(1) The Purpose of this Procedure is to support effective management of records at The University of Queensland (UQ) by enabling the destruction of University records that satisfy certain conditions. (2) A University record can be an object in any format that displays recorded information showing evidence of the University’s decisions and actions whilst performing its various operations. Records can be “born digital” e.g. email, electronic document, image, video, audio recording. They can also be “physical source records” which means that they have a physical presence such as paper, folder, photograph, microform, USB drive, Compact Disc, etc. A digital copy of physical source records can, in some cases be transitioned to becoming a Digitised Electronic Record (electronic format through scanning or other technologies). (3) This Procedure covers all records of the University of Queensland and describes the appropriate destruction criteria and procedures for their destruction including the approved process for transitioning physical source records to a Digitised Electronic Record. (4) This Procedure applies to consumers of UQ Information Technology Services (ITS) resources and anyone creating or accessing UQ’s information assets. (5) Consumers that are connected to UQ networks, systems or services must comply with this Procedure, irrespective of location or device ownership e.g. consumers with personally-owned computers. (6) Exceptions to this Procedure must be approved by the Chief Information Officer. (7) The processes and key controls for determining the eligibility of records for destruction apply to both physical and digital records. (8) The University is subject to the Queensland Government’s: (9) Other key controls include the retention and disposal schedules authorised by Queensland State Archives: (10) The key points of action from these controls are illustrated in the below workflow, and correspond with provisions under section 4. (11) All records regardless of format must be managed in accordance with the minimum legal retention requirements stated in the authorised retention and disposal schedules listed in section 2. (12) Only records that are classified as “temporary” and “expired” (past their legal minimum retention expiry date) will be eligible for destruction. (13) It is important to recognise that certain types of records are not eligible for consideration for destruction. (14) The following summarises these types of records that cannot be destroyed under any circumstances: (15) Physical source records that have been digitised only qualify for early destruction if the original is classified as temporary value, and if the digitised version is held for the required retention period for that class of records. (16) Digitisation must follow a documented and auditable process that includes quality assurance measures. These include: (17) Organisational units need to determine and document records that are eligible for destruction. (18) To assist with determining the eligibility of University records for destruction a ‘Criteria Matrix’ resource is appended (see ‘Criteria Matrix’ in section 7). (19) The ‘Criteria Matrix’ summarises the conditions referenced in the approved retention and disposal schedules to: (20) Data Strategy and Governance provides advice and support to organisational units to assist with the correct translation of the requirements stated in the approved retention and disposal schedules. (21) Regardless of the format the time expired records are in, under legislation it is mandatory to keep a record (log) of destruction activities. (22) The destruction of physical source records must be carried out using a secure process unless the record had a security classification approved as ‘public’. (23) The Data Strategy and Governance team provide advice to organisational units on preferred confidential destruction services. These include: (24) As is the case for physical source records (refer to relevant provisions above), the destruction of digital records must also be carried out using a documented, authorised and secure process. Organisational units can contact Data Strategy and Governance if they require assistance. (25) The University’s enterprise document and records management system (Micro Focus Content Manager, also known as TRIM) is designed with functionality that supports compliant destruction practices. It caters for the capture of electronic records, it facilitates the registration of the existence of physical records, and captures audit trails associated with records. The features include: (26) The University has many other systems of records. However, the destruction of records captured within these systems is not straight-forward. (27) Prior to destroying digital records that are not within Micro Focus Content Manager, UQ consumers are required to consult with the Data Strategy and Governance team for advice. (28) The roles and responsibilities outlined below are in addition to those defined in the Information Management Policy. (29) The Vice-Chancellor and President is responsible for ensuring that UQ complies with the Public Records Act 2002, including the principles and standards established by the Queensland State Archives. (30) Responsibilities within this Act may be delegated, and authority is given to the Senior Manager, Data Strategy and Management for endorsement and approval of the final destruction activities of University records. (31) The Chief Information Officer is responsible for: (32) Information Domain Custodians (Information Custodian) are responsible for ensuring that records under their domain are destroyed in accordance with this Procedure. (33) This includes: (34) Information Stewards are responsible for: (35) The Senior Manager, Data Strategy and Management is responsible for authorising the destruction of UQ records as the delegate of the Vice-Chancellor and President. (36) Data Strategy and Governance staff are responsible for: (37) UQ Managers and Supervisors are responsible for ensuring their staff are disposing of records in accordance with this Procedure. (38) All UQ Consumers are responsible for complying with this Procedure, ensuring records are kept for as long as they are legally required. (39) The Chief Information Officer (CIO) will ensure this Procedure is reviewed every three years. (40) Information Stewards will ensure documented quality assurance processes to satisfy legibility, audibility, readability and completeness prior to the destruction of physical records or digital records. (41) Areas under the responsibility of the Information Stewards will be subject to quality assurance checks and record keeping compliance audits. These checks and audits will be carried out in partnership with the authorised officer delegated by the Information Steward and the authorised Data Strategy and Governance delegate. (42) An annual status report summarising records destruction activities, will be provided to the Information Technology Governance Committee (ITGC) by the Senior Manager, Data Strategy and Management. (43) The linked criteria matrix can be used for assessing the eligibility of records for destruction. (44) Relevant resources include: (45) Related policies include: (46) Related legislation includes:Destruction of Records Procedure
Section 1 - Purpose and Scope
Section 2 - Processes and Key Controls
Top of Page
Testing eligibility
→
Records are classed as Temporary
→
Expiry confirmed
→
Documented in an auditable log
→
Evidence of approval and destruction
Section 3 - Key Requirements
Testing Eligibility
Exceptions
Records described as permanent retention value under a current retention and disposal schedule cannot be destroyed, even after digitisation.
Are significant physical source records where any or all of the following qualities or characteristics apply:
Records that are and/or have been requested as part of an application under Right to Information or Information Privacy legislation are not to be destroyed. Consultation with the UQ Right to Information team and/or the Data Strategy and Governance team is required. Further information can be found within the Queensland State Archives - General Retention and Disposal Schedule (GRDS).
It is a breach of the Criminal Code Act 1899 to destroy records that are or could be reasonably expected to be required for a legal matter whether current or anticipated at time of destruction.
The lead agency for Government recordkeeping, Queensland State Archives, can impose a records disposal freeze. Under a disposal freeze, it is unlawful to destroy physical or electronic records outlined in the freeze directive.Physical Source Records after Digitisation
Assessing Records
Create Evidence of Destruction Process
Destruction of Records
Carrying out the Destruction of Physical Source Records
Destruction of Digital Records
Documenting the Destruction of Records
University's Enterprise Document and Records Management System
Other Electronic Systems of Records
Section 4 - Roles, Responsibilities and Accountabilities
Vice-Chancellor and President
Chief Information Officer
Information Domain Custodian
Information Stewards
Senior Manager, Data Strategy and Management
Data Strategy and Governance (DS&G)
Managers and Supervisors
UQ Consumers
Section 5 - Monitoring, Review and Assurance
Section 6 - Recording and Reporting
Section 7 - Appendix
Criteria Matrix
Resources
Source latest version from: Search for a Retention and Disposal ScheduleRelated Policies
Related Legislation
Definitions
Term
Definition
Born Digital Records
Original records that have been initiated, created, transmitted/received within a digital environment. (e.g. email; email attachment)
Information Asset
A body of information, defined and managed as a single unit so it can be understood, shared, protected and exploited effectively. Information assets have recognisable and manageable value, risk, content and lifecycles.
Information Domain
A broad category or theme under which University information can be identified and managed. UQ uses the topics and entities outlined in the CAUDIT Higher Education Data Reference Model, in the context of business capabilities and organisation structures, as a guide to determine appropriate information domains.
Information Stewards
are responsible for the quality, integrity and use of an information asset on a day-to-day basis. An Information Steward may manage multiple information assets. The stewards are responsible for applying relevant policies, procedures and rules, including safeguarding the information from unauthorised access and abuse.
Information Domain Custodian (Information Custodian)
is responsible for defining and implementing safeguards to ensure the protection of information. This must be done in accordance with the relevant policies and procedures.
Physical Source Records
A physical source record has a material presence and consumes workplace space (e.g. paper, microfilm, compact disk, VHS tapes, etc).
Source Records
Documents, records or files (either paper or electronic) that remain after they have been copied, converted or migrated from one format or system to another.
Digitisation
In the context of this Procedure, digitisation refers to the process undertaken to scan paper source records to produce an accurate digital representation of the document in a pdf format.
Retention and Disposal Schedules
Legally binding documents that govern decisions about retention and disposal of records. These official documents, all to be read in-conjunction with each other, have been authorised by Queensland State Archives, the authority on record keeping governance for public entities such as UQ. The schedules provide descriptions and other contextual information around specific classes of records and state the legal minimum retention obligations based on the status of the class of record e.g. Temporary – dispose after 7 years from last action; Permanent – Retain permanently by the University.
Disposal vs Destruction
In this document disposal and destruction are used interchangeably. However, destruction is the more correct term when we refer to undertaking the irreversible action of destroying the records to make them irretrievable. Disposal can refer to actions where the records change ownership, such as the transfer of records to another entity outside of UQ e.g. Queensland State Archives, and the records remain intact and retrievable at their new location.
Metadata
Metadata is descriptive information about a record that typically includes the author, title of the record, creation date and changes along with disposal information. Record metadata enables disposal authentication.
DS&G
Data Strategy and Governance is located within Information Technology Services (ITS) and is responsible for the strategic management of The University's recordkeeping systems, records of enduring value, developing policies and providing advice.
View current
This is the current version of the approved document. You can provide feedback on this document to the Enquiries Contact - refer to the Status and Details tab from the menu bar above.