Think of a shared drive used to keep records: the shared drive is the technology component of your recordkeeping system. The technology needs to be supported by:
- people who use it
- a formal policy that identifies the shared drive as the technology that manages records
- procedures that explain how employees should use the technology to manage records (e.g. how to identify and capture records)
- tools that help control records (e.g. naming conventions that explain how to title folders and documents).
Katie knows that a key piece of legislation says that forms submitted by customers to her agency need to be kept for 25 years. This means that when she starts thinking about her agency’s recordkeeping system, she will need to make sure she has:
- a suitable recordkeeping application or business system that can keep the forms accessible for a long time
- training and awareness about how to capture the forms
- the right processes to make sure that employees know that they need to capture the forms.
An internal procedure for investigating complaints about an employee might require your agency to check if there have been any previous complaints about that employee. Even though there is no mention of this in legislation, there would be a business need to keep a record of past complaints. The hidden requirement here is that, for future business use, we need to create records that document complaints about employees.
When capturing an email into an eDRMS, in the title field enter ‘Email from [First Name] [Surname] from [Department] regarding [Subject of email]’.
For agencies that have clients, a naming convention might state how to capture their details (e.g. John Smith or SMITH John or SMITH John 01/01/1950 or John SMITH ID1234567).
- Only save business related documents into a recordkeeping application. Manage personal documents in personal drives.
- Documents may be queued for deletion and the Information Management Director is able to purge these documents following a formal review process.
- The Information Management Unit will create all files.
- Create all documents, records and files with a default security classification of X-IN-CONFIDENCE.
- Queensland Government information security classification framework.
|Number of new files registered in the corporate recordkeeping system||925|
|Number of new electronic documents created in corporate recordkeeping system||12742|
|Number of new physical documents scanned and placed in corporate recordkeeping systems||87|
|Number of RTI/IP search cases processed||5|
|Number of boxes of time-expired files approved for destruction||224|
|Number of helpdesk requests processed||75|
|Number of boxes permanently retrieved from offsite storage provider||36|
|Costs of offsite storage||$X|
See the following examples of fields and entries in a vital records register:
- Record type and description: public authority’s revenue, expenditure, debt recovery, contracts, licences, legal documents, and records scheduled for permanent preservation in an approved retention and disposal schedule
- Explanation: why the records would be of high risk if they were not available (e.g. accounting records would be considered vital records when current and/or unaudited)
- Location: off-site, storage facility, data centre
- Date for review; Date scheduled for disposal: retain minimum of 7 years after end of financial year in which transaction was completed, then destroy
- Format: paper, microfilm, tape, digital
- Accessibility requirements: who is authorised to access the records, will the records be required in the event of a service disruption
- Responsible department or work area (e.g. Corporate Services–financial management)
- Application location (if digital): PDF, network drive, eDRMS
- Title or unique identifier: if applicable
- Frequency of update: how often will this document need to be updated to remain effective in the recovery of business operations.
|Develop and implement compliant and accountable recordkeeping systems and processes throughout the public authority within the next 5 years|
|Strategies||Key Performance Indicator||Timeline|
1. Develop and implement strategic and operational implementation plans that cover all recordkeeping activities within the public authority by December 2017
2. Develop an approved retention and disposal schedule in consultation with QSA by October 2018