Procedures

Destruction of Records - Procedure

Printer-friendly version
Body

1.0   Purpose and Scope

The purpose of this procedure is to support effective management of records at The University of Queensland (UQ) by enabling the destruction of University records that satisfy certain conditions.

A University record can be an object in any format that displays recorded information showing evidence of the University’s decisions and actions whilst performing its various operations. Records can be “born digital” e.g. email, electronic document, image, video, audio recording. They can also be “physical source records” which means that they have a physical presence such as paper, folder, photograph, microform, USB drive, Compact Disc, etc. A digital copy of physical source records can, in some cases be transitioned to becoming a Digitised Electronic Record (electronic format through scanning or other technologies).

This procedure covers all records of the University of Queensland and describes the appropriate destruction criteria and procedures for their destruction including the approved process for transitioning physical source records to a Digitised Electronic Record.

This procedure applies to consumers of UQ information and communications technology (ICT) resources and anyone creating or accessing UQ’s information assets.

Consumers that are connected to UQ networks, systems or services must comply with this procedure, irrespective of location or device ownership e.g. consumers with personally-owned computers.

Exceptions to this policy must be approved by the Chief Information Officer.

2.0   Processes and Key Controls

The processes and key controls for determining the eligibility of records for destruction apply to both physical and digital records.

The University is subject to the Queensland Government’s:

Other key controls include the retention and disposal schedules authorised by Queensland State Archives:

The key points of action from these controls, is illustrated below:

3.0   Key Requirements

3.1   Testing eligibility

All records regardless of format must be managed in accordance with the minimum legal retention requirements stated in the authorised retention and disposal schedules listed in section 2.0.

Only records that are classified as “temporary” and “expired” (past their legal minimum retention expiry date) will be eligible for destruction.

3.1.1   Exceptions

It is important to recognise that certain types of records are not eligible for consideration for destruction.

The following summarises these types of records that cannot be destroyed under any circumstances:

  1. Permanent records
  • Records described as permanent retention value under a current retention and disposal schedule cannot be destroyed, even after digitisation.
  1. Records of intrinsic value

Are significant physical source records where any or all of the following qualities or characteristics apply:

  • Cannot be captured through digitisation.
  • Are of historical significance and of enduring value in their physical format.
  • Are classified as permanent retention in the authorised retention and disposal schedules that apply to UQ.
  • Are the surviving records of a significant event/disaster/incident which resulted in the destruction of records with special qualities and characteristics that could be lost or diminished if the original source record is digitised, converted or migrated into another medium.
  • Provides explicit evidence specific to UQ in its current format.
  1. Information under Right to Information (RTI) or Information Privacy legislation requests

  • Records that are and/or have been requested as part of an application under Right to Information or Information Privacy legislation are not to be destroyed. Consultation with the UQ Right to Information team and/or the Records Management & Advisory Services (RMAS) team is required. Further information can be found within the General Retention and Disposal Schedule (GRDS).
  1. Records required for legal purposes

  • It is a breach of the Criminal Code Act 1899 to destroy records that are or could be reasonably expected to be required for a legal matter whether current or anticipated at time of destruction.
  • The lead agency for Government recordkeeping, Queensland State Archives, can impose a records disposal freeze. Under a disposal freeze, it is unlawful to destroy physical or electronic records outlined in the freeze directive.

3.1.2   Physical source records after digitisation

Physical source records that have been digitised only qualify for early destruction if the original is classified as temporary value, and if the digitised version is held for the required retention period for that class of records.

Digitisation must follow a documented and auditable process that includes quality assurance measures. These include:

  • Scan or convert the physical source record to create an electronic copy in an approved digital format (e.g. .PDF,.JPG, mp3, mp4),
  • Confirm that the digital record is clearly legible and/or audible and fit-for-purpose,
  • Store the digital copy of the record in an approved record keeping system that includes the appropriate metadata. The RMAS team provide organisational units with advice on record keeping metadata requirements,
  • Store the original physical copy after digitisation, in an ordered and secure state until a compliant digital record has been obtained, and
  • Follow the process outlined in section 3.2, 3.3 and 3.4 until approval of their final destruction.

3.2   Assessing records

Organisational units need to determine and document records that are eligible for destruction.

To assist with determining the eligibility of University records for destruction a ‘Criteria Matrix’ resource is appended (refer to 7.1).

The ‘Criteria Matrix’ summarises the conditions referenced in the approved retention and disposal schedules to:

  • determine whether the records are categorised as temporary records, and to
  • understand the retention trigger conditions in order to calculate and confirm that the minimum retention requirements have been served.

RMAS provides advice and support to organisational units to assist with the correct translation of the requirements stated in the approved retention and disposal schedules.

3.3   Create evidence of destruction process

Regardless of the format the time expired records are in, under legislation it is mandatory to keep a record (log) of destruction activities.

  • Organisational units must document the records eligible for destruction and receive local organisational unit endorsement and delegated manager approval prior to carrying out destruction. Liaison with the RMAS team is also required and templates to assist are available in Section 7.2.
  • The destruction logs and their associated approvals, must always be kept and captured within UQ’s enterprise document and records management system, that is Micro Focus Content Manager (also known as TRIM).

3.4   Destruction of Records

3.4.1   Carrying out the destruction of physical source records

The destruction of physical source records must be carried out using a secure process unless the record had a security classification approved as ‘public’.

The RMAS team provide advice to organisational units on preferred confidential destruction services. These include:

  • For small volumes of paper records, local shredding equipment can be used.
  • For sizeable volumes of paper records or records on small portable recording devices such as USB’s or compact disks, there are third-party providers for:
    • Medium volumes – supply and removal of in-office confidential destruction bins, and
    • Large volumes – through an on-site mobile destruction service or via an off-site destruction plant.

3.4.2   Destruction of digital records

As is the case for physical source records (refer to 3.4), the destruction of digital records must also be carried out using a documented, authorised and secure process. Organisational units can contact RMAS if they require assistance.

3.5   Documenting the Destruction of Records

3.5.1   University's Enterprise Document and Records Management System

The University’s enterprise document and records management system (Micro Focus Content Manager also known as TRIM) is designed with functionality that supports compliant destruction practices. It caters for the capture of electronic records, it facilitates the registration of the existence of physical records, and captures audit trails associated with records. The features include:

  • Inbuilt functionality to facilitate the application of the legal retention requirements, their assessment for eligibility and to enact secure destruction after approval.
  • When a physical record has been registered into ‘Micro Focus Content Manager’, the destruction also involves the process described in 3.4 above, as well as the digital destruction process within this database.
  • The system automatically retains evidence via metadata of destruction activities, plus audit trails and these histories are permanently captured.
  • Only authorised RMAS staff are able to activate final destruction functionality.

3.5.2   Other electronic systems of records

The University has many other systems of records. However, the destruction of records captured within these systems is not straight-forward.

Prior to destroying digital records that are not within Micro Focus Content Manager UQ consumers are required to consult with the RMAS team for advice.

4.0   Roles, Responsibilities and Accountabilities

The roles and responsibilities outlined below are in addition to those defined in the Information Management Policy.

4.1   Vice-Chancellor and President

The Vice-Chancellor and President is responsible for ensuring that UQ complies with the Public Records Act 2002 (QLD), including the principles and standards established by the Queensland State Archives.

Responsibilities within this Act may be delegated, and authority is given to the Manager of Records Management for endorsement and approval of the final destruction activities of University records.

4.2   Chief Information Officer

The Chief Information Officer is responsible for:

  • Ensuring this procedure is reviewed every three years,
  • Ensuring RMAS is resourced to support this procedure.

4.3   Information Domain Custodian

Information Domain Custodians (Information Custodian) are responsible for ensuring that records under their domain are destroyed in accordance with this procedure.

This includes:

  • The delegation of responsibilities to Information Stewards as per section 4.4; and
  • Assurance that measures are in place to support compliance.
  • Record keeping compliance as defined in this procedure.

4.4   Information Stewards

Information Stewards are responsible for:

  • Providing assurance of the quality of digitised physical records,
  • Keeping destruction logs that includes destruction approvals,
  • Engaging with RMAS for:
    • Interpreting the retention requirements listed in the Queensland State Archives’ authorised retention and disposal schedules that apply to UQ.
    • Digitisation and metadata advice.
    • Records within University systems of records.

4.5   Manager of Records Management

  • The Manager of Records Management is responsible for authorising the destruction of UQ records as the delegate of the Vice-Chancellor and President.

4.6   Records Management and Advisory Services (RMAS)

RMAS staff are responsible for:

  • Supporting the destruction of UQ records under the supervision of the Manager of Records Management,
  • Assisting UQ Consumers with the processes documented in this procedure,
  • Advising UQ Consumers on best practices relating to Records Management,
  • Communicating to Information Stewards when a disposal freeze is issued or changes are made to the retention and disposal schedules,
  • Maintaining the disposal log and authorisation within an approved record keeping system as per 3.3,
  • Provide records management training programs to staff.

4.7   Managers and Supervisors

UQ managers and supervisors are responsible for ensuring their staff are disposing of records in accordance with this procedure.

4.8   UQ consumers

All UQ Consumers are responsible for complying with this procedure, ensuring records are kept for as long as they are legally required.

5.0   Monitoring, Review and Assurance

The Chief Information Officer (CIO) will ensure this procedure is reviewed every three years.

Information Stewards will ensure documented quality assurance processes to satisfy legibility, audibility, readability and completeness prior to the destruction of physical records or digital records.

Areas under the responsibility of the Information Stewards will be subject to quality assurance checks and record keeping compliance audits. These checks and audits will be carried out in partnership with the authorised officer delegated by the Information Steward and the authorised Records Management and Advisory Services’ delegate.

6.0   Recording and Reporting

An annual status report summarising records destruction activities, will be provided to the Information Technology Governance Committee (ITGC) by the Manager Records Management and Advisory Services.

7.0   Appendix

7.1   Criteria Matrix

The following criteria can be used for assessing the eligibility of records for destruction:

For further guidance on:  1) what information can be a “record” go to the advice provided by the lead agency for Queensland Government record keeping, Queensland State Archives  https://www.forgov.qld.gov.au/recordkeeping and

https://www.forgov.qld.gov.au/decide-what-capture-and-how .  2) Preferred digital record formats:  https://www.forgov.qld.gov.au/digital-record-formats For specific UQ advice contact:  Records Management and Advisory Services via UQCentralRecords@uq.edu.au

7.2   Resources

Source latest version from:  https://www.forgov.qld.gov.au/search-retention-and-disposal-schedule

  • PROCESS MAP – Destruction of Physical Paper Records (PPL Guideline Section)
  • TEMPLATE - Worksheet – Destruction Log and Approvals (PPL Form Section)

7.3   Related policies

7.4   Related legislation

  • Public Records Act 2002
  • Criminal Code Act 1899 (s.129)
  • Evidence Act 1995 (Cth)
  • Information Privacy Act 2009

8.0   Appendix - Definitions

Born Digital Records – Original records that have been initiated, created, transmitted/received within a digital environment. (e.g. email; email attachment)

Information Asset - A body of information, defined and managed as a single unit so it can be understood, shared, protected and exploited effectively. Information assets have recognisable and manageable value, risk, content and lifecycles.

Information Domain – a broad category or theme under which University information can be identified and managed. UQ uses the topics and entities outlined in the CAUDIT Higher Education Data Reference Model, in the context of business capabilities and organisation structures, as a guide to determine appropriate information domains.

Information Stewards - are responsible for the quality, integrity and use of an information asset on a day-to-day basis. An Information Steward may manage multiple information assets. The stewards are responsible for applying relevant policies, procedures and rules, including safeguarding the information from unauthorised access and abuse

Information Domain Custodian (Information Custodian) - is responsible for defining and implementing safeguards to ensure the protection of information. This must be done in accordance with the relevant policies and procedures.

Physical Source Records - A physical source record has a material presence and consumes workplace space (e.g. paper, microfilm, compact disk, VHS tapes, etc).

Source records – Documents, records or files (either paper or electronic) that remain after they have been copied, converted or migrated from one format or system to another.

Digitisation – In the context of this procedure, digitisation refers to the process undertaken to scan paper source records to produce an accurate digital representation of the document in a pdf format.

Retention and Disposal Schedules – Legally binding documents that govern decisions about retention and disposal of records. These official documents, all to be read in-conjunction with each other, have been authorised by Queensland State Archives, the authority on record keeping governance for public entities such as UQ. The schedules provide descriptions and other contextual information around specific classes of records and state the legal minimum retention obligations based on the status of the class of record e.g. Temporary – dispose after 7 years from last action; Permanent – Retain permanently by the University.

Disposal vs Destruction – In this document disposal and destruction are used interchangeably. However, destruction is the more correct term when we refer to undertaking the irreversible action of destroying the records to make them irretrievable. Disposal can refer to actions where the records change ownership, such as the transfer of records to another entity outside of UQ e.g. Queensland State Archives, and the records remain intact and retrievable at their new location.

Metadata - Metadata is descriptive information about a record that typically includes the author, title of the record, creation date and changes along with disposal information. Record metadata enables disposal authentication.

RMAS - Records Management & Advisory Services Is located within Information Technology Services (ITS) and is responsible for the strategic management of The University's recordkeeping systems, records of enduring value, developing policies and providing advice.

Custodians
Chief Information Officer Mr Rob Moffatt

Forms

Printer-friendly version

Destruction Log and Approvals - Form

Destruction Log and Approvals - Form

Printer-friendly version
Body
Description: 

Request for Approval - Destruction of eligible legally time expired records.

Custodians
Chief Information Officer Mr Rob Moffatt
Destruction of Physical Paper Records - Process Map Guideline

Destruction of Physical Paper Records - Process Map Guideline

Printer-friendly version
Body
Description: 

Process map - Destruction of Physical Paper Records.

 

PLEASE NOTE: For full details on Records disposal obligations pease refer to Destruction of Records - Procedure.

Custodians
Chief Information Officer Mr Rob Moffatt
Custodians
Chief Information Officer Mr Rob Moffatt
Custodians
Chief Information Officer Mr Rob Moffatt