Other activities and record types
Some activities and record types have additional considerations and recordkeeping requirements.
Find out how to manage these records.
Table of contents
You need to consider information privacy when managing your records, especially those that contain information about people.
You will need to make sure that appropriate access restrictions and permissions are applied to records that contain sensitive or personal information.
Draft documents are public records. How long you need to keep them will depend on the significance of the final document and the changes the draft shows.
What drafts to keep
You will need to capture and keep a draft if it:
- contains decisions, comments, feedback, annotations, requests, actions or any other kind of significant information that is not captured elsewhere and provides context to the development process or the final version
- helps with internal processes (e.g. so that a workflow approval can be initiated, or to show that a certain step in a process has been completed).
Some drafts need to be kept for a specified period of time (e.g. draft submissions and legislation). Check your retention and disposal schedule to find out how long you need to keep drafts.
When to destroy drafts
The General Retention and Disposal Schedule contains a record class for drafts.
Drafts that do not need to be kept can normally be disposed of under this record class when business use ceases so long as they meet the specific criteria listed.
Your agency will need to decide when the business use for those drafts ceases (e.g. immediately, next day, 6 months).
You can choose to implement a specific retention period for drafts if necessary (e.g. 6 months for all draft publications).
Electronic or digital signatures are a method of authenticating a person as the source of a digital message and indicates their approval of the information contained in the message.
Digital signatures include:
- digitised signatures–a scanned handwritten signature inserted as an image; use of signature blocks (e.g. on emails)
- online forms–Adobe forms; workflow approvals in applications (e.g. timesheets)
- touch screens–signature on a touch screen using a stylus as used by Australia Post courier delivery
- digital signatures–use of digital code and encryption technology to verify the contents of an digital document.
The Electronic Transactions (Queensland) Act 2001 provides for the use of digital signatures, as long as they meet 3 criteria:
- the signature identifies a person and indicates their intention (e.g. providing approval via an email)
- the signature is appropriate (reliable) for its purpose (noting that digital signatures offer greater security than digitised signatures)
- the person receiving the document consents to receiving a signature in electronic form.
Schedule 1 of the Act outlines exclusions regarding the use of digital signatures.
Implementing digital signatures
Your business may be subject to legislative provisions that require your records to be in a particular format.
In the absence of any specific legislative requirement, you should use a risk-based approach to deciding whether a digital or physical (wet) signature should be used.
If you are implementing digital signatures, you should:
- perform (and document) a risk assessment for the use of digital signatures–some records may require more robust forms of identification/authorisation than others (e.g. contractual documents over a certain value)
- undertake an environmental scan for business requirements or other legal or policy obligations that may require ‘wet’ signatures
- develop and document processes and/or any policies and related responsibilities regarding the use of digital signatures
- ensure any newly developed processes are understood so they can be implemented as standard business practice (for defensibility)
- ensure appropriate security measures are in place to prevent any unauthorised use of digital signatures
- appropriately manage the document to which the signature has been added as a record, to ensure it maintains its full and accurate characteristics throughout its life.
See the mythbuster on signatures .
The Queensland Law Society article Electronic signatures: When are they effective? provides more detail about the relationship between electronic/digital signatures and legislative framework for electronic communications.
Credit cards and associated data have their own set of recordkeeping requirements.
The Payment Card Industry Data Security Standard (PCI DSS) applies to all entities involved in payment card processing.
It contains specific mandatory requirements regarding the storage and disposal of credit card details.
- Sensitive authentication data (3 digit numbers on the back cards) should never be stored. This information must be destroyed immediately after the transaction has been authorised.
- Primary Account Number (PAN) (the card number), needs to be rendered unreadable when it is stored.
Destruction of credit card data
The General Retention and Disposal Schedule includes 2 record classes authorising the destruction of both cardholder and sensitive authentication data in accordance with the standard.
Consider your recordkeeping process for payments to ensure that cardholder data can be destroyed immediately or as soon as business use has ceased and that other required information can be stored for the required retention period.
What information can be kept?
Under the PCI DSS, the primary account number and any other credit card information must only be kept if there is a valid legal, business or regulatory need for that data.
If you do need to keep any information for a certain period of time after the card transaction has occurred, you must ensure that the cardholder data is stored or redacted in some way.
You will need to ensure that your system can meet the requirements in the standard. If you can’t, this information cannot be stored.
Include the capture and management of credit card data into your agency’s recordkeeping procedures, or include recordkeeping requirements in procedures for taking payments.
The diaries of local governments mayors and councillors are public records and need to be managed as such.
The Local Government Sector Retention and Disposal Schedule covers records created, received or kept by Mayors and Councillors in their official capacity, including official work diaries.
Find out what diaries to keep.
Personal emails and information relating to political parties generated by Mayors and Councillors when they are not acting in their official capacity are not public records.
The responsibility for running local government elections resides with the Queensland Electoral Commission.
Although election records can be sentenced under section 13.8 of the Local Government Sector Retention and Disposal Schedule, we recommend local governments also consult with the Electoral Commission about the retaining and disposing of these records.
If your agency has contact with lobbyists, you must capture and manage records relating to that contact.
The Integrity Act 2009 (the Act) governs the contact between lobbyists and the government including opposition representatives.
The Queensland Integrity Commissioner maintains the Register of lobbying contacts which is required under s68 of the Act.
See also the Crime and Corruption Commission's Lobbying (corruption prevention advisory).
Contact with a lobbyist
Contact with lobbyists includes telephone calls, emails, written mail and face-to-face meetings. Contact may also be through social media and other online channels.
It’s important that you capture the decisions and actions from these interactions with lobbyists to show there was no undue influence in providing an accountable and transparent government.
Ensure you record any contact with lobbyists on your agency’s register of contact with lobbyists by providing the:
- date of the meeting,
- title(s) and name(s) of government representatives,
- name of the lobbyist entity,
- name of the client
- purpose of the meeting.
How long to keep records of contact with lobbyists
Any records that you create can be sentenced under the General Retention and Disposal Schedule.
If you have contact with entities that are not considered lobbyists, these records can be sentenced according to the business activity they relate to.
Legacy records must be kept and managed for their full retention period.
Your agency is responsible for the ongoing management of legacy records created by your agency or inherited from another agency as part of a machinery-of-government change.
Legacy records should be sentenced under a current retention and disposal schedule. If there isn’t a schedule you can use to sentence the records, they cannot be destroyed. These records will must be kept and preserved until disposal authorisation is given.
Find out about disposal authorisation and how to develop or review a retention and disposal schedule.
If you are sentencing a large number of legacy records, find out how to sentence them in bulk.
Right to information requests
Any records which are subject to a request for access under the Right to Information Act 2009, the Information Privacy Act 2009 or any other relevant Act must not be destroyed until the action, and any applicable appeal period, has been completed.
A duty of care exists for agencies to ensure records that may foreseeably be needed as evidence in a judicial proceeding, including any legal action or a Commission of Inquiry, are not disposed of.
The destruction of evidence is an offence under the Criminal Code Act 1899 (s.129)–‘for a person, who knowing something is or may be needed in evidence in a judicial proceeding, damages it with intent to stop it being used in evidence’.
Internal processes should be implemented to meet this obligation. You may need to consult with your legal or Right to Information area.
If it is reasonably expected that a judicial proceeding may occur or if your legal team requests it, an internal disposal freeze can be issued for certain records. This will help to prevent them from accidentally being destroyed. For example, you could expect that you will need to retain property files that refer to the use of asbestos in buildings.
Once legal proceedings have finished, consider the potential future legal need for the records (e.g. for an appeal).
Records do not need to be resentenced once legal proceedings have finished and disposal freezes have lifted; however, they may need to be reassessed and resentenced based on their disposal trigger and the significance of the records (if it has changed).
Records will need to be kept for longer than the current retention period if there is a likelihood they will be required again.
Before destroying records, ensure that there is no further business or legal requirements for retaining them.
Backups of entire systems and information in case of failure are usually done for disaster recovery or business continuity purposes.
Your agency IT team will create and manage back-ups. You may need to ensure that:
- backups can be used to restore some or all records
- individual records can be extracted
- backups are managed appropriately, kept for as long as necessary and destroyed correctly.
You may need to consider:
- the backup cycle (e.g. daily, weekly or monthly)
- whether backups are incremental, full or a combination of both depending on when it’s done
- how critical the information being backed up is and how often it is changed in the application
- how often backups are tested to ensure that the system can be recovered from the backups
- how long backups are kept–they can be destroyed after business action completed under the General Retention and Disposal Schedule, however, you and your agency’s IT team will need to decide when that is
- whether your IT team knows how to extract individual records from the backup.
It may be necessary to have multiple backups in multiple locations. While this can make it difficult to destroy data, it may be necessary if a location or backup fails.
Why backups are not a recordkeeping system
Backups are not recordkeeping systems and should only be used for business continuity and disaster preparedness purposes. This is because they:
- save all your data as one collection of information or as an entire system–this makes it difficult to find information and manage retention periods
- are usually unable to ensure records remain accessible, usable and preserved for the entire time you need to keep the records
- don’t usually keep or maintain any of the metadata associated with the records
- use proprietary storage software meaning you need to pay to maintain access to your backups
- increase the risks to your records and information the longer you keep them, particularly if vendors change or go out of business
- are at risk of technological obsolescence if they rely on specific software or hardware.
Find out more about what to do with backups.
Information Standard 18: Information security (IS18) includes information on backup requirements and the appropriate disposal of media.