Policy University Management Records Management Policy

Records Management Policy


Print Friendly and PDFPrint Friendly

Intent

This Policy outlines the principles, approach and rules associated with records management and archives access at James Cook University (JCU; the University), to ensure that recordkeeping practices are compliant with Regulatory Compliance Obligations and business needs.

This Policy addresses Higher Education Standards Framework (HESF) Standard 7.3: Information Management.

Scope

This Policy applies to all JCU staff, and to all University Records and Information in any format, created or received, to support University business activities.

This Policy also applies to the management of student records for students of the Singapore and Brisbane campuses of JCU.

The management of specific record types, such as research data or legal records, are subject to additional policy and legislative requirements.

Definitions

Except as otherwise specified in this Policy, the meaning of terms used are as per the Policy Glossary.

Archives

A public record preserved permanently when no longer required for current business use by the University.

Corporate Record

Any record, created or received, that documents the administrative and non-clinical functions of the University.

Ephemeral records

Short term records made as part of routine transactional business practices and are not usually required for ongoing business. These are public records that may help an action or a process move forward, but don't in themselves have any long-term value and are not needed to understand the business action or process. They are usually only required to be kept for a short period of time. Examples include drafts not intended for further use or reference, copies of material retained for reference use only, working notes, routine CCTV footage, and credit card payment data.

Records

Defined as recorded information, in any format, created or received by JCU, or any person acting on behalf of JCU, in the transaction of business or the conduct of affairs and that provides evidence of such business or affairs. It should be noted that except in limited circumstances, drafts are not considered a record. Formats include physical (hard copy or paper) records, digitised and scanned records, voice recording, data stored in a business system (such as Student, Human Resource or Finance systems), on memory storage, maps, plans, photographs, internet and intranet, websites, microfiche and other technology-dependent records.

Recordkeeping

The act of making and keeping evidence and memory of University business in the form of recorded information under the provision of the Public Records Act 2023.

Records Lifecycle

A records and archival management model which describes the stages through which a record is said to pass during its “life“, from creation to preservation. Records do not necessarily experience all stages.  For example, some records are retained permanently and never disposed of. The records lifecycle incorporates five stages: Create or receive, Capture and organise, Use and maintain, Retain and appraise, and Dispose.

Records Management

The field of management responsible for the efficient and systematic control of the creation, receipt, maintenance, use, access to and disposal of records, including processes for capturing and maintaining evidence of and information about business activities and transactions in the form of records.

Policy

1. JCU is committed to maintaining accurate, secure, and accessible records that support decision-making, student services, and regulatory compliance through establishing, maintaining and continually improving records management practices, processes and culture. This includes records relating to admissions, enrolment, academic outcomes, and quality assurance processes.

2. All business activities are recorded and saved in order to:

a. provide evidence-based and informed decision-making to support good business practices that align to the strategic direction of the University;

b. protect the rights and interests of individuals at the University;

c. document and explain the decisions made by the University and any undertakings given;

d. provide the history of a decision and/or activity, capturing the corporate memory of the University;

e. support the policies and procedures of the University by demonstrating that policies and procedures were followed during the conduct of business;

f. promote accountability and transparency; and

g. support compliance with various legislative and regulatory provisions (including Right to Information, Information Privacy, ethical conduct, etc.).

3. This Policy ensures compliance with the Queensland Government Records Governance Policy by:

a. ensuring records management is supported at all levels of the business;

b. systemically managing records using governance practices that are integrated and consistent with broader agency frameworks;

c. creation of complete and reliable records;

d. actively manage permanent, high-value and high-risk records and information as a priority;

e. ensuring records are discoverable (in business systems and applications approved for use) and accessible for use and re-use; and

f. disposing of records in a planned and authorised way.

Roles and Responsibilties

4. Vice Chancellor: responsible for ensuring that the University implements a records management framework compliant with the Public Records Act 2023 and other relevant legislative and accountability requirements.

5. All staff: responsible for compliance with the provisions of the Public Records Act 2023 and this Policy, and are personally accountable for the correct management of data, information and University records generated in the course of their duties or under their direct control.

6. Deputy University Secretary: responsible for:

a. managing the Records team to deliver continuous improvement and best practice in records management, and service provision for the University’s student and corporate records management, including facilitation of employee training in the use of the University’s records management system, Content Manager.

b. the development, implementation and review of systems technologies involving deployment and maintenance of Content Manager, and the development and maintenance of interface technologies, to enable compatibility with other JCU corporate business systems.

c. Develop, manage and maintain the University’s Recordkeeping Program and associated Disposal and Retention Schedules in accordance with relevant legislation and ensure appropriate maintenance of the University’s Recordkeeping processes and policies, to meet changing legislative requirements against the Public Records Act 2023 and other related legislative instruments.

7. Records Team: responsible for the implementation of the legislative requirements and of AS ISO 15489: Records Management for recordkeeping and archiving within the University. They are also responsible for training users on records management and associated records systems.

8. Heads of Work Units: responsible for ensuring that they have implemented the requirements of this Policy across their work units, comply with JCU recordkeeping procedures and ensure appropriate management of their records through the records lifecycle under the directions of Corporate Records.

9. Policy Custodians: responsible for ensuring any recordkeeping requirements are considered in any policy or procedure of the University.

Records Management Systems

10. The University uses and maintains records management systems that are secure from unauthorised access, damage and misuse. The systems capture and support records that are accurate, authentic, accessible, useable, maintained and preserved for, at a minimum, the period of retention as indicated in the Queensland State Archival Retention and Disposal Schedules and are not disposed of without the signed approval and completion of JCU’s Destruction Authority.

11. JCU’s Records management systems:

a. contain metadata as defined in the IS 34: Metadata;

b. contain all relevant records within the scope of JCU’s business activities;

c. protects JCU’s records from unauthorised alteration or disposition;

d. are the primary source of information about actions and decisions made; and

e. provide ready access to all relevant records and related metadata.

12. Enterprise-wide information systems (e.g., Microsoft Teams and SharePoint) may be deemed to be records management systems when they meet the above requirements.

Access and Security

13. JCU maintains a balance between allowing staff access to information necessary to undertake their roles and appropriate security over records which contain confidential or commercially sensitive information. It is the expectation of the University that staff will access only those files and records which are necessary for the proper fulfilment of the duties of that member of staff, or that they are lawfully requested to access.

14. Staff may be asked to sign a confidentiality agreement upon commencement of employment, given the nature of the records they have access to, such as Human Resources and Technology Solutions staff, or when undertaking specified tasks involving personal or confidential information.

15. All University records must be protected from unauthorised access, disclosure, modification, loss or damage in accordance with the Information Privacy Policy.

University Archives

16. The University Archives has been established to coordinate the identification and appropriate retention of historical University archives and memorabilia. Archives provide a record of the corporate memory of the University. Archives are usually inactive records that are deemed to have continuing value, either permanently or temporarily. A record may be considered permanent because of its evidential, fiscal, administrative, legal, informational or historic value.

17. The Deputy University Secretary or Manager, Special Collections may restrict access to records which are too fragile or damaged to be handled.

Retention and Disposal of University Records

18. The University will comply with the minimum retention periods as set out in the Queensland State Archives Retention and Disposal Schedules.

19. University records which are due for destruction must be approved for disposal by the Deputy University Secretary, and must be securely destroyed.

Adminstration

NOTE: Printed copies of this policy are uncontrolled, and currency can only be assured at the time of printing.

Approval Details

Policy DomainUniversity Management
Policy Sub-domainCorporate Administration

Policy Custodian

Chief of Staff

Approval Authority

Vice Chancellor

Date for next Major Review

22/03/2031

Revision History

Version no.

Approval date

Implementation date

Details

Author
26-122/03/202624/03/2026Major review to align with legislative changes, and to incorporate the disestablishment of the Archives Access Policy.Deputy University Secretary
16-203/08/201604/08/2016

In JCU Frameworks, Policy and Procedures section: removed Use of Recycled Paper Policy (Disestablished) and replaced with  Waste Reduction Management Plan which is now in place and has incorporated into it, recycling of paper.

 
16-125/02/201625/02/2016Policy Sponsor and Approval Authority amended to reflect Council approved Policy and Delegations Framework. 

13-1

08/02/2013

13/02/2013

Revised to reflect contemporary records management practices and align to sector standards and compliance requirements. Approved by Deputy Vice Chancellor.

 

08-1

2008

2008