unit or Centre. No section of the University is excluded from this Policy.

Policy Statement

University records are to be managed, captured, accessed, stored and disposed of in accordance with University procedures and guidelines to ensure compliance with the Public Records Act 1973 and other regulatory instruments, including Public Record Office Victoria (PROV) Standards. Records created, received or used by University staff in the normal course of business are the property of the University, unless otherwise agreed. This includes reports compiled by external consultants commissioned by the University.

The University’s corporate records constitute its corporate memory, and as such are a vital asset for ongoing operations, and for providing evidence of business activities and transactions.  Corporate records assist the University in making better informed decisions and improving business practice by providing an accurate record of previous activities.

All University staff, including sessional staff, researchers and research staff, as well as individuals who may perform work on behalf of the University, including:

  • Partner Providers (onshore/offshore)
  • Commercial Delivery
  • VETiS (including Auspicing)
  • Volunteers

are required to adhere to the requirements within this policy to ensure full and accurate records are created and maintained and that disposal of records is only completed by authorised Officers as part of an authorised destruction program.

Responsibility

The Vice Chancellor, as head of the University, is responsible for ensuring the University complies with legislative requirements for recordkeeping, including the Public Records Act 1973 and other regulatory instruments, including PROV standards.

The Director, Academic Services, as the Vice Chancellor's delegate, has the responsibility for overseeing compliance of the University's Records Management Program. The Director may, as and when required, delegate this authority to another senior officer.

The Co-ordinator, Records Management Services is responsible for developing, implementing and monitoring the Records Management Program as well as the University’s Recordkeeping Awareness Program which provides staff with the knowledge and skills required to fulfil their recordkeeping obligations. The Records Management Services unit is responsible for providing recordkeeping advice and support to business units in relation to managing University records and manages the University's offsite storage facility.

University staff in a supervisory capacity are responsible for monitoring and supporting staff to ensure they understand and comply with records management policies and procedures. Managers and Supervisors should encourage and support positive recordkeeping practices within their business area.

All University staff including sessional staff, researchers and research staff, as well as individuals who may perform work on behalf of the University including:

  • Partner Providers (onshore/offshore)
  • Commercial Delivery
  • VETiS (including Auspicing)
  • Volunteers

are responsible for ensuring they understand and comply with their recordkeeping requirements, which are outlined in the Records Management Policy and associated procedures, individual position descriptions and outlined in the Corporate Induction Program.

No University staff are excluded from this Policy.

Recordkeeping Systems

Creation and Capture of University Records

All staff are responsible for creating and capturing complete and accurate records as part of their University duties, in accordance with this policy and associated recordkeeping procedures.

All electronic records must be captured in an approved corporate business system. Records that are created by an approved corporate business system should be stored in that system. Records that are not created and / or stored in an approved corporate business system must be stored in the corporate records management system, ECM. This includes but is not limited to email correspondence, word, excel and PowerPoint documents, video, audio, social media posts and telephone conversations (through recordings or file notes).

For more information on capturing full and accurate records, refer to the Records Management Procedure – Capturing and Classifying University Records.

Access and Security of University Records

Access to University records is only permitted by authorised University officers who require access for University business. Under no circumstances are records to be accessed or used for non-university related business.

Personal information held on corporate records must only be used for the purpose with which it was collected and must only be disclosed to authorised persons. Records containing personal information must be captured, stored, accessed, and disposed of in line with the requirements of relevant legislation (including, but not limited to the Information Privacy Act, Freedom of Information Act and Public Records Act).

Hard copy records stored within business areas must be secured to avoid possible theft, misuse or inappropriate access [1].

University staff must ensure their username and password for University systems including the corporate recordkeeping system, ECM, are kept secure at all times and are not shared under any circumstances as outlined in the University’s Information Security Policy.

For more information on security of records, refer to the Records Management Procedure – Access and Security of University Records.

[1] PROV Standard – Storage – Issued by the Public Record Office Victoria

Storage of University Records

All hard copy records created or received by the business area are to be stored in PROV compliant storage areas within the business area while the record is being used for daily business activities.

It is the responsibility of staff in a supervisory capacity to ensure hard copy files within their unit are stored securely and are only accessible by authorised persons. Where records are required to be removed from their storage location appropriate procedures must be in place to ensure the tracking of those record/s.

Inactive hard copy records not required for normal business activities should be stored at the University’s official offsite storage facility. Records are not permitted to be stored offsite at other non-university approved storage facilities. Transfer of inactive records must be completed as outlined in the Records Management Procedure – Retention and Disposal of University Records.

Electronic records, created and / or received by the University, that are not created and / or stored by another corporate business system, must be stored in the University’s corporate records management system, ECM.

To ensure the security of records, and to allow access by other staff, email clients such as Outlook, network or local drives, portable storage devices such as USB sticks, external hard drives, CDs and DVDs etc should not be used for the storage of electronic records. Email clients, network and local drives cause records to become invisible to the organisation. Security of records is compromised when portable storage devices are used as a storage location for corporate records.

Business related email messages must be recorded in ECM. Email archive facilities must not be used for the archiving of business emails that have not been captured in ECM. Refer to the Records Management Procedure – Managing Electronic Mail (E-mail) for more information.

Retention and Disposal of University Records

University records must only be disposed of in accordance with an applicable Retention and Disposal Authority (RDA) issued by the Public Record Office Victoria (PROV).

University records cannot be disposed of if:

  • They are identified as having historical significance and / or are classed as a permanent record by PROV;
  • They have not met the minimum retention timeframe as specified in the applicable RDA;
  • It is known that the records may likely to be required in evidence, either now or in the future – regardless if a valid RDA has been issued by PROV;
  • There has been an embargo placed on the disposal of records either by the University or PROV – regardless if a valid RDA has been issued by PROV;
  • It is identified that there is still a business requirement for the records to be retained.

The disposal of records must be completed as outlined in the Records Management Procedure – Retention and Disposal of University Records.

Legislative Context

Public Records Act 1973 (Vic)

Electronic Transactions Act 2000 (Vic)

Evidence Act 1958 (Vic)

Information Privacy Act 2000 (Vic)

Health Records Act 2001 (Vic)

Freedom of Information Act 1982 (Vic)

Crimes (Document Destruction) Act 2006 (Vic)

Copyright Act 1968 (Vic)

Tertiary Education Quality and Standards Agency Act 2011 (TEQSA Act)

Education Services for Overseas Students Act 2000 (ESOS Act)

National Vocational Education and Training Regulator Act 2011

Education and Training Reform Act 2006

Higher Education Support Act 2003

Promulgation

The Records Management Policy will be communicated throughout the University via:

  1. an Announcement Notice under ‘FedNews’ on the ‘FedUni’ website and through the University Policy - ‘Recently Approved Documents’ webpage to alert the University-wide community of the approved Policy;
  2. inclusion on the University's online Policy Library;
  3. distribution of e-mails to Head of Schools / Head of Departments / School Business Managers, Business Area Managers, Executive Assistants and other stakeholder representatives; and
  4. inclusion as part of the University's Recordkeeping Awareness Online Training Course.

Implementation

The Records Management Policy will be implemented throughout the University via:

  1. An Announcement Notice under ‘FedNews’ on the ‘FedUni’ website and through the University Policy - ‘Recently Approved Documents’ webpage to alert the University-wide community of the approved Procedure.
  2. Inclusion on the University's online Policy Library.
  3. Online Recordkeeping Awareness Training to be completed by all University staff;
  4. Information sessions provided to staff by the Records Management Unit.