Bulletin Board - Document Comments

Bulletin Board - Review and Comment

Step 1 of 3: Comment on Document

There are 3 steps in the submission process. You must complete all three steps in one session, otherwise your comments will be lost.

1. Use this Protected Document icon to open a comment box.

2. Type your feedback and then click the"Save Comment" button in the lower-right of the comment box.

3. Do not open more than one comment box at the same time.

4. When you have finished making comments, go to step 2 by clicking on the “Save and Continue” button at the very bottom of this page.

Important Information

During the comment process you are connected to a database. Like internet banking, the session that connects you to the database may time-out due to inactivity or if you close your browser or go to a different tab/window and try to come back.

To ensure that your comments are received:

  1. DO NOT jump between web pages/applications while logging comments.

  2. DO NOT log comments for more than one document at a time.

  3. DO NOT leave your submission unfinished. If you need to take a break, submit your current set of comments now and return later to make a further submission. You will receive a copy of your comments so that you can see what you have already said.

  4. DO NOT exit from the interface until you have completed all three steps of the submission process.  Simply saving a comment in the comment box does not mean it is submitted and if you exit the system, you will not be able to retrieve it later.

When you finalise your submission in step 3 your comments will be emailed to the Document Author with a copy to you, and to policy@mq.edu.au for record keeping purposes.

Records and Information Management Policy

Section 1 - Purpose

(1) This Policy has the following objectives:

  1. to specify the requirements for a University-wide Records and information system which manages Records and information from their design to their destruction or permanent retention; and
  2. to ensure that the University’s Records and information system complies with legislative requirements.

Background

(2) Macquarie University (the University) relies upon an effective Records and information management system to enable business to be conducted in an efficient and accountable manner. Efficiently managed Records and information is a key University asset, providing administrative transparency, consistency and accountability, as well as enhancing the institution’s identity by the collection and preservation of its corporate memory.

(3) Student Records form part of the Records and information management system. The University needs to keep accurate Records of important student information in order to manage their progress from admission and enrolment, through completion of courses, to graduation and beyond. Other University Records and information include corporate records, Vital Records, Archives and Legacy Records.

(4) This Policy provides details of how the Records and information management system will be managed and assigns responsibilities, in order to meet operational, compliance, accountability and community expectations and requirements in accordance with the State Records Act 1998 and the NSW Standard on Records Management.

(5) The Policy should be read in conjunction with the Data Governance Policy and the Information Classification and Handling Procedure.

Scope

(6) This Policy applies to all Staff members of Macquarie University and its controlled entities (except Macquarie University Hospital) involved in creating Records and information during the conduct of University Activities. This includes officers, employees and contractors of the University and the appointees to conjoint, adjunct, emeritus, honorary, clinical and visiting academic positions of the University.

(7) The Policy applies to Records and information in all formats, including both digital and physical Records, created, received and used in the conduct of University Activities. The Records and information include, but are not limited to, student files, staff files, correspondence, business email, administrative files, financial Records, research management and minutes of meetings of University committees or boards. The requirements under the State Records Act 1998 (the Act) also apply to any State Records that are created by generative Artificial Intelligence (AI).

Top of Page

Section 2 - Policy

Records and Information Management Framework

(8) The University is committed to making and keeping full and accurate Records of its business transactions and University Activities.

(9) The University will promote, maintain and review a University-wide Records Management Program that complies with the State Records Act 1998 (the Act) and other relevant standards and legislative requirements.

(10) The Records and Information Management Framework is based on:

  1. identifying Records;
  2. Access for and security of Records;
  3. retention and disposal of Records; and
  4. monitoring and evaluation of the Records Management Program.

Identify Records

(11) Requirements for Identifying Records include:

  1. determining and documenting what Records and information are to be created, according to the needs and structure of the University and classify them in accordance with relevant legislation;
  2. identifying and documenting Vital Records; and
  3. identifying and documenting Archives.

Recordkeeping Functionality Requirements for Systems

(12) Recordkeeping Functionality Requirements for Systems include:

  1. specifying when and where Records and information are captured into Records and Information Management systems;
  2. specifying how to organise Records and information to support their requirements for use; and
  3. tracking the movement and use of Records and information.

(13) Records of the University must be captured as soon as practicable in a University Recordkeeping System. This includes any AI generated records which should be extracted and saved in a secure system to ensure they are accessible when required.

(14) To support the accuracy of AI generated records, associated Recordkeeping Metadata must also be extracted, retained in a University Recordkeeping system and perpetually linked to the record it relates to. Relevant Metadata includes confirmation that the record was generated by AI, the software used and the prompts, inputs or algorithm used to create the record.

(15) Records and Information systems must be reassessed for record keeping compliance if they undergo major upgrades or changes in functionality or content.

Access and Security

(16) University Record Keeping Systems should provide for proper access and security safeguards including:

  1. Control of Access to Records to:
    1. regulate Access rights, conditions and restrictions to address privacy (refer Privacy Policy), security and freedom of information;
    2. ensure that Records are available to all authorised staff that require Access to them for business purposes; and
  2. Storing and Preserving Records to:
    1. ensure that Records and information are stored in a safe and secure environment;
    2. ensure Vital Records are identified, protected and recoverable when needed; and
    3. establish protocols to preserve and handle Records and information to prevent loss or decay.

(17) Individuals may apply for Access to University Records and information under the provisions of the Government Information (Public Access) Act 2009 (refer to the Access and Security Procedure).

Retention and Disposal

(18) University Record Keeping Systems should provide for the proper retention and disposal of Records including:

  1. ensuring that Records and information are maintained only for as long as needed or as required by the relevant Retention and Disposal Authority under the Act or any other retention obligations specified in legislation;
  2. that no records of NSW State Archives are disposed of unless in accordance with these retention and disposal authorities or Normal Administrative Practice (see the Retention and Disposal Procedure);
  3. that all records subject to a Litigation Hold are preserved and that any records disposal process is halted until the preservation order is lifted;
  4. transferring control and ownership of State Archives (Records of continuing value) to the Museums of History New South Wales as appropriate; and
  5. ensuring any State Records created by AI are only disposed (destroyed) according to authorised retention and disposal authorities. The retention period is dependent on the business activity that the record relates to.

(19) When AI is used to generate content and inform decision-making that supports and evidences University Activities, these are University Records. All staff have an obligation to create and keep records of their work activities, including content generated through AI, under this Policy.

Monitor and Evaluate

(20) In order to implement and manage the Records Management Program the University will:

  1. Train Staff:
    1. provide Records Management training and consultancy services to all stakeholders.
  2. Monitor and Evaluate:
    1. monitor compliance with the Act; and
    2. evaluate opportunities for improving the effectiveness, efficiency and quality of the Records Management.
  3. Report:
    1. report on the Records Management System to the appropriate authorities; and
    2. participate in audits by internal and external agencies.

Responsibilities

(21) The Vice-Chancellor, as head of the University, is responsible for ensuring the University complies with legislative requirements for Records and information management.

(22) The General Counsel as the Vice-Chancellor's delegate is the nominated senior officer responsible for Records management and has the responsibility for overseeing compliance with and performance against the University’s Records and Information Management program. The General Counsel may, as and when required, delegate this authority to another senior officer in accordance with the Delegations of Authority Policy.

(23) The Records and Archives Manager is responsible for developing, implementing and monitoring the Records and Information Management program as well as the University’s Recordkeeping Awareness Program which provides staff with the knowledge and skills required to fulfil their Record and information keeping obligations. The Records and Archives Manager is responsible for providing Record and Information Management advice and support to business units in relation to managing University Records and information and manages the University’s Archive and offsite storage facility.

(24) The Chief Information and Digital Officer is responsible for ensuring that the information technology systems at Macquarie University perform effectively and comply with statutory requirements for Record, information and data keeping functionality (capturing, managing, and protecting Records), including disaster planning/business continuity.

(25) Business System Owners are responsible for ensuring the reliability and continued operation and functionality of business systems that generate and store Records and information, and for ensuring business continuity plans for these systems are in place.

(26) Executive Group members are responsible for ensuring that the Records and Information Management program aligns with the strategic direction of the University and is actively implemented within their relevant portfolios.

(27) University staff who are in a supervisory capacity are responsible for monitoring and supporting staff to ensure they understand and comply with Records and Information Management policies and procedures. Managers and Supervisors must encourage and support positive Record and information keeping practices within their business areas.

(28) All University staff including casual staff as well as individuals who may perform work on behalf of the University are responsible for ensuring they Access Records and information only relevant to their role, and understand and comply with their Record and information keeping requirements outlined in this Policy and associated procedures, individual position descriptions and in the corporate induction program. All University staff are required to report any breach of this Policy that results in unauthorised Access, disclosure or loss of personal information in accordance with the Data Breach Policy.

(29) Further guidance information is also provided within:

  1. Appendix 1 Records Retention Guide;
  2. Appendix 2 Records Classification Guide;
  3. Records and Information Management Policy - Student Record; and
  4. Records and Information Management Schedule of Definitions.
Top of Page

Section 3 - Procedures

(30) Refer to the:

  1. Classification and Capture Procedure;
  2. Access and Security Procedure; and
  3. Retention and Disposal Procedure.
Top of Page

Section 4 - Guidelines

(31) Nil.

Top of Page

Section 5 - Definitions

(32) The State Archives and Records Authority of NSW Glossary of Recordkeeping Terms defines terms used in Records Management. The following definitions are drawn from the Glossary of Recordkeeping Terms and will clarify the terms used in this Policy.

(33) Further definitions are set out in the Records and Information Management Schedule of Definitions. The following definitions apply for the purpose of this Policy:

  1. Access means the right, opportunity, means of finding, using or retrieving information. (AS ISO 15489 Part 1 Clause 3.1). The granting of permission to:
    1. use the reference facilities of Archives;
    2. examine and study individual Archives and/or collections held by Archives; and
    3. extract information from Archives and Records for research or publication.
  2. Archive means a record that has continuing value but is no longer required for current use. This includes permanent University and State Archives.
  3. Legacy Records - Legacy Records come from predecessor institutions and refer to older records inherited by Macquarie University following mergers. Examples of institutions that have amalgamated with the University are the Sydney College of Advanced Education (SCAE): this entity amalgamated with Macquarie University in 1990. Records include those from its institutes, such as the Sydney Kindergarten Teachers College (SKTC), and the Nursery School Teachers College (NSTC) and cover early childhood education. There are also some records from the Sydney College of Chiropractic held in the University archives once again from 1990. Legacy Records can also encompass personal papers of individuals associated with the University and its predecessors.
  4. Litigation Hold is also called a 'legal hold' or 'preservation order’ – a legal hold is made to prevent spoliation and keep evidence in its original condition. Freedom of Information requests, health records requests, privacy requests, subpoenas, upcoming and ongoing cases would freeze a records disposal process for the records identified in the information access requests or the legal documents.
  5. Records means information created, received, and maintained as evidence and information by an organisation or person, in pursuance of legal obligations or in the transaction of business. (AS ISO 15489 Part 1 Clause 3.15). Any document or other source of information compiled, recorded or stored in written form or on film, or by electronic process, or in any other manner or by any other means (the State Records Act 1998).
  6. Recordkeeping Metadata means metadata (data elements captured or used to describe information, such as date created, author and title) required for the appropriate management of records. 
  7. Recordkeeping Systems means business information systems capable of capturing, maintaining, and providing Access to Records over time.
  8. Records Management means the field of management responsible for the efficient and systematic control of the creation, receipt, maintenance, use and disposition of Records, including processes for capturing and maintaining evidence of and information about business activities and transactions in the form of Records. (AS ISO 15489 Part 1 Clause 3.16)
  9. Records Management Program means a program that encompasses the management framework, the people and the systems required within an organisation to manage full and accurate Records over time. This includes the identification and protection of Records with longer-term value that may be required as prescribed by State Archives and Records Authority of NSW.
  10. Retention and Disposal Authority means the documents authorised by State Archives and Records Authority of NSW that set out appropriate retention periods for classes of Records.
  11. State Archive means a state record that falls under the control of Museums of History NSW. A record may be designated as a State Archive based on retention and disposal authorities issued under the State Records Act 1998.
  12. State Record means any Record made and kept, or received and kept, by any person in the course of the exercise of official functions in a public office, or for any purpose of a public office, or for the use of a public office. State Records Act 1998.
  13. State Archives and Records Authority of NSW (also known as ‘State Records NSW’) means the NSW State Government’s Archives and Records management authority. It manages the NSW State Archives collection and sets the rules and provides guidance on the management of official Records.
  14. University means Macquarie University and where the context permits includes any one or more of the following:
    1. its controlled entities;
    2. any institution affiliated with Macquarie University or any of its controlled entities;
    3. any college; and
    4. any educational institution located on the premises of the University.
  15. University Activities means the activities of the University and the University community including:
    1. teaching, study and research at the University;
    2. the conduct of any academic exercise;
    3. recreational, commercial, disciplinary or ceremonial activities of the University or the University community;
    4. any clinical, professional or practical work, research, workshops, camps or field or vocational placements and any other activities arranged, sponsored, controlled or supervised by the University whether or not it is part of a program or unit of study at the University;
    5. the provision by the University of services to the general community;
    6. the use or enjoyment of any University property or University premises by any person authorised by the University; and
    7. the management or administration of the University.
  16. University Record means any document or other source of information that is compiled, recorded or stored, in written form, on film, by electronic process, or in any other format or through any other means (as defined under the State Records Act 1998). This includes but is not limited to data (including corporate data) and information held in fields in an information system, documents, emails, folders, messages, chat and posts. See also State Record.
  17. Vital Record means a record that is essential for the ongoing business of the University, without which the University could not continue to function effectively or protect its interests. These include, but are not limited to, contracts and associated variations, deeds, memoranda of understanding, licences, evidence of ownership of physical and intellectual property, and other records documenting the legal authority or rights of the University.