Records Retention and Disposal Schedule. Information Management

Size: px
Start display at page:

Download "Records Retention and Disposal Schedule. Information Management"

Transcription

1 Records Retention and Disposal Schedule Information Management

2 Version control Version Author Policy Approved By Approval Date Publication Date Review Due V 1.0 Information Governance Unit Philip Jones, Head of Information Governance 03/04/2012 April 2012 March 2013 Information Rights Staffordshire County Council asserts its right to be identified as the author of this Retention Policy and Schedule, and a statement to this effect must be clearly displayed when reproducing all or any part this document. Disclaimer This Policy and Schedule reflect the record keeping requirements of Staffordshire County Council. Staffordshire County Council accepts no liability if this Retention Schedule is used by individuals or organisations outside of the Authority.

3 Understanding Retention and Disposal Schedules Business Classification: Describes the business functions, activities and processes that records support Scope Notes: Further define the business function, activity or process that records support Retention Trigger / Closure Procedure: Defines the event that triggers the start of the retention period and/or closure procedure Retention Period: Specifies the length of time records must be kept following the retention trigger event Disposal Action: Specifies disposal action following end of retention period Authority: Identifies the legal, regulatory or business reasons that records need to be created, received and kept (even if requirements are not explicitly stated)

4 Contents Business Classification Page Corporate Governance 1 Information Management 1 Information Access Management 1 Access to Information Compliance Audit 1 Data Controller Notification 1 Copyright Administration 1 Public Sector Information Reuse Management 1 Data Sharing Protocol Development 1 Publication Scheme Maintenance 1 Information Security Management 1 Information Security Compliance Audit 1 Incident Response & Investigation 1 Records Management Programme Implementation 1 Records Management Compliance Audit 1 Classification Scheme Development & Maintenance 2 EDRMS Specification & Configuration 2 Re-organisation Rationalisation & Closure Planning Support 2 Retention Schedule Development & Maintenance 2 Records Storage Management 2 Disposal Processing 2 Records Migration 2 Retrieval Requests Processing 2 Transfer Processing 2 Surveillance Management 2 Investigatory Powers Regulation Monitoring 2 Index

5 Business Classification Scope Notes Retention Trigger (event triggering start of retention period) / Closure Procedure Corporate Governance Information Management Information Access Management Access to Information Compliance Audit Audit to ascertain compliance with access to information requirements Including: Privacy impact assessment Close records at completion of audit Data Controller Notification Notification data controllers to ICO Retention Period starts at Date Created Retention Period Disposal Action (following end of retention period) Authority Management of Information Assets Including: Information access management, Information security management, records management programme implementation, records storage & surveillance management Excluding: Strategic planning, policy & standards development, communications management, training provision, enquiries management & statutory complaints management Management of Information access Including: Publication scheme maintenance, compliance audit, privacy impact assessment, data controller notification, information rights management, copyright administration, reuse of public sector information, development of data sharing protocols Excluding: Enquiries management & statutory complaints management Retain records for 3 years Data protection Act 1998 Limitation Act 1980, Data protection Act 1998 Copyright Administration Administration of copyright Excluding: Licensing Retention Period starts at Retain records 6 year Copyright, Designs & Date Created Patents Act 1988 Public Sector Information Reuse Management Management of public sector information reuse Close records when licence expires or terminated Reuse of Public Sector Information Regulations 2005, Protection of Freedoms Bill Data Sharing Protocol Development Development negotiation & agreement of data Close records when Data protection Act 1998, sharing protocols Excluding: Formal legal agreements & contracts superseded or terminated Data Sharing Code of Practice 2011 Publication Scheme Maintenance Maintenance of scheme of published & publicly available information Close records when superseded Limitation Act 1980, Freedom of Information Act 2000 Information Security Management of information security Including: Incident response & investigation, compliance audit & Information Asset Register maintenance Management Information Security Compliance Audit Audit to ascertain compliance with information Close records at Retain records for 3 years Data protection Act 1998 security requirements completion of audit Incident Response & Investigation Response to & investigation of security breach incidents Records Management Programme Implementation Records Management Compliance Audit Audit to ascertain compliance with records management requirements Close records at conclusion of investigation, subsequent action, or resolution of incident Development & implementation of records management programme Close records at completion of audit Retain records for 3 years Limitation Act 1980, Computer Misuse Act 1990, Police & Criminal Evidence Act 1984 Page 1

6 Business Classification Scope Notes Retention Trigger (event triggering start of retention period) / Closure Procedure Classification Scheme Development & Maintenance EDRMS Specification & Configuration Development & maintenance of classification scheme(s) Including: Structuring & organisation of records & information systems Development, review & configuration of records management elements of electronic document & records management systems (EDRMS) Including: consultation Excluding: ICT systems design, development, integration & maintenance Close records when superseded Close records when implementation completed Retention Period Disposal Action (following end of retention period) Authority Business Need Re-organisation Rationalisation & Closure Planning Support Provision of records management planning & support required by re-organisation, rationalisation & closure of services & premises Close records following completion of reorganisation, rationalisation or closure Business need Retention Schedule Development & Maintenance Development & maintenance of records retention schedules Close records when SCC no longer responsible for all functions contained within schedule Retain records 0 years Records Storage Management Management of records storage Including: Storage capacity management, record transfer processing, retrieval request processing & disposal processing Disposal Processing Administration of records disposal processes Including: Identification of records due for disposal, review, disposal authorisation, transfer or destruction Close records following disposal of records to which destruction process documentation relates Records Migration Planning & implementation of records migration between systems, storage & migration or conversion to alternative media or formats Close records of migration when records destroyed Retain records 0 years Business need Retrieval Requests Processing Processing of requests to retrieve records from storage Close records following return of issued item(s) Transfer Processing Transfer of physical records into off-site storage Close records when Business Need records destroyed Surveillance Management Management of surveillance Including: Management of access to communications data, covert human surveillance & directed surveillance Investigatory Powers Regulation Retention Period starts at Monitoring Date Created Monitoring of investigatory powers processes Including: Access to communications data, covert human surveillance & directed surveillance Excluding: Carrying out of investigations & surveillance activities Retain records for 6 years Limitation Act 1980, Regulation of Investigatory Powers Act 2000 & Code of Practice Page 2

7 Index Business Classification Page Access to Information Compliance Audit 1 Classification Scheme Development & Maintenance 2 Copyright Administration 1 Corporate Governance 1 Data Controller Notification 1 Data Sharing Protocol Development 1 Disposal Processing 2 EDRMS Specification & Configuration 2 Incident Response & Investigation 1 Information Access Management 1 Information Management 1 Information Security Compliance Audit 1 Information Security Management 1 Investigatory Powers Regulation Monitoring 2 Public Sector Information Reuse Management 1 Publication Scheme Maintenance 1 Records Management Compliance Audit 1 Records Management Programme Implementation 1 Records Migration 2 Records Storage Management 2 Re-organisation Rationalisation & Closure Planning Support 2 Retention Schedule Development & Maintenance 2 Retrieval Requests Processing 2 Surveillance Management 2 Transfer Processing 2

Records Retention and Disposal Schedule. Waste Management

Records Retention and Disposal Schedule. Waste Management Records Retention and Disposal Schedule Waste Management Version control Version Author Policy Approved By Approval Date Publication Date Review Due V 1.0 Information Governance Unit Philip Jones, Head

More information

Staffordshire County Council. Records Retention and Disposal Policy

Staffordshire County Council. Records Retention and Disposal Policy Staffordshire County Council Records Retention and Disposal Policy Version Author Approved By Date Published Review V. 1.1 Information Governance Unit Philip Jones, Head of Information Governance 2/11/2012

More information

OFFICIAL. NCC Records Management and Disposal Policy

OFFICIAL. NCC Records Management and Disposal Policy NCC Records Management and Disposal Policy Issue No: V1.0 Reference: NCC/IG4 Date of Origin: 12/11/2013 Date of this Issue: 14/01/2014 1 P a g e DOCUMENT TITLE NCC Records Management and Disposal Policy

More information

Records Retention and Disposal Schedule. Property Management

Records Retention and Disposal Schedule. Property Management Records Retention and Disposal Schedule Property Management Version control Version Author Policy Approved By Approval Date Publication Date Review Due V 1.0 Information Governance Unit Philip Jones, Head

More information

WEST LOTHIAN COUNCIL RECORDS MANAGEMENT POLICY. Data Label: Public

WEST LOTHIAN COUNCIL RECORDS MANAGEMENT POLICY. Data Label: Public WEST LOTHIAN COUNCIL RECORDS MANAGEMENT POLICY RECORDS MANAGEMENT POLICY CONTENTS 1. POLICY STATEMENT... 3 2. PRINCIPLES... 3 DEFINITIONS... 4 3. OBJECTIVES... 4 4. SCOPE... 4 5. OWNERSHIP & RESPONSIBILITIES...

More information

Records Retention and Disposal Schedule. Human Resources Management

Records Retention and Disposal Schedule. Human Resources Management Records Retention and Disposal Schedule Human Resources Management Version control Version Author Policy Approved By Approval Date Publication Date Review Due V 1.0 Information Governance Unit Philip Jones,

More information

Caedmon College Whitby

Caedmon College Whitby Caedmon College Whitby Data Protection and Information Security Policy College Governance Status This policy was re-issued in June 2014 and was adopted by the Governing Body on 26 June 2014. It will be

More information

Highland Council Information Security Policy

Highland Council Information Security Policy Highland Council Information Security Policy Document Owner: Vicki Nairn, Head of Digital Transformation Page 1 of 16 Contents 1. Document Control... 4 Version History... 4 Document Authors... 4 Distribution...

More information

Information & ICT Security Policy Framework

Information & ICT Security Policy Framework Information & ICT Security Framework Version: 1.1 Date: September 2012 Unclassified Version Control Date Version Comments November 2011 1.0 First draft for comments to IT & Regulation Group and IMG January

More information

Records Disposal Schedule Construction Management Department of Construction and Infrastructure

Records Disposal Schedule Construction Management Department of Construction and Infrastructure Records Disposal Schedule Construction Management Department of Construction and Infrastructure Disposal Schedule No. 2010/4 July 2010 Page 1 For information and advice, please contact NT Records Service

More information

Disposal Authorisation for Information and Technology Management Records. Administrative Schedule No. 4

Disposal Authorisation for Information and Technology Management Records. Administrative Schedule No. 4 Disposal Authorisation for Information and Technology Management Records Administrative Schedule No. 4 July 2014 AUTHORISATION FOR THE COMMENCEMENT OF THIS SCHEDULE Issued under the National Archive and

More information

ROEHAMPTON UNIVERSITY DATA PROTECTION POLICY

ROEHAMPTON UNIVERSITY DATA PROTECTION POLICY ROEHAMPTON UNIVERSITY DATA PROTECTION POLICY Originated by: Data Protection Working Group: November 2008 Impact Assessment: (to be confirmed) Recommended by Senate: 28 January 2009 Approved by Council:

More information

General Records Authority 34

General Records Authority 34 General Records Authority 34 2014/00444390 Establishing & winding up entities & companies CONTENTS INTRODUCTION 3 APPLICATION OF THIS AUTHORITY 3 CONTACT INFORMATION 4 AUTHORISATION 5 ESTABLISHING & WINDING

More information

Information governance strategy 2014-16

Information governance strategy 2014-16 Information Commissioner s Office Information governance strategy 2014-16 Page 1 of 16 Contents 1.0 Executive summary 2.0 Introduction 3.0 ICO s corporate plan 2014-17 4.0 Regulatory environment 5.0 Scope

More information

WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY

WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY DATA LABEL: PUBLIC INFORMATION SECURITY POLICY CONTENTS 1. INTRODUCTION... 3 2. MAIN OBJECTIVES... 3 3. LEGISLATION... 4 4. SCOPE... 4 5. STANDARDS... 4

More information

Data Protection Policy

Data Protection Policy Data Protection Policy Owner : Head of Information Management Document ID : ICT-PL-0099 Version : 2.0 Date : May 2015 We will on request produce this Policy, or particular parts of it, in other languages

More information

Records Disposal Schedule Anti-Discrimination Services Northern Territory Anti-Discrimination Commission

Records Disposal Schedule Anti-Discrimination Services Northern Territory Anti-Discrimination Commission Records disposal schedule Records Disposal Schedule Anti-Discrimination Services Northern Territory Anti-Discrimination Commission Disposal Schedule No. 2015/12 August 2015 NT Archives Service For information

More information

Privacy and Cloud Computing for Australian Government Agencies

Privacy and Cloud Computing for Australian Government Agencies Privacy and Cloud Computing for Australian Government Agencies Better Practice Guide February 2013 Version 1.1 Introduction Despite common perceptions, cloud computing has the potential to enhance privacy

More information

Corporate Information Security Policy

Corporate Information Security Policy Corporate Information Security Policy. A guide to the Council s approach to safeguarding information resources. September 2015 Contents Page 1. Introduction 1 2. Information Security Framework 2 3. Objectives

More information

West Midlands Police and Crime Commissioner Records Management Policy 1 Contents

West Midlands Police and Crime Commissioner Records Management Policy 1 Contents West Midlands Police and Crime Commissioner Records Management Policy 1 Contents 1 CONTENTS...2 2 INTRODUCTION...3 2.1 SCOPE...3 2.2 OVERVIEW & PURPOSE...3 2.3 ROLES AND RESPONSIBILITIES...5 COMMISSIONED

More information

Cleveland Police. Data protection audit report. Executive summary November 2014

Cleveland Police. Data protection audit report. Executive summary November 2014 Cleveland Police Data protection audit report Executive summary November 2014 1. Background The Information Commissioner is responsible for enforcing and promoting compliance with the Data Protection Act

More information

Information Management Responsibilities and Accountability GUIDANCE September 2013 Version 1

Information Management Responsibilities and Accountability GUIDANCE September 2013 Version 1 Information Management Responsibilities and Accountability GUIDANCE September 2013 Version 1 Document Control Document history Date Version No. Description Author September 2013 1.0 Final Department of

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Document Number 01 Version Number 2.0 Approved by / Date approved Effective Authority Customer Services & ICT Authorised by Assistant Director Customer Services & ICT Contact

More information

Corporate Records Management Policy

Corporate Records Management Policy Corporate Records Management Policy Introduction Part 1 Records Management Policy Statement. February 2011 Part 2 Records Management Strategy. February 2011 Norfolk County Council Information Management

More information

Information Governance Policy A council-wide information management policy. Version 1.0 June 2013

Information Governance Policy A council-wide information management policy. Version 1.0 June 2013 Information Governance Policy Version 1.0 June 2013 Copyright Notification Copyright London Borough of Islington 2012 This document is distributed under the Creative Commons Attribution 2.5 license. This

More information

ICT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY

ICT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY ICT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY Version 1.0 Ratified By Date Ratified Author(s) Responsible Committee / Officers Issue Date Review Date Intended Audience Impact Assessed CCG Committee

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Version: Revised: Consultation: Ratified by: 1.0 Information Governance Committee Governance Committee Date ratified: 19 March 2008 Name of originator/author: David McGrath

More information

Version 1.0. Ratified By

Version 1.0. Ratified By ICT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY Version 1.0 Ratified By Date Ratified 5 th March 2013 Author(s) Responsible Committee / Officers Issue Date 5 th March 2013 Review Date Intended Audience

More information

ICT Policy. Executive Summary. Date of ratification Executive Team Committee 22nd October 2013. Document Author(s) Collette McQueen

ICT Policy. Executive Summary. Date of ratification Executive Team Committee 22nd October 2013. Document Author(s) Collette McQueen ICT Policy THCCGIT20 Version: 01 Executive Summary This document defines the Network Infrastructure and File Server Security Policy for Tower Hamlets Clinical Commissioning Group (CCG). The Network Infrastructure

More information

Date of review: January 2016 Policy Category: Corporate Sponsor (Director): Chief Executive CONTENT SECTION DESCRIPTION PAGE.

Date of review: January 2016 Policy Category: Corporate Sponsor (Director): Chief Executive CONTENT SECTION DESCRIPTION PAGE. Title: Information Governance Policy Date Approved: Approved by: Date of review: Policy Ref: Issue: January 2015 Information Governance Group Division/Department: January 2016 Policy Category: ISP-04 5

More information

Definition document for Health Bodies in Wales (including Local Health Boards, NHS trusts and Ambulance trusts)

Definition document for Health Bodies in Wales (including Local Health Boards, NHS trusts and Ambulance trusts) Freedom of Information Act 2000 Definition document for Health Bodies in Wales (including Local Health Boards, NHS trusts and Ambulance trusts) This guidance gives examples of the kinds of information

More information

Guideline for the Implementation of Retention and Disposal Schedules

Guideline for the Implementation of Retention and Disposal Schedules Guideline for the Implementation of Retention and Disposal Schedules Guideline for Queensland Public Authorities Queensland State Archives March 2014 Department of Science, Information Technology, Innovation

More information

Records Disposal Schedule. NT Fleet Management. Department of Corporate and Information Services. Disposal Schedule No. 2004/2

Records Disposal Schedule. NT Fleet Management. Department of Corporate and Information Services. Disposal Schedule No. 2004/2 DISPOSAL SCHEDULE FOR RECORDS OF THE NT FLEET SEPTEMBER 2003 Records Disposal Schedule NT Fleet Management Department of Corporate and Information Services Disposal Schedule No. 2004/2 June 2004 For information

More information

Data Protection Policy June 2014

Data Protection Policy June 2014 Data Protection Policy June 2014 Approving authority: Consultation via: Court Audit and Risk Committee, University Executive, Secretary's Board, Information Governance and Security Group Approval date:

More information

Lord Chancellor s Code of Practice on the management of records issued under section 46 of the Freedom of Information Act 2000

Lord Chancellor s Code of Practice on the management of records issued under section 46 of the Freedom of Information Act 2000 Lord Chancellor s Code of Practice on the management of records issued under section 46 of the Freedom of Information Act 2000 Lord Chancellor s Code of Practice on the management of records issued under

More information

Information Integrity & Data Management

Information Integrity & Data Management Group Standard Information Integrity & Data Management Serco recognises its responsibility to ensure that any information and data produced meets customer, legislative and regulatory requirements and is

More information

Merthyr Tydfil County Borough Council. Data Protection Policy

Merthyr Tydfil County Borough Council. Data Protection Policy Merthyr Tydfil County Borough Council Data Protection Policy 2014 Cyfarthfa High School is a Rights Respecting School, we recognise the importance of ensuring that the United Nations Convention of the

More information

Definition document for colleges of further education

Definition document for colleges of further education Freedom of Information Act Definition document for colleges of further education For the avoidance of doubt, this document covers further education colleges in England, Wales and Northern Ireland that

More information

LEEDS BECKETT UNIVERSITY. Information Security Policy. 1.0 Introduction

LEEDS BECKETT UNIVERSITY. Information Security Policy. 1.0 Introduction LEEDS BECKETT UNIVERSITY Information Security Policy 1.0 Introduction 1.1 Information in all of its forms is crucial to the effective functioning and good governance of our University. We are committed

More information

RECORD MANAGEMENT STANDARD OPERATING PROCEDURE (SOP)

RECORD MANAGEMENT STANDARD OPERATING PROCEDURE (SOP) RECORD MANAGEMENT STANDARD OPERATING PROCEDURE (SOP) STANDARD OPERATING PROCEDURE REFERENCE. PROTECTIVE MARKING PORTFOLIO OWNER SOP/156/08 NOT PROTECTIVELY MARKED Deputy Chief Constable Eamonn Carroll

More information

PARLIAMENTARY AND HEALTH SERVICE OMBUDSMAN. Records Management Policy. Version 4.0. Page 1 of 11 Policy PHSO Records Management Policy v4.

PARLIAMENTARY AND HEALTH SERVICE OMBUDSMAN. Records Management Policy. Version 4.0. Page 1 of 11 Policy PHSO Records Management Policy v4. PARLIAMENTARY AND HEALTH SERVICE OMBUDSMAN Records Management Policy Version 4.0 Page 1 of 11 Document Control Title: Original Author(s): Owner: Reviewed by: Quality Assured by: File Location: Approval

More information

Data Security and Extranet

Data Security and Extranet Data Security and Extranet Derek Crabtree Schools ICT Support Manager derek.crabtree@merton.gov.uk Target Operating Model 2011 Merton Audit Organisation name: London Borough of Merton Periodic plan date:

More information

Public Record Office Standard. Retention & Disposal Authority for Records of the Transport Accident Prevention and Assistance Functions

Public Record Office Standard. Retention & Disposal Authority for Records of the Transport Accident Prevention and Assistance Functions Public Record Office Standard PROS 14/01 Authority Retention & Disposal Authority for Records of the Transport Accident Prevention and Assistance Functions Version 2014 14/01 Issue Date: 15/08/2014 Copyright

More information

Information Governance and Assurance Framework Version 1.0

Information Governance and Assurance Framework Version 1.0 Information Governance and Assurance Framework Version 1.0 Page 1 of 19 Document Control Title: Original Author(s): Owner: Reviewed by: Quality Assured by: Meridio Location: Approval Body: Policy and Guidance

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY DATA PROTECTION POLICY Version 1.3 April 2014 Contents 1 POLICY STATEMENT...2 2 PURPOSE....2 3 LEGAL CONTEXT AND DEFINITIONS...2 3.1 Data Protection Act 1998...2 3.2 Other related legislation.....4 3.3

More information

University of Sunderland Business Assurance. Over-arching Information Governance Policy. Document Classification: Public

University of Sunderland Business Assurance. Over-arching Information Governance Policy. Document Classification: Public University of Sunderland Business Assurance Over-arching Information Governance Policy Document Classification: Public Policy Reference Central Register IG001 Policy Reference Faculty / Service IG 001

More information

IT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY

IT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY IT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY Version 3.0 Ratified By Date Ratified April 2013 Author(s) Responsible Committee / Officers Issue Date January 2014 Review Date Intended Audience Impact

More information

IT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY (for Cheshire CCGs)

IT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY (for Cheshire CCGs) IT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY (for Cheshire CCGs) Version 3.2 Ratified By Date Ratified November 2014 Author(s) Responsible Committee / Officers Issue Date November 2014 Review Date

More information

Protection. Code of Practice. of Personal Data RPC001147_EN_WB_L_1

Protection. Code of Practice. of Personal Data RPC001147_EN_WB_L_1 Protection of Personal Data RPC001147_EN_WB_L_1 Table of Contents Data Protection Rules Foreword From the Data Protection Commissioner Introduction From the Chairman Data Protection Responsibility of Employees

More information

(Joint) Information Management Strategy 2014-2017. April 2014

(Joint) Information Management Strategy 2014-2017. April 2014 49 (Joint) Information Management Strategy 2014-2017 April 2014 49 50 CONTROL SHEET FOR: (Joint) Information Management Strategy Strategy Details Comments / Confirmation (Joint) Information Management

More information

Document Management Policy

Document Management Policy Document Management Policy Introduction 1.1. The Snowdonia National Park Authority considers effective record management to be a key administrative function. It maintains records of its own internal functions

More information

Records Authority. Department of Health Private Health Insurance

Records Authority. Department of Health Private Health Insurance Records Authority 2012/00651438 Department of Health Private Health Insurance 2013 This is an accurate reproduction of the authorised records authority content, created for accessibility purposes CONTENTS

More information

RESOURCES MANAGEMENT FINANCE AND PURCHASING, STAFF, FACILITIES, ENVIRONMENTAL MANAGEMENT AND LEARNING AND RESEARCH INFORMATION SERVICES

RESOURCES MANAGEMENT FINANCE AND PURCHASING, STAFF, FACILITIES, ENVIRONMENTAL MANAGEMENT AND LEARNING AND RESEARCH INFORMATION SERVICES RESOURCES MANAGEMENT FINANCE AND PURCHASING, STAFF, FACILITIES, ENVIRONMENTAL MANAGEMENT AND LEARNING AND RESEARCH INFORMATION SERVICES Records about: Retention period Rationale Sector Function: Financial

More information

Information and Compliance Management Information Management Policy

Information and Compliance Management Information Management Policy Aurora Energy Group Information Management Policy Information and Compliance Management Information Management Policy Version History REV NO. DATE REVISION DESCRIPTION APPROVAL 1 11/03/2011 Revision and

More information

Essex County Council Policy for Information Management and Security

Essex County Council Policy for Information Management and Security Essex County Council Policy for Information Management and Security Title Author/Owner Status Essex County Council Policy for Information Management and Security Information Management IS Final Version

More information

ISO27001 Controls and Objectives

ISO27001 Controls and Objectives Introduction This reference document for the University of Birmingham lists the control objectives, specific controls and background information, as given in Annex A to ISO/IEC 27001:2005. As such, the

More information

Information Governance Policy

Information Governance Policy Information Governance Policy UNIQUE REF NUMBER: AC/IG/013/V1.2 DOCUMENT STATUS: Approved by Audit Committee 19 June 2013 DATE ISSUED: June 2013 DATE TO BE REVIEWED: June 2014 1 P age AMENDMENT HISTORY

More information

CCTV CODE OF PRACTICE

CCTV CODE OF PRACTICE CCTV CODE OF PRACTICE Policy area: Operation of CCTV on University Premises Definitions CCTV means Closed Circuit Television. Control Room(s) means those Control Rooms manned by Security staff at the City,

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Including the Information Governance Strategy Framework and associated Information Governance Procedures Last Review Date Approving Body N/A Governing Body Date of Approval

More information

Council Policy. Records & Information Management

Council Policy. Records & Information Management Council Policy Records & Information Management COUNCIL POLICY RECORDS AND INFORMATION MANAGEMENT Policy Number: GOV-13 Responsible Department(s): Information Systems Relevant Delegations: None Other Relevant

More information

Self assessment tool. Using this tool

Self assessment tool. Using this tool Self assessment tool How well does your organisation comply with the 12 guiding principles of the surveillance camera code of practice? Complete this easy to use self assessment tool to find out if you

More information

RECORDS MANAGEMENT POLICY

RECORDS MANAGEMENT POLICY Reference number RM001 Approved by Information Management and Technology Board Date approved 23 rd November 2012 Version 1.1 Last revised July 2013 Review date May 2015 Category Records Management Owner

More information

STFC Monitoring and Interception policy for Information & Communications Technology Systems and Services

STFC Monitoring and Interception policy for Information & Communications Technology Systems and Services STFC Monitoring and Interception policy for Information & Communications Technology Systems and Services Issue 1.0 (Effective 27 June 2012) This document contains a copy of the STFC policy statements outlining

More information

Document and Record Control Procedures

Document and Record Control Procedures Information Security Document Document and Record Control Procedures 1 Version History Version Date Detail Author 1.0 30/08/2013 Approved by Information Governance Jo White Group 2.0 27/09/2013 Changes

More information

Policy on Public and School Bus Closed Circuit Television Systems (CCTV)

Policy on Public and School Bus Closed Circuit Television Systems (CCTV) DEPARTMENT OF TRANSPORT Policy on Public and School Bus Closed Circuit Television Systems (CCTV) Responsibility of: Public Transport Division TRIM File: DDPI2010/3680 Effective Date: July 2010 Version

More information

RECORDS MANAGEMENT POLICY

RECORDS MANAGEMENT POLICY RECORDS MANAGEMENT POLICY Version 8.0 Purpose: For use by: This document is compliant with /supports compliance with: To outline the lifecycle of a record and to provide guidance on retention and disposal

More information

Scope and Explanation

Scope and Explanation The Moray Council Retention & Disposal Schedule for documents and records [paper and electronic] Scope and Explanation 1 Document Control Sheet Name of Document: The Moray Council Records Retention Schedule

More information

NOT PROTECTIVELY MARKED FORCE PROCEDURES. Using the Off-Site Storage Facility for Physical Records - v03. Records Manager

NOT PROTECTIVELY MARKED FORCE PROCEDURES. Using the Off-Site Storage Facility for Physical Records - v03. Records Manager FORCE PROCEDURES Using the Off-Site Storage Facility for Physical Records - v03 Procedure Reference Number: 2010.07 Procedure Author: Samantha Hampson Records Manager Procedure Review Date: February 2013

More information

Information Management Strategy. July 2012

Information Management Strategy. July 2012 Information Management Strategy July 2012 Contents Executive summary 6 Introduction 9 Corporate context 10 Objective one: An appropriate IM structure 11 Objective two: An effective policy framework 13

More information

POLICY TEMPLATE. Date initially approved: November 5, 2013 Date of last revision: same

POLICY TEMPLATE. Date initially approved: November 5, 2013 Date of last revision: same POLICY TEMPLATE Video Surveillance Category: Approval: Responsibility: Date: Operations PVP VP Finance and Administration Date initially approved: November 5, 2013 Date of last revision: same Definitions:

More information

Information and records management. Purpose. Scope. Policy

Information and records management. Purpose. Scope. Policy Information and records management NZQA Quality Management System Policy Purpose The purpose of this policy is to establish a framework for the management of corporate information and records within NZQA.

More information

Public Records (Scotland) Act 2011. NHS Health Scotland Assessment Report. The Keeper of the Records of Scotland. 5 th August 2015

Public Records (Scotland) Act 2011. NHS Health Scotland Assessment Report. The Keeper of the Records of Scotland. 5 th August 2015 Public Records (Scotland) Act 2011 NHS Health Scotland Assessment Report The Keeper of the Records of Scotland 5 th August 2015 Contents 1. Public Records (Scotland) Act 2011... 3 2. Executive Summary...

More information

University of Liverpool

University of Liverpool University of Liverpool Information Security Policy Reference Number Title CSD-003 Information Security Policy Version Number 3.0 Document Status Document Classification Active Open Effective Date 01 October

More information

DATA Protection Act - A Review of Version 7

DATA Protection Act - A Review of Version 7 DATA PROTECTION ACT POLICY Version 7.0 Document owner Director ICT Document author and enquiry point Alison Moss, IT Security & Access Manager Date of document June 2010 Version 7.0 Document classification

More information

University of Liverpool

University of Liverpool University of Liverpool IT Asset Disposal Policy Reference Number Title CSD 015 IT Asset Disposal Policy Version Number v1.2 Document Status Document Classification Active Open Effective Date 22 May 2014

More information

RECORDS MANAGEMENT POLICY

RECORDS MANAGEMENT POLICY RECORDS MANAGEMENT POLICY POLICY STATEMENT The records of Legal Aid NSW are a major component of its corporate memory and risk management strategies. They are a vital asset that support ongoing operations

More information

Management of Official Records in a Business System

Management of Official Records in a Business System GPO Box 2343 ADELAIDE SA 5001 Tel (08) 8204 8773 Fax (08) 8204 8777 DX:467 srsarecordsmanagement@sa.gov.au www.archives.sa.gov.au Management of Official Records in a Business System October 2011 Version

More information

Records and Information Management. General Manager Corporate Services

Records and Information Management. General Manager Corporate Services Title: Records and Information Management Policy No: 057 Adopted By: Chief Officers Group Next Review Date: 08/06/2014 Responsibility: General Manager Corporate Services Document Number: 2120044 Version

More information

Data Retention Policy

Data Retention Policy Headteacher: Mr. T. Griffiths Retention Policy Next to be reviewed: September 2017 Kettlethorpe Hall Drive, Standbridge Lane, Sandal, Wakefield, WF2 7EL Tel: 01924 303510 Fax: 01924 303514 www.kettlethorpehigh.co.uk

More information

Guidance for managing your records effectively (1)

Guidance for managing your records effectively (1) LINCOLNSHIRE COUNTY COUNCIL Information Governance Guidance for managing your records effectively (1) Document reference: IG.002 Operational date: June 2011 Policy prepared by: Christopher Johnson Policy

More information

Data Protection Policy

Data Protection Policy Data Protection Policy Responsible Officer Author Date effective from July 2009 Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date last amended December 2012 Review

More information

So the security measures you put in place should seek to ensure that:

So the security measures you put in place should seek to ensure that: Guidelines This guideline offers an overview of what the Data Protection Act requires in terms of information security and aims to help you decide how to manage the security of the personal data you hold.

More information

INFORMATION SECURITY MANAGEMENT POLICY

INFORMATION SECURITY MANAGEMENT POLICY INFORMATION SECURITY MANAGEMENT POLICY Security Classification Level 4 - PUBLIC Version 1.3 Status APPROVED Approval SMT: 27 th April 2010 ISC: 28 th April 2010 Senate: 9 th June 2010 Council: 23 rd June

More information

ICT SECURITY POLICY. Strategic Aim To continue to develop and ensure effective leadership, governance and management throughout the organisation

ICT SECURITY POLICY. Strategic Aim To continue to develop and ensure effective leadership, governance and management throughout the organisation ICT SECURITY POLICY Strategic Aim To continue to develop and ensure effective leadership, governance and management throughout the organisation Responsibility Assistant Principal, Learner Services Jannette

More information

Protection. Code of Practice. of Personal Data RPC001147_EN_D_19

Protection. Code of Practice. of Personal Data RPC001147_EN_D_19 Protection of Personal Data RPC001147_EN_D_19 Table of Contents Data Protection Rules Foreword From the Data Protection Commissioner Introduction From the Chairman Data Protection Rules Responsibility

More information

Information Management Policy

Information Management Policy Title Information Management Policy Document ID Director Mark Reynolds Status FINAL Owner Neil McCrirrick Version 1.0 Author Deborah Raven Version Date 26 January 2011 Information Management Policy Crown

More information

Implementing an Electronic Document and Records Management System. Key Considerations

Implementing an Electronic Document and Records Management System. Key Considerations Implementing an Electronic Document and Records Management System Key Considerations Commonwealth of Australia 2011 This work is copyright. Apart from any use as permitted under the Copyright Act 1968,

More information

Document Management in the FIPPA Era

Document Management in the FIPPA Era Document Management in the FIPPA Era Kathryn Frelick DISCLAIMER This Coffee Talk presentation is provided as an information service and is not meant to be taken as legal opinion or advice. Please do not

More information

Comcare Asbestos Related Compensation Claims & Workers Compensation Claim Management

Comcare Asbestos Related Compensation Claims & Workers Compensation Claim Management Records Authority 2010/00322036 Comcare Asbestos Related Compensation Claims & Workers Compensation Claim Management 2011 CONTENTS INTRODUCTION APPLICATION OF THIS AUTHORITY CONTACT INFORMATION AUTHORISATION

More information

ULH-IM&T-ISP06. Information Governance Board

ULH-IM&T-ISP06. Information Governance Board Network Security Policy Policy number: Version: 2.0 New or Replacement: Approved by: ULH-IM&T-ISP06 Replacement Date approved: 30 th April 2007 Name of author: Name of Executive Sponsor: Name of responsible

More information

Information Security Policy. Information Security Policy. Working Together. May 2012. Borders College 19/10/12. Uncontrolled Copy

Information Security Policy. Information Security Policy. Working Together. May 2012. Borders College 19/10/12. Uncontrolled Copy Working Together Information Security Policy Information Security Policy May 2012 Borders College 19/10/12 1 Working Together Information Security Policy 1. Introduction Borders College recognises that

More information

Module 3 Licensed Software TABLE OF CONTENTS. Version 3.0

Module 3 Licensed Software TABLE OF CONTENTS. Version 3.0 1 Module 3 Licensed Software Version 3.0 TABLE OF CONTENTS 1. AGREED TERMS AND INTERPRETATION... 2 2. LICENCE TERMS... 3 3. SUPPLY OF... 8 4. UPDATES AND NEW RELEASES... 9 5. OPEN SOURCE SOFTWARE... 10

More information

Not Protectively marked

Not Protectively marked Policy: Removal, Storage & Disposal of Vehicles Policy Approved date: Version 1-07/07/09 Version 2 (Review) 24/04/12 Version 3 Update 12/08/12 Owner: Ch Superintendent, Territorial Policing For release

More information

QUEENSLAND COUNTRY HEALTH FUND. privacy policy. Queensland Country Health Fund Ltd ABN 18 085 048 237. better health cover shouldn t hurt

QUEENSLAND COUNTRY HEALTH FUND. privacy policy. Queensland Country Health Fund Ltd ABN 18 085 048 237. better health cover shouldn t hurt QUEENSLAND COUNTRY HEALTH FUND privacy policy Queensland Country Health Fund Ltd ABN 18 085 048 237 better health cover shouldn t hurt 1 2 contents 1. Introduction 4 2. National Privacy Principles 5 3.

More information

Rotherham CCG Network Security Policy V2.0

Rotherham CCG Network Security Policy V2.0 Title: Rotherham CCG Network Security Policy V2.0 Reference No: Owner: Author: Andrew Clayton - Head of IT Robin Carlisle Deputy - Chief Officer D Stowe ICT Security Manager First Issued On: 17 th October

More information

BIG LOTTERY FUND Document archive and retention policy

BIG LOTTERY FUND Document archive and retention policy BIG LOTTERY FUND Document archive and retention policy December 2010 Sonia Howe Head of Information Governance For further information regarding retention schedules please contact Page 1 of 18 Version

More information

UNIVERSITY COLLEGE LONDON CCTV POLICY. Endorsed by the Security Working Group - 17 October 2012

UNIVERSITY COLLEGE LONDON CCTV POLICY. Endorsed by the Security Working Group - 17 October 2012 UNIVERSITY COLLEGE LONDON CCTV POLICY Endorsed by the Security Working Group - 17 October 2012 Endorsed by the Infrastructure IT Services Strategy Group - 18 October 2012 Reviewed and endorsed (with one

More information

RECORDS MANAGEMENT POLICY

RECORDS MANAGEMENT POLICY [Type text] RECORDS MANAGEMENT POLICY POLICY TITLE Academic Year: 2013/14 onwards Target Audience: Governing Body All Staff and Students Stakeholders Final approval by: CMT - 1 October 2014 Governing Body

More information

CLOUD-BASED BIM AND SMART ASSET MANAGEMENT: ADOPTING A SECURITY-MINDED APPROACH

CLOUD-BASED BIM AND SMART ASSET MANAGEMENT: ADOPTING A SECURITY-MINDED APPROACH CLOUD-BASED BIM AND SMART ASSET MANAGEMENT: ADOPTING A SECURITY-MINDED APPROACH March 2016 Disclaimer Reference to any specific commercial product, process or service by trade name, trademark, manufacturer,

More information

ISO 27001 Controls and Objectives

ISO 27001 Controls and Objectives ISO 27001 s and Objectives A.5 Security policy A.5.1 Information security policy Objective: To provide management direction and support for information security in accordance with business requirements

More information