RECORDS MANAGEMENT POLICY

Transcription

1 RECORDS MANAGEMENT POLICY 1. POLICY OBJECTIVE 1.1 The University of South Africa (Unisa) has the responsibility to manage, store and retain certain documentation, records and other forms of information for specific periods for the following reasons: 2. DEFINITIONS Document retention duties detailed in South African legislation; Retention of documents and records for business/operational purposes; The maintenance of evidence for possible future litigation, mediation, arbitration or disciplinary hearings; Good corporate governance and good records management practices; Processing public requests for information as detailed in the Promotion of Access to Information Act (PAIA) 2 of 2000; Securing records (evidence) for quality assurance purposes; and Routing/tracking/tracing active records via workflow for electronic processing and easy access to relevant employees. Record refers to recorded information, regardless of format or medium, which has been created, received, used, accessed and maintained by Unisa (and/or its predecessors) as evidence and information in pursuance of its legal obligations or in the transaction of business. Included are s, records in electronic form and records other than correspondence. Business record has a corresponding meaning; Active record refers to a record needed for daily administrative and/or operational functions. It refers to a record from the date of creation up to two years old. This record is kept in the office of origin; Approved Council

2 Inactive record Ephemeral record Records Manager Records Management Committee Archives refers to a record older than two years that is not needed for daily administrative duties by the office of origin and has been transferred to the Records Management Centre for the remainder of the retention period; is a non-archival record. A record that has passing value, limited to a specific time specified in the retention schedule; means the employee appointed to oversee the records management function within the Unisa; means a Committee established to oversee the records management function within the Unisa; refer to records older than twenty years containing permanent historical information or research pertaining to Unisa. These records are stored in the business archives. These records do not refer to the records preserved by the library archives and special collections; Business records Records other than correspondence Vital records File plan Filing system Taxonomy See definition of records ; refer to videos, film, sound records, microfiche, microfilm, photographs, pamphlets, maps, plans, registers, indexes, circulars, publications, financial records, etc. are those records that are essential for the continuation of business and those records, which protect the rights and interests of the organization, employees and students. It may also include records relating to employee compensation and benefits, insurance, valuable research findings, proof of ownership, financial interests, legal proceedings and decisions; is a pre-determined logical, systematic and hierarchical structure based on an organisation s business functions, activities and recurring transactions. This structure is used as a plan by which correspondence is kept in such a way that an office s requirements regarding the identification, arrangement, storage and retrieval of information and the disposal of records can be served best. It is also referred to as taxonomy; refers to a storage system (boxes, folders, shelves, electronic storage systems, etc.) in which records are stored according to a file plan; See definition of file plan ; Approved Council

3 Retention is a general term referring to the process of deciding which records to keep permanently (A20) and which records to be destroyed after they no longer serve a useful purpose (D).The retention schedule lists the types of records maintained by each department and specifies a period of time after which destruction is authorized as a matter of policy. The retention periods are indicated on the file plan next to the subject they refer to. The records retention schedule has three major objectives: Prompt disposal of records whose retention period has lapsed (D). Storage of records which must be temporarily retained after they are no longer needed in active use (D). Preservation of records with archival value (A20). Disposal refers to the actions taken with regard to records as a consequence of the expiration of their retention periods. Disposal is not synonymous with destruction. Disposal may involve one of the following activities: Transfer to a storage facility or records centre; Transfer of permanent records to archives; or Destruction of ephemeral records. Destruction refers to the physical disposal of documents of no further value by shredding, pulping, etc. 3. POLICY STATEMENT 3.1 The purpose of this policy is to: establish the framework needed for effective management of records. This policy provides mandatory stipulations on the creation, use, storage and disposal of Unisa records; ensure that Unisa complies with the legal retention periods as prescribed by referring to South African legislation and with the operational retention periods as prescribed by the Unisa operational requirements; ensure that important business records are easily located and readily accessible to Unisa and promote constitutional values such as efficiency, transparency and accountability; ensure that Unisa disposes of (destruction/transfer to archives) and deletes (destroy) unnecessary records in accordance to referring South African legislation and operational requirements; maintains the physical and electronic security of records; and retains records in such a manner that their admissibility and/or evidential weight is not compromised. Approved Council

4 4. APPLICABILITY 4.1 Records covered by this policy relates to all recorded information used in relation to all aspects of the business of Unisa. This policy is applicable to all offices and locations of Unisa. 4.2 Employees should be aware that electronic records have the same status as paper records. Both electronic and paper records are bound by the same legislative requirements and are subject to the same degree of confidentiality and care. 5. OWNERSHIP OF RECORDS 5.1 All records, irrespective of format, (i.e. paper and electronic, including s and other records) created or received by employees and independent contractors in the course of their duties, are the property of Unisa and subject to its overall control. 5.2 Employees leaving Unisa or changing positions within Unisa are to leave all records for their successors. 6. ROLES AND RESPONSIBILITIES OF THE RECORDS MANAGER 6.1 Operational responsibility for records management rests with the Records Manager. 6.2 The Records Manager is the custodian of the Records Management Policy. 6.3 The duties of the Records Manager include, but are not limited to, the following: Annually review this Policy with all associated records management policies and procedures. This policy, and any revisions, should be approved in accordance with the Policy: Policy/Rule Formulation Implementation, management and maintenance of the procedures detailed in this Policy and associated records management policies and procedures Assist in the correct identification, classification, retention, access, destruction and use of records Co-ordinate the implementation of the records management initiative within Unisa and record management training Manage an annual records management budget Review and update the File Plan to reflect any changes in Unisa functional areas and activities Review any requests for File Plan updates as submitted by employees through the System Change Request Form. Approved Council

5 6.3.8 Update the Master Copy of the File Plan on a monthly basis. The Master Copy contains all approved subjects and which indicates how files are opened Regularly update and maintain the Retention Schedules to reflect any changes in legal and operational retention requirements Provide proper care and storage for inactive records on and off site Regulate transfer of inactive records to the Records Management Centre Promote regular inspection of records and monitor compliance with this policy Implement measures to ensure security and protection of records Training of employees with regard to records management procedures. 6.4 The Records Manager performs the above-mentioned duties with the assistance of the Records Management Committee and may delegate any of the abovementioned duties to any employee. 6.5 The responsibilities of the ICT Department regarding records management are reflected in the respective policies. 7. ROLES AND RESPONSIBILITIES OF EMPLOYEES 7.1 Record keeping is an essential role of all employees. Every employee is responsible for making and keeping such records as may be necessary to fully and accurately record the functions, transactions, operations, decisions, administration and management of Unisa. 7.2 All employees are to comply with the procedures and guidelines as outlined in this Policy and the File Plan. 7.3 Employees are to follow authorised procedures (standard operating procedures) in carrying out records management functions, and must observe security, privacy and confidentiality requirements at all times, in accordance with the Information Security Policy. 8. ROLES AND RESPONSIBILITIES OF THE RECORDS MANAGEMENT COMMITTEE 8.1 The Records Manager establishes the Records Management Committee. 8.2 The Records Management Committee comprises of the Records Manager and designated officials within each department of Unisa. 8.3 The Records Management Committee is constituted and performs the duties as indicated in the terms of reference. Approved Council

6 9. FILING OF BUSINESS RECORDS 9.1 Records (both paper and electronic) may only be classified according to the authorised File Plan. 9.2 After implementation of the File Plan, no correspondence may be dealt with on any old File Plan used within the organisation. 9.3 No additions or revisions may be made to the File Plan without the approval of the Records Manager. 9.4 Only approved paper-based filing systems and electronic folder systems, based on the File Plan, may be used. 10. ACCESS TO RECORDS 10.1 Access to records is governed by the sensitivity classifications allocated to record series and detailed in the Information Sensitivity Classification Policy. Access to records by employees and third parties will be dealt with in accordance with the PAIA Manual Inactive records located in the Records Management Centre may only be accessed via the Records Manager and may only be accessed, copied and used upon the written authorisation of the Records Manager A record in the custody of Unisa must remain accessible to authorised individuals until final destruction In order to ensure continued access to electronic records that are migrated across technologies and technology platforms, such migration must be undertaken in accordance to the Records Migration Policy. 11. CONFIDENTIALITY AND NON-DISCLOSURE Employees may not disclose the nature and contents of any record to any person unless such disclosure is permitted in terms of the employee s job description, contract of employment or upon written authorisation from the Records Manager in consultation with the Executive Director: Legal Services. 12. STORAGE MEDIA AND FILE FORMATS When selecting storage media and file formats for electronic records, due consideration must be given to the security, integrity, and accessibility requirements of the records. 13. RECORD RETENTION 13.1 All original electronic and paper records are to be retained for the period stipulated in the File Plan under the heading Disposal Any deviations from these stipulated retention periods are to be authorised by the Records Manager in consultation with the Executive Director: Legal Services. Approved Council

7 14. RECORD DISPOSAL 14.1 The procedure for disposing of paper and electronic records is detailed in the Records Retention, Transfer and Destruction Procedures and must be adhered to at all times. All original records covered by this policy are disposed of using these procedures Paper or electronic records are not destroyed where litigation or audit investigations are pending or in process A Certificate of Destruction must be produced by the Records Manager to record the reason for the destruction of the original file, to meet statutory and regulatory requirements. The Certificate of Destruction must contain the signatures of the office of origin, the Executive Director: Legal Services and the Records Manager authorizing the physical destruction of the records. Certificates of Destruction must be retained indefinitely Unauthorized destruction or disposal of records or information may result in criminal prosecution and/or disciplinary action and where applicable, liability of damages and losses incurred by Unisa and its clients. 15. DESTRUCTION MORATORIUM 15.1 Whenever a request for discovery is received by Unisa in connection with litigation, all organized and periodic record destruction activities must immediately be placed on hold until the Executive Director: Legal Services determines whether these destruction activities jeopardize the record being sought for purposes of discovery in legal proceedings. These records should remain on hold until the legal proceedings have ceased When a PAIA request for access to a record is received by Unisa, all necessary steps must be taken to ensure that the relevant record is preserved in accordance to section 21 of the Promotion of Access to Information Act (PAIA). 16. INTEGRITY 16.1 All records will be identified, classified, retained, stored and protected in such a manner that their integrity is not compromised. In this regard, the Registrar and the Records Manager ensure that processes and applicable technology are implemented to safeguard the integrity of records across the record lifecycle The Records Manager with the assistance of the Executive Director: Legal Services provide guidelines and processes to ensure that records are admissible evidence in courts or disciplinary proceedings not withstanding the fact that such records were created, distributed or stored in electronic format The Executive Director: ICT ensures that the necessary technology is employed to prevent the unauthorized access, tampering and destruction of electronic records. Approved Council

8 17. DUTY OF CARE 17.1 Unisa has a duty to keep secure and accurate original records, or authentic copies of them. This is achieved by the Records Manager: ensuring the implementation of this policy ensuring the implementation of an Information Security Policy and the Registrar ensuring that only authorised employees have access to relevant records and information ensuring that acceptable quality control procedures are implemented ensuring that the Executive Director: Legal Services is consulted, and appropriate actions taken. 18. COMPLIANCE WITH THE RECORDS MANAGEMENT POLICY 18.1 Any employee that fails and/or refuses to discharge any duties detailed in this Policy and the associated procedures and instructions will be required to explain such failure and/or refusal in a disciplinary hearing. Disciplinary actions may result in dismissal. A claim of ignorance as to the existence and/or application of this Policy shall not be a ground for justification of non-compliance Any uncertainty as to the provisions of this Policy or any duty detailed herein will be directed to the Records Manager Adherence to the Records Management Policy will be annually reviewed. 19. IMPLEMENTATION OF POLICY Related policies of the former institutions that were in force prior to the commencement of this Policy are replaced with effect from the date on which Council approves this Policy. Approved Council

9 APPLICABLE LEGISLATION AND STANDARDS 1. Promotion of Access to Information Act, Act 2 of Electronic Communications and Transactions Act, Act 25 of ISO/SANS Approved Council