Understand your legislative obligations
The Records Governance Policy (external) has replaced Information Standard 31: Retention and disposal of public records, and Information Standard 40: Recordkeeping. These information standard have been repealed.
Any references to IS31 and IS40 may be taken as a reference to the current Records Governance Policy if the context permits.
Table of contents
It includes specific recordkeeping requirements that all agencies must comply with–what records need to be kept, by who, and why.
These requirements need to be included in your recordkeeping plan so that you meet your obligations under the Act.
Section 6: What is a public record
A public record is a record created, received or kept by a Queensland public authority in the course of their statutory, administrative or other public responsibilities.
Ministerial records are also public records. These include records created or received by the Minister in the course of carrying out their Ministerial portfolio responsibilities. A Ministerial record does not include records related to personal or party-political activities or records held in the Minister’s capacity as a member of the Legislative Assembly.
Some records need to be kept temporarily–anywhere from 2 to 100 years (or more).
Some records have a permanent value to the state and will come to Queensland State Archives (QSA) once their business use ceases. QSA keeps these records and enables the public to access them once any restricted access period has expired.
Section 7: Making and keeping of public records
Records must be kept safe and secure until you’re legally able to destroy or transfer them to QSA.
You must also have regard to any relevant policy, standards and guidelines made by the State Archivist about the making and keeping of public records. This includes the Records Governance Policy.
Section 8: Custody and preservation of public records
This section applies to agency responsibilities for records within their custody, possession or control (e.g. physically in your offices, off-site).
Records in your control will include:
- any that you’ve created or received in the course of your normal business
- any records inherited or transferred to you as part of a machinery-of-government or administrative change or as specified in legislation
- any records created or received on your behalf (e.g. when outsourcing functions).
If your agency is subject to a machinery-of-government (MOG) or administrative change, you need to establish responsibilities for transferring or receiving records.
MOG and administrative changes may make it necessary for relevant and responsible public authorities to be assigned though a regulation.
Section 9: Ownership of public records
Public records are owned by the State of Queensland or the relevant local government.
Section 13: Disposal of public records
You cannot destroy records without authorisation from the State Archivist.
Authorisation is usually provided in a retention and disposal schedule.
You need to get sign-off from your CEO (or authorised delegate) and document the destruction of your records.
In some cases, records may be authorised using another piece of legislation or a legal authority. Always check with QSA before you consider any destruction in this situation.
These sections deal with agency responsibilities for the custody of records in their possession and access to records held by QSA.
A relevant public authority is an agency with responsibility for, and control of, records previously created by an agency that no longer exists. Responsibility for the records must have been assigned by a regulation under the Public Records Act 2002. The records must relate to a function that is no longer performed by government and must not be in the custody of QSA.
The relevant public authority takes on all the recordkeeping responsibilities for managing and preserving the inherited records.
A relevant public authority may become a responsible public authority if the records involved in a MOG or administrative change are already in QSA’s custody or are later transferred to QSA.
A regulation under the Public Records Act 2002 is required to assign a relevant or responsible public authority if:
- the functions involved are not being continued by the government
- the previous responsible agency no longer exists
- a responsible agency has not been identified by legislation.
When a responsible or relevant public authority needs to be assigned by a regulation under the Act, it is usually under s15 or s8.
Section 16, 18 & 19: Restricted Access Periods (RAPs)
Sections 16 to 20 of the Act deal with access to records and restricting access for a certain amount of time.
Find out about Restricted Access Periods (RAPs).
Section 16 of the Act sets out the maximum RAPs that can be applied and to which types of records. Use this to determine a RAP when you transfer records to QSA.
Under section 18, you need a regulation to restrict access to records for more than 100 years, or for privacy, security or preservation reasons.
Section 19 sets out when and how a RAP can be changed by the responsible public authority (e.g. legislative or regulatory change, passage of time provides a different perspective on the sensitivity of information).
Sections 17, 18 and 20: Access to records
If a record’s RAP has ended, then we must allow public access to that record.
Access to any record can be denied by the State Archivist for various reasons (e.g. a record in a poor state of repair may be damaged further). Section 18 details those reasons.
If a record is still under a RAP, access to that record can be granted with specific authorisation from the responsible public authority or by application under the Right to Information Act 2009.
Section 26: Authorisation to dispose of records
Under section 26, the State Archivist may authorise the disposal of public records or classes of public records, usually upon application by, or with consent from, the public authority that controls those records.
Authorisation to dispose of public records is usually granted through an approved retention and disposal schedule.
Schedule 2: Definition of a public authority
All public authorities are obliged to follow the Public Records Act 2002 when managing their records.
A public authority is a government agency or organisation defined as a public authority under Schedule 2 of the Public Records Act 2002. This includes:
- Ministers and Assistant Ministers
- the Governor
- the Executive Council
- organisations created by the Governor, a Minister or through legislation
- commissions of inquiry
- government owned corporations
- entities established by the State and a local government
- officers of the court
- a rail government entity under the Transport Infrastructure Act 1994
- local governments.
There are a number of standards designed to help you meet your recordkeeping requirements.
Policies, standards and guidelines issued by the State Archivist
The State Archivist has issued the following policies, standards and guidelines:
- Records governance policy
The Records Governance Policy lays out six requirements that agencies must meet.
- Records governance policy implementation guideline
The records governance policy implementation guideline supports the Records Governance Policy. It provides advice and information on how organisations can meet their recordkeeping obligations and improve their recordkeeping maturity.
- Ministerial records Policy
The ministerial records policy establishes how Ministers, Assistant Ministers and ministerial staff can fulfil their recordkeeping responsibilities.
- Disposal freeze policy
The disposal freeze policy sets out the conditions under which the State Archivist may issue a disposal freeze to postpone the destruction of public records that are at risk of being lost or may be required for longer retention periods.
- Source records disposal guideline
The source records disposal guideline outlines the conditions that must be met before source records can be destroyed after they have been migrated, digitised or converted.
- Queensland recordkeeping metadata standard and guideline
The Queensland recordkeeping metadata standard and guideline (QKRMS) identifies metadata elements required to manage records in accordance with best practice and provides guidance on implementation.
- QSA records storage standard
The QSA records storage standards are a voluntary code of best practice that can be used to assess storage facilities and conditions for both physical and digital records.
Standards to assist the management of records and information
The following standards can help Government departments meet their recordkeeping requirements. They are issued under the Queensland Government Enterprise Architecture (QGEA) and not by the State Archivist.
These standards are mandatory for Government departments only. However, for agencies outside this scope, these standards provide best practice guidance on how to optimise your records and information management.
Information Standard 18: Information security (IS18) aims to help agencies implement a consistent approach to information security and the protection of information assets.
Information Standard 33: Information access and use (IS33) seeks to encourage the sharing of government information by listing four policy requirements in regard to the government information access, exchange and licensing.
Information Standard 34: Metadata (IS34) provides the minimum requirements for managing metadata of government information and information assets.
Information Standard 38: Use of ICT services, facilities and devices policy (IS38) seeks to ensure the implementation of consistent policies and practices in the management of employee use of ICT services, facilities and devices.
Information Standard 44: Information asset and custodianship policy (IS44) requires government departments to identify and manage their information assets throughout their lifecycle.
Your agency will have other regulatory requirements due to legislation, regulation, whole-of-government or internal policies, standards or similar instruments (e.g. Information Privacy Act 2009, Right to Information Act 2009).
You can find out what legislation applies to your agency in the Queensland Arrangements Administrative Order, your annual report and other publications, internal documents and talking to other employees.
See also legislation for the public service.
We recommend that you find and read all relevant legislation to understand your obligations and how they impact your recordkeeping.
You will need to identify the legislative requirements you must meet, including requirements in the Public Records Act 2002.
Find out your requirements and obligations under the Public Records Act 2002.
To identify your regulatory requirements, you need to look at any relevant documentary sources (e.g. legislation, policies, guidelines, codes of practice, etc) and identify any requirements that apply to you and your work.
You should also look for regulatory requirements that relate to:
- the industry or business sector in which your organisation operates
- your agency’s functions, and
- the specific activities or transactions carried out by your organisation.
Most recordkeeping requirements are not written explicitly in legislation. The following keywords and phrases may help you find requirements:
- ‘There shall be a register of licences’ means that the register is a record and must be captured
- ‘The form must include the applicant’s name and date of birth’ means that specific information must be captured
- ‘Applications must be lodged using an official form’ means that the record must be created in a specific format
- ‘The Registrar must keep all approved applications for a period of seven years from the date of their lodgement’ means that the record must be kept for a certain amount of time
- ‘The Registrar must destroy all unsuccessful applications one year after the date of their lodgement’ means that the record must be destroyed after a certain amount of time
- ‘The register must be open for inspection by the public’ means that access must be provided to the record
- ‘Applications must be stored in such a way as to keep their contents private’ means that access to the record is restricted.
See also a list of keywords that may indicate recordkeeping requirements.