Endorsed by the Library Committee - 5 April 2022.
Contents
1. Policy statement
UCL’s records form an auditable account of its activities, providing evidence of decisions and actions. They are a vital asset, which support UCL’s daily functions, and protect its interests and rights. Effective record-keeping supports efficiency, continuity and consistency of work and enable UCL to carry out its mission. Records management ensures that the right information is created, captured, stored, retrieved and disposed of in accordance with UCL’s business needs and statutory and regulatory requirements.
UCL will implement good records management across the whole organisation, based on ISO 15489, best practice and the principles adopted in this policy.
With the exception of records loaned to it, or held on behalf of other parties, UCL’s records are its property. They, and the information they contain, do not belong to any Faculty, department or individual member of UCL, and ownership may not be transferred without proper authority.
1.1 Records management principles
UCL has adopted the following principles of good records management:
- Records are a vital resource, and should be managed accordingly throughout their lifecycle.
- Records management is a responsibility of all staff, and staff should be trained to manage their records.
- Records should be created, stored and managed electronically, unless specific and identified requirements apply, in identifiable record-keeping systems.
- Records should be accessible and shared.
- Records should not be duplicated.
- Records should be disposed of in accordance with the UCL Records Retention Schedule.
- Records should be adequately protected and secured.
- Records should be managed in accordance with legislation.
- Records deemed of historical significance should be permanently preserved.
- Records management practices must UCL’s values of openness, ethically acceptable standards of conduct and environmental sustainability.
2. Definitions
2.1 Documents and records
Documents are written information in any medium or format, created, received or maintained by UCL in the course of its activities. Some documents are ephemeral and should never enter a records management system. Some will need to be kept as evidence of activities or transactions, or in consequence of legal obligations. These are records, and should be placed into a record-keeping system. All records begin life as documents, but not all documents become records.
Authoritative records have the following characteristics:
- They are authentic – they can be proved to be what they seem to be, and to have been created by the person who is supposed to have created them, and at the time claimed. Systems should control the creation and maintenance of records so as to ensure their creators are authorised and identified, and that the records are protected against unauthorised alteration and deletion.
- They are reliable – their contents can be trusted as a full and accurate representation of the activities or facts to which they attest, and can be depended upon in the course of subsequent activities.
- They have integrity – they are complete and protected against unauthorised alteration. Authorised alterations, such as annotations, additions or deletion, are indicated and traceable.
- They are usable – they can be located, retrieved, presented and interpreted. They are capable of subsequent presentation as directly linked to the activity that produced them. The context and links between records maintain the information needed to understand the activities that created and used them. It should be possible to identify a record in the context of broader activities.
2.2 Records management
Records management is the function of creating and organising documents and records to ensure they provide such evidence, that they can be located and retrieved when needed, and are timeously disposed of by destruction or transfer to an archive. Although not all documents become official records, all documents and records must be managed appropriately throughout their lifecycle, from creation to disposition. Accordingly, UCL will make explicit decisions about processes affecting documents and records – including capture and classification, access and disposition - as close as possible to the point of creation.
3. Context
3.1 Objectives and scope
The objectives of this policy are to establish and support:
- A consistent approach to and standards for records management across UCL.
- Compliance with the legislative and regulatory framework affecting record-keeping.
- A clear governance structure for monitoring and reporting on records management.
- Awareness of records management principles and responsibilities in UCL.
The policy applies to all records created, received and maintained by UCL Staff in the course of official business, in all media and formats, and of any age. ‘UCL Staff’ means those employed by UCL, including those who hold honorary contracts. It also includes service providers which process or come into contact with UCL’s records, staff of third party organisations, contractors, consultants, researchers, volunteers and those on student placements.
The Policy applies to all locations in which UCL’s records are created, received and accessed, including individuals’ homes.
3.2 Legislation and standards
This policy and associated guidance have been developed in the context of legislation, professional standards and codes of practice. UCL will manage its records in accordance with:
- ISO 14721:2012 Open archival information system
- MoReq2010 Modular requirements for records systems
- BS EN 15713:2009 Secure destruction of confidential material
- Lord Chancellor’s Code of Practice on the management of records issued under section 46 of the Freedom of Information Act 2000 (2009)
- BS 10008:2020 Evidential weight and legal admissibility of electronic information
- Environmental Information Regulations 2004
- Freedom of Information Act 2000
- Data Protection Act 2018
- ISO 15489:2001 Records management.
3.3 Related policies
This policy has been developed in the context of the following UCL policies:
- Information Security Policy 2016
- Research Data Policy 2020
- CCTV Policy 2018
- Environmental Information Policy 2017
- Freedom of Information Policy 2017
- Data Protection Policy 2019
- Cultural Property Policy 2009
- Email Policy 2017
- Digitisation Policy
4. Roles and responsibilities
All UCL Staff must:
- Create and maintain accurate, authentic and reliable records appropriate for their role.
- Ensure these records are held on UCL systems and hardware.
- Apply everyday good practice to their records, including use of document control practices (naming conventions and version control), following relevant filing rules and saving emails to shared information systems.
- Follow UCL’s information security procedures and guidance to protect records from unauthorised access.
- Apply the UCL Retention Schedule to their records, so that records are kept locally only as long as they are required, and destroyed securely or transferred long-term or permanent retention.
- Complete mandatory training in relation to records management, data protection and information security.
- Arrange handover of records they hold before leaving UCL.
The Pro-Vice-Provost (UCL Library Services) has senior management responsibility for records management, reporting to the Chief Operating Officer on relevant topics and risks.
The SLMS Senior Information Risk Owner provides assurance to the Provost on the management of information risk in UCL.
The Head of Records is responsible for recommending records management strategy and policies to the Library Committee, leading the records management programme for physical records, and promoting good practice.
Deans, Heads of Professional Services and Heads of Department are responsible for implementing the policy in their areas. This should include:
- Assigning responsibilities for records management.
- Liaising with the Records Office on the retention of their records, and arrangements for transfer and disposal of physical records.
- Ensuring appropriate access rights to information assets and systems.
- Ensuring staff undertake relevant training.
- Liaising with Information Services on plans for IT systems that affect the integrity of records.
The Director of Information Services is responsible for:
- Working with record creators to plan and develop central systems to meet UCL’s records management requirements.
- Maintaining UCL’s IT systems to ensure the records held in them remain authentic, reliable and usable throughout their lifecycle and system changes, including format conversion and migration.
- Agreeing exit strategies for IT systems that hold official records, so that retention requirements can be met.
5. Policy
Each department must have in place adequate systems for documenting its principal activities and ensuring that it creates and maintains records possessing ‘authenticity, reliability, integrity and usability’ (ISO 15489).
There must be a clear allocation of responsibility within departments for all aspects of record-keeping, including classification and secure disposal. Shared drives, mailing lists and role accounts should be used as a default.
Line managers should ensure that when a member of staff leaves, responsibility for records held on personal drives or other areas not accessible to colleagues is transferred to another member of staff; and out of date information deleted. The Information Security Policy Guideline Handling Computer Accounts and Electronic Data of Leavers should be followed.
Records systems must be adequately documented, so that their effective operation does not depend on the memory of individual members of staff. They should also be periodically reviewed, and modified where necessary, to ensure that they continue to support local needs. In particular, electronic systems storing data that may be required for evidential purposes should be regularly monitored and audited: it must be possible to demonstrate the reliability of the system, so that the integrity of the data cannot be questioned.
5.1 Creating records
Records must be accurate and complete, so that it is possible to establish what decisions and actions have been taken, and why. The quality of the records should allow staff to carry out their work efficiently, demonstrate compliance with statutory and regulatory requirements, and ensure accountability and transparency expectations are met.
Information should be compiled at the time of the event or transaction to which it relates, or as soon as possible afterwards, and protected from unauthorised alteration or deletion. Where relevant, templates should be used, so that documents are produced consistently and quickly.
Standardised referencing and titling are essential, so that information can be promptly identified and retrieved. Naming conventions and glossaries should be used to ensure the consistent use of terms. Version control is also required for the drafting and revision of documents, so that different versions can be distinguished and the latest version readily identified.
5.2 Classification
Records must be organised logically, so that they can be easily and speedily retrieved. A classification scheme or filing structure should be used, based on an analysis of a department’s functions and activities, to ensure that documents are organised appropriately and consistently. Similar records should be grouped together: if the contents of folders are too diverse, it will be difficult to locate material and assign appropriate retention periods.
5.3 Access
It must be possible for staff to retrieve the information they need to carry out their work. Paper records that are consulted frequently should be kept close at hand within the immediate office space. Local filing rooms or ‘archives’ must not be used. Semi-current records (i.e. those referred to occasionally or which need to be retained for legal or regulatory reasons) should be stored off-site. Off-site storage semi-current physical records is managed by UCL Special Collections: third party storage services are not permitted.
Records must be made available as widely as possible. Information that other staff use or may require must be stored on a shared drive or within a centralised filing system, so that departments can operate efficiently when individuals are absent. Where appropriate, data should also be shared across UCL in order to avoid wasting resources recreating information that already exists and storing duplicate data unnecessarily. Information that is only accessible to a single person or team should therefore be kept to a minimum.
5.4 Security
Appropriate levels of security must be in place to prevent the unauthorised or unlawful use and disclosure of information. Paper records containing confidential information must be stored in locked cabinets or rooms when not in use, and access only provided to authorised staff. Screens should be locked when computers are unattended. Restricted electronic data should be protected through the use of access controls and, where appropriate, encryption.
Information held in electronic systems must be also protected from accidental or unauthorised alteration, copying, movement or deletion: if possible, the systems should maintain audit trails allowing all actions to be to be traced to specific people, dates and times. It is essential that any data held on portable storage devices, such as laptops, USB flash drives, portable hard drives, CDs, DVDs, and any computer not owned by UCL, is kept secure and protected from theft.
5.5 Preserving records
Departments should develop procedures to ensure that records of continuing value remain accessible, usually on a network drive or central server, so that they are backed up and safeguarded from hardware and software failure. Records must be stored in conditions appropriate to their medium and format, taking into account operational needs, retention periods and costs. They should be protected in storage from potential hazards, such as fire and flood, and environmental conditions within storage areas must be maintained at stable levels to minimise the risk of the records deteriorating.
5.6 Retention and disposal
Records retention is governed by the UCL Records Retention Schedule. Retention periods are determined in accordance with legal and regulatory requirements, and to meet business needs by:
- Retaining information about decision-making, to inform future decisions and activities.
- Retaining evidence of activities to support accountability.
- Scheduling destruction of records which are no longer needed.
Records should not normally be retained beyond their retention period. Some records which have passed their retention date will be reviewed for archival value. Those physical records selected for preservation as archives are transferred to Special Collections.
Paper records should be destroyed by shredding and confidential shredding, in accordance with BS EN 15713. Electronic records should be destroyed by mechanisms which guarantee irretrievability: deletion is not destruction. Effective mechanisms include degaussing, electronic file shredding, reformatting and physical destruction of storage media.
All copies of expired records should be destroyed, wherever they are held. Destruction should also be documented, to provide evidence that retention schedules have been followed and to prevent searching for material that no longer exists.
5.7 Vital records
Records that would be vital to the continued functioning of UCL in the event of a disaster (e.g. fire, flood, virus attack) must be identified and protected. These include records that would recreate UCL’s legal and financial status, preserve its rights, and ensure that it continues to fulfil its obligations to its stakeholders (e.g. current financial information, contracts, proof of title and ownership, research data).
Vital records must be stored on central servers, so that they are protected by appropriate back-up and disaster recovery procedures. Vital records that are only available in paper format should be duplicated, and the originals and copies stored in separate locations. If, however, duplication is impracticable or legally unacceptable, fire protection safes must be used to protect the documents.
5.8 Electronic records
UCL’s electronic records management infrastructure is driven by function, not format: business requirements drive decisions about what records are to be created and maintained, and how they are to be preserved and disposed of. As far as possible, UCL’s records should be managed by means of an electronic document and records management system, which at least:
- Is a secure repository
- Organises records in a business classification scheme
- Prevents modification of records
- Strictly controls retention and deletion.
Records which must be retained in the long term (more than one generation of technology) need active management to ensure they remain accessible. At UCL this should be achieved by means of a system compliant with the OAIS standard and ISO 14721.
Although the same principles apply to records in all media and formats, electronic records are different from their analogue counterparts because they have different physical characteristics which make them vulnerable to corruption and loss. The media on which they are recorded can be fragile, they depend on changing technologies for accessibility, and need contextual information (metadata) in order to be understood.
Almost all current records are created in electronic systems, and electronic systems should be used to manage them. UCL eschews the ‘print-to-file’ method of electronic records management as unsustainable in the long term.
The integrity of electronic data is of paramount importance, if it is considered the primary, definitive record of a transaction. Departments that are responsible for storing documents required for evidential purposes must demonstrate compliance with BS 10008.
5.8.1 Media and formats
Records which have to be preserved in the long term must be in sustainable formats: accessible throughout the records’ lifecycle and as technology evolves. The following factors must be taken into account when assessing the suitability of formats for long-term preservation:
- Disclosure
- Adoption
- Transparency
- Self-documentation
- External dependencies
- Technical protection mechanisms.
Floppy disks, audio and video cassettes, CDs and DVDs should not be used for the long-term preservation of electronic records.
5.8.2 Email
Emails record actions and decisions, and must be managed as effectively as paper and other electronic records. Messages that are retained should be held in a record-keeping system to allow information to be easily located and retrieved, and regularly reviewed and deleted according to the retention schedule.
Email is merely a format and messages cannot be treated as a uniform series with a single retention period. Retention should be determined by the subject matter or business purpose, as for any other record.