We recognise that our records and the information contained within them are a vital corporate asset, and that their effective management is essential to:
- support our core functions in providing services to our clients and customers;
- provide evidence of transparency and accountability in decision-making;
- improve the overall management of the organisation and enable us to work more efficiently;
- comply with our legal and regulatory obligations.
We therefore have an obligation to put in place effective records management, in the shape of the necessary policies, procedures and practices, to maximise the use of our records, now and in the future.
This policy represents one essential component of the broader information management requirements.
Records Management Policy Statement
It is our policy to create, maintain, use and dispose of authentic, reliable and accessible records, regardless of their format.
The purpose of this policy is to establish consistent practice across the organisation in the way documents and records are managed. The policy has been produced to meet the requirements outlined in the Lord Chancellor’s Code of Practice on the Management of Records, (issued under section 46 of the Freedom of Information Act 2000), BS ISO 15489 Standard for Records Management, and Data Protection Legislation.
Scope of the policy
This policy applies to all records that are created, received and maintained by Unity, and our staff, which represent evidence of our activities. It applies to all records regardless of format or storage medium, and therefore applies to electronic records, including e-mail, DVD’s, CD’s etc.
This policy applies to (but may not be limited to) all committees, departments, partners, employees of Unity, contractors, agency staff, voluntary agencies in the course of their work for and on behalf of Unity, whether working directly for Unity or in partnership with it. The policy applies regardless of location of working environment, be this on Unity/Client premises, at home, or elsewhere.
Roles and responsibilities
All officers, temporary staff, consultants, contractors, elected members are responsible for the management and use of documents/records associated with their service/business area, and are therefore expected to follow the principles outlined in this document and all sub documents relating to the management and use (including storage and disposal) of documents/records.
Managers are responsible for making sure their staff understand and follow this policy. If you do not understand any part of this policy or how they may apply to you, you must seek advice from your manager.
Law and regulation
As an organisation working with public authority e.g. Oldham Council who is subject to a range of legislation and regulations that impact how information is processed (captured, held and used). The following are key fur Unity to observe:
- Local Government Act (1972)
- Local Government (Access to Information) Act (1985)
- Data Protection Legislation
- Freedom of Information Act (2000)
- Environmental Information Regulations (2004)
- Re-use of Public Sector Information Regulations (2005)
- Regulation of Investigatory Powers Act (2000)
- BS ISO 15489 Standard Records Management
- BS ISO 27001 Code of Practice for Information Security Management
- BIP 0008 Code of Practice for Legal Admissibility and Evidential Weight of Information Stored Electronically
- Public Records Act 1958
However some services may need to adhere to other specific legislation in their management and use of documents/record keeping obligations.
Non-compliance with this policy could have a significant reputational effect on Unity as well as on the efficient operation, and may result in financial loss and inability to provide necessary services to, or protect our clients, citizens, and service users.
Failure to comply with this policy (and sub policies, procedures and guidelines) is a serious matter and users may be subject to criminal, civil or employment related sanctions. Unity takes the commitment to records management very seriously and any breach of this guidance and practice may be considered as an act of gross misconduct, and may result in disciplinary action, possibly leading to dismissal.
This policy has been developed alongside a framework of related corporate policies, procedures and guidelines together with legislation and best practice.
This framework will provide policy and process that result in meeting legal and operational requirements by:
- creating and capturing records of a sufficient quality, ensuring the minimum records/data are kept for the business purposes they are needed for;
- managing their operational use to protect their integrity as evidence;
- providing access in a controlled manner which allows secure sharing;
- creating a log of service records, both live, dormant and archived which will include the reasons for keeping them (records of processing activities/Asset Register);
- storing records in an appropriate environment;
- retaining records only for as long as is necessary for operational, statutory, regulatory or cultural purposes;
- disposing of records in a timely and secure manner;
- providing for the preservation of records with long-term value;
- training and supporting staff in fulfilling their records management obligations and aspirations.
The management of records adopts the “lifecycle management” model:
- Information, documents and records are created (born)
- Used (working life)
- Filed and Stored (dormant)
- Retained (retired)
- Disposed of (destroyed or permanently preserved as archives).
Records can be in any format including (but not exclusively) paper or electronic pages, files or folders; databases, e-mails; diaries; faxes; intranet and internet web pages; blogs and wikis; audio and video recordings; microfiche and microfilm; maps, plan and photographs.
Information is used to create documents which are used during the course of our business. If they need to be kept as evidence of an activity, decision or transaction carried out by or on behalf of Unity they become “records”. Records are fixed, unchallengeable and kept for a specified time.
Documents and records are “information assets”, which to be of value must be relevant, accurate and accessible. By default, Unity must manage documents and records to:
- know what information is held, by whom and where;
- make informed decisions;
- deliver timely and quality services both internally and externally;
- comply with legislation and regulation;
- protect employees, contractors, clients, and customers;
- make better use of resources and be open transparent and responsive;
- assure residents that the information we hold is necessary, safe and accurate;
- uphold people’s rights of access, portability, restriction, erasure or correction;
- inform employees, contractors or other authorised users of Unity systems and information, of their records management duties;
- design and implement information architecture and technical infrastructure to the highest industry standards;
- ensure the long term preservation of important and vital records.
Support and training
We are committed to providing all employees with the information required to ensure compliance with this policy and all related policies, procedures and guidelines. Training and awareness activities will be offered on a regular basis to services and where circumstances allow, specific in house sessions can be arranged for your service.
We are committed to continuous improvement and to support this will regularly review and where appropriate, update and amend policies, procedures and guidance notes.
The Managing Director is ultimately accountable for this policy and Senior Risk Information Officers are responsible for implementing it.