Records management: frequently asked questions
The Freedom of Information Act places obligations on the University to maintain our records in accordance with the provisions of the Code of Practice on Records Management issued by the Lord Chancellor under section 46 of the Act.
- What is a record?
- What is records management?
- What are the retention schedules?
- Should electronic records be treated any differently to paper-based records?
- Can poor records management lead to a breach of the Freedom of Information Act?
- How does records management under the Freedom of Information Act interface with the Data Protection retention and fair processing principles?
What is a record?
Records are the outputs that document each and every business and administrative transaction of the University and details about our students, members of staff and all our external contacts. They are the essential resource for the University's effective continuation. They also form the University's collective memory that must be available beyond the memory or working life of any single member of staff.
What is records management?
Records management is a process for the systematic management of all records and the information or data that they contain. Traditionally these were held on paper, or more recently on microfilm or fiche, but are now held increasingly within electronic systems. The core concept is the life cycle of information, which sees information having a series of phases from creation to final disposition either through a controlled destruction process or being added to the long-term or permanent record (the archive) of the University.
What are the retention schedules?
Retention schedules form a key element of the University's records management policy. They are timetables that set out when individual/groups of records are due for review, transfer to an archives and/or destruction. This will make it easy to establish whether or not a record exists if a request is received. It will also give the public confidence that the University has adequate procedures for identifying records that have been requested.
Should electronic records be treated any differently to paper-based records?
No. The principles underlying records management - creation, retention, identification, and retrieval of records - apply equally to both electronic and paper records. This means that procedures for e-mail and information held on shared and personal hard drives have to be as robust and detailed as those for other records.
Can poor records management lead to a breach of the Freedom of Information Act?
Poor records management is not of itself a breach of the Act. However, the Act sets out strict timetables for compliance with a request, ensures that the costs of retrieving information are reasonable and asserts that all recorded information held, wherever it is located within the University, is potentially disclosable. If poor records management results in any of these requirements not being met, it will constitute a breach of the Act and the Information Commissioner will be able to consider using his enforcement powers.
How does records management under the Freedom of Information Act interface with the Data Protection retention and fair processing principles?
The Data Protection Act relates to personal information, whereas the Freedom of Information Act relates to all other recorded information that the University holds. As long as you have clearly identified the personal information, these data protection principles are not applicable to the other information that you hold. However, good records management is likely to assist in compliance with the data quality principles, including the requirements that personal data is adequate, relevant and not excessive for the purposes for which it is held, that it is accurate and that it is kept for no longer than is necessary for the purpose for which it is held.