Records Management Policy
The University acknowledges its obligations under information-related legislation, including the Freedom of Information Act (FoI) 2000, and Data Protection Act (DPA) 1998, as well as the Public Records Act 1958, and the importance to effective administration and governance of responsible and efficient practice in the area of records creation and records management. The purpose of this Policy is to provide a general framework through which staff can consider the efficient management of records.
For the purpose of this policy, ‘records’ are all those documents which facilitate University business and which are kept for a defined period in order to provide evidence of its activities. Records may be created, received, maintained or archived in physical or electronic format.
Records management is concerned with the efficient and systematic control of the creation, receipt, maintenance, use and disposition of records. It includes processes for capturing and maintaining evidence of, and information about, business activities and transactions in the form of records.
This Policy provides for the keeping of administrative records within the University and aims to:
- Ensure that records vital for the maintenance of University’s position as a leading academic institution are retained;
- Regulate and make more consistent the creation, maintenance and disposition of records;
- Ensure considered selection of University records, whether managed in departments or centrally, for permanent retention as an historic account of the University’s activities;
- Dispose of records not vital for business or historical purposes in an organised and efficient way.
Good records management requires appropriate and legally observant procedures and processes, so that records are organised in a systematic and recognised way. Good records are characterised by being available; in good order in terms of quality of content and their organisation; interpretable; authoritative; and in an accessible format.
Appropriate procedures and processes practised under good records management should be concerned with:
- Record creation and capture to ensure integrity and accessibility;
- Records storage and retrieval, whether in physical or electronic format, to support legal, efficient and effective records management whether on or off-site;
- Records protection and security, including legally observant protocols for access, back-up and disaster recovery;
- Records disposal, involving the routine use of recommended retention and disposal schedules which guide on legal, secure and confidential disposal, and which provide guidance as to when to recommend records for appraisal under the University Archives Selection Policy through which they might be permanently preserved within the University Archives;
- Records analysis, records surveys, and audits to support routine review of the need for their retention, whether or not retention is legally required.
Access and Preservation
- All records should be kept in a secure environment in order to prevent unauthorised access.
- Both current and non-current records in departments should be available only to the creating department, unless the Head of the creating department gives express permission for their access. All records, whether in current use or not, may be subject to FoI enquiries.
- Records which form part of the University Archives are subject to the Archives Access Policy.
- Records which relate to individuals, whether staff or students, are confidential and should be treated as such at all times and in accordance with the DPA.
- All records should be stored in an appropriate manner in order to ensure their physical protection.
Staff must ensure that records for which they are responsible are accurate, and are maintained and disposed of in accordance with any available records management guidelines.
Relationship with existing policies
This policy will operate in conjunction with other University policies, including:
- Freedom of Information policy (http://www.admin.ox.ac.uk/foi/)
- Data Protection policy (http://www.admin.ox.ac.uk/councilsec/dp/)
- Oxford University Archives (http://www.oua.ox.ac.uk/policies.html)
- Information Security – forthcoming.
 Non-current records are those records not in active use for administrative purposes by staff but which may need to be retained for a set period of time beyond active use for either legal purposes or for historic account.