(1) To outline the responsibilities and actions associated with access and security of records and information at Macquarie University. (2) This Procedure applies to all Macquarie University staff and all University Records. (3) Refer to the Records and Information Management Policy. (4) Executive Deans / Heads of Offices / business system owners must ensure that enterprise business information systems and local recordkeeping systems for which they are responsible have access-control protocols and procedures that ensure: (5) This section applies to access to University records and information by external parties, and by University staff for research purposes not directly related to their work. (6) A person wishing to access University records and information for research purposes must submit an access request to ask.memory@mq.edu.au. Access to records and information held in enterprise business systems will be redirected to the Director, Strategic Planning and Information. (7) Requests for records and information held by a budget division must be made in writing to the relevant Executive Dean / Dean / Head of Office and must detail the specific records being requested. (8) Before approval of access, the relevant Executive Dean / Dean / Head of Office / business system owner holding the records and information must ensure that advice is sought from: (9) Before approval of access to records and information held by Archives and Records, staff of that area must consult with the area from which the records and information originated if there is any doubt about releasing the records and information. (10) Where permission is given to access records for research purposes, the area controlling the records and information will provide access to them with appropriate security and protection of archival integrity. (11) An individual who wishes to view or amend their own personal information held in University business systems must submit a written request to the relevant Executive Dean / Dean / Head of Office holding the record or information (e.g. relevant Faculty for student files, Human Resources for employee files). (12) The head of the area holding the record or information, or their nominee, must contact the Privacy Officer for advice about the appropriate procedure. (13) Individuals may apply for access to University records and information under the provisions of the Government Information (Public Access) Act 2009. (14) All formal requests for access to University records and information under the provisions of the Government Information (Public Access) Act 2009 must be made in writing to the University’s Right to Information Officer (see Right to Information (GIPA)). (15) The Director, Strategic Planning and Information is responsible for managing responses to Right to Information requests. (16) If a staff member receives a request to access records and information under the provisions of the Government Information (Public Access) Act 2009, they must immediately forward the request to the Director, Strategic Planning and Information. (17) Nil. (18) Commonly defined terms are located in the University Glossary. Definitions specific to this Procedure are contained in the Records and Information Management Policy.Access and Security Procedure
Section 1 - Purpose
Scope
Section 2 - Policy
Section 3 - Procedures
Responsibilities and Required Actions
Records and Information Access and Security Control
Records and Information Access for Research Purposes
Individuals’ Access to Their Personal Information
Freedom of Information Requests
Section 4 - Guidelines
Section 5 - Definitions
View Document
This is not a current document. To view the current version, click the link in the document's navigation bar.