Vice President Finance & Infrastructure
Director, Information & Technology Management
In developing this policy the University had regard to the provisions of section 40B(1)(b) of the Human Rights Act 2004 (ACT).
Records, Information and Data Management Policy
The purpose of this policy is to:
establish a framework for records and information management within the University
facilitate legislative compliance
promote effective business practice, and
protect University information assets as evidence of current practice and for future reference.
This policy applies across the University to all University members and to all University records and information, in any format, created or received, to support University business activities. For facilities located outside of the Australian Capital Territory staff should be mindful that local laws may include requirements that exceed those in this policy.
All staff are responsible for creating, capturing and managing records created during the conduct of their University duties.
Records must be maintained on approved business systems.
A system must be assessed for compliance with records standards before it is implemented or before records are migrated to or from the system. A major change to an existing system must also be assessed for such compliance.
Information Asset Owners will be appointed for student records, staff records, financial records, and research records.
Records must be organised and managed to preserve their context and ease of retrieval.
Records must be retained in accordance with the approved records disposal schedules.
Throughout their full retention period, records must be actively managed and organised to preserve context, accessibility and usability.
Records must be stored in conditions suitable to the:
length of time they must be kept
nature of the record content (e.g. personal, confidential or sensitive information), and
format of the record or the medium it is kept on.
Records must be destroyed at the date specified in approved records disposal schedules unless there is:
a continuing business use
a pending or anticipated legal action; or
a current hold or freeze on destruction issued by the Director of Territory Records.
Permanent value records are transferred to the University archives for preservation and access.
Records are made available to the public in accordance with legislation and within the constraints of security, confidentiality, privacy and archival access conditions.
Chief Digital Information Officer (CDIO)
To establish and implement a records management program.
Information Asset Owner
To promulgate business rules and standards regarding the management of information for which they have been identified the owner.
To oversee day-to-day records management activities including planning for future work.
To act as a liaison with the University community to implement recordkeeping principles to business processes.
To act as the liaison with the Territory Records Office.
Information, in any format created and kept, or received and kept, as evidence and information by a person in accordance with a legal obligation or in the course of conducting business.
Approved business system
A system either owned or contracted by the University that has been assessed against the University’s Business Systems and Digital Recordkeeping Functionality Assessment Tool and entered on to the Business Systems/Information Asset Register.