Records Management Policy
Contents
- 1. Introduction
- 2. Scope
- 3. Definition of Records
- 4. Records Management Good Practice
- 5. Roles and Responsibilities
- 6. Training and Awareness
- 7 Policy Compliance
- 8. Other Relevant Policies
- 9. Monitoring and Reviewing
- 10. Useful contacts
Corporate Records Management Policy
Department responsible: Corporate Information Governance – Records Management Officer
Document release: March 2023
1. Introduction
1.1 Bradford Council must ensure that it has an efficient and effective method of managing and identifying information and managing records held to successfully meet
the requirements and obligations of:
- The Lord Chancellors Code on Records Management issued under section 46 of the Freedom of Information Act 2000.
- Legal requirements of the Freedom of Information Act 2000, the Data Protection Act 2018 and the UK General Data Protection Regulation
- Statutory obligations under the Local Government Act 1972
1.2 Records management is vital to our being able to deliver efficient and effective value for money services. This policy therefore recognises the Council's obligations to put in place effective records management procedures to:
- Support the Council’s core business activities
- Comply with legal and regulatory obligations
- Provide a high quality service to our customers
- Ensure the right information is available at the right time
- Ensure openness and accountability
- Protecting vital records to enable the continuing function of Bradford Council in the event of a disaster
1.3 Bradford Council has an obligation to manage its records in a way that protects the right of the Council, its employees and citizens.
1.4 Records management is an essential part of enabling the Council to achieve priority outcomes that reflect what is most important to the people and communities of the Bradford District as set out in the Council’s Strategic Plan.
2. Scope
2.1 This policy applies to all records created, received and maintained by all officers, temporary staff, consultants, contractors, elected members and others in the course of their work for and on behalf of Bradford Council, whether working directly for the Council or in partnership with it.
2.2 The policy applies regardless of location of working environment, that is, council premises, at home or elsewhere.
3. Definition of Records
3.1 Records are defined as information that is created or received, captured, and maintained as evidence of the business of the council, due to its operational, legal, financial, or historical value to the organisation.
3.2 This policy covers records in all physical and electronic formats, including, but not restricted to:
- Paper
- Electronic documents
- Emails
- Voicemail
- Web records such as blogs, wikis and discussion threads
- Other records created in social media used for business purposes, such as Twitter
- Visual images such as photographs
- Scanned images
- Microform, including microfiches and microfilm
- Records stored on removable media, such as audio and video tapes, memory sticks,
- CDs, DVDs and cassettes
- Published web content (Intranet and Internet)
- Databases and spread sheets
- CCTV
3.3 This policy does not cover documents that are not council records, for example non-work related emails, stationery or reference material.
3.4 Records created by elected members in their capacity as representatives of the council are covered by this policy. If elected members create records when acting on behalf of their constituents or as a representative of a political party, it is not expected that they personally manage these records in accordance with this policy.
4. Records Management Good Practice
4.1 Good records management practice relies on the following:
- Determining which records should be created or received and retained
- Determining corporate record systems for the storage and management of records
- Creation or receipt of required records and their capture into corporate record systems together with related metadata
- Appropriate maintenance of records in safe secure environment(s)
- Determining why and how long records should be kept and how they should be disposed
- Retaining records only for as long as they are needed to satisfy legal, regulatory requirements and operational needs
- Routine, timely and secure disposal of records in line with Bradford Council’s retention and disposal policies
- Routine disposal of temporary documents and information (non-records)
- Ensuring data sharing agreements are in place where council records are shared (where there is a legal basis to share) with the public, partners, or contractors, and that this is done in a lawful and secure manner.
5. Roles and Responsibilities
5.1 Information Asset Owners (data controllers and processors)
Information Asset Owners are responsible for
- Ensuring that agreed Records Management Policies and Procedures are implemented and adhered to within their services
- Appropriate staff are designated to assist with the implementation and development of Records Management procedures within their services
- Maintain a record of processing activities under its responsibility. This is evidenced by having a clear Inventory of Asset Register, Data Protection Impact Assessments and Data Sharing Agreements (a central register of DPIAs and DSAs should also be recorded and held corporately).
5.2 Records Management Officer
The Records Management Officer is responsible for
- Developing an effective records management programme to enable Bradford Council to fulfil its records keeping obligations.
- Providing timely advice and guidance to employees with records management responsibilities across the organisation.
- Producing guidance and procedures in relation to records management.
- Providing an up to date and relevant Corporate Records Retention and Disposal Policy and retention schedule for all departments and services.
- Carrying out periodic compliance audits, advising on and agreeing to corrective action where required.
5.3 Information Governance Service Champion
The IG Service Champion is responsible for promoting the Policy within their Service.
5.4 Council Staff
It is the responsibility of all those working for the Council to adhere to the policy when creating, maintaining, using, transmitting or disposing of records.
Failure to do so could affect the ability of the Council to deliver services or demonstrate that it is open and accountable.
Failure to observe the standards set out in this policy may be regarded as serious and any breach may render an employee liable to disciplinary action.
6. Training and Awareness
6.1 Appropriate training is made available for existing staff that have responsibility for records management.
6.2 The Chief Executive, Strategic Directors, Assistant Directors and Heads of Service need to ensure that Members and Council staff are appropriately trained and that all Members and Council staff understand their responsibilities as set out in this Policy.
6.3 Each new member of Council staff will be made aware of their obligations for records management as part of an induction-training programme.
6.4 Training requirements will be reviewed on a regular basis to take account of the needs of the individual, and to ensure that staff are adequately trained.
7 Policy Compliance
7.1 Non-compliance with this policy will result in failure to meet our legal obligation. Breaches of this policy will be considered on a case by case basis and reported to the relevant Information Asset Owner and the Senior Information Risk Owner.
8. Other Relevant Policies
8.1 This Policy must be read in conjunction with the following supporting documentation as a minimum:
- Freedom of Information Policy
- Information Security Policy
- Data Protection Policy
- Retention and Disposal of Records Policy
- Data Sharing Guidance
- Clear Desk Policy
9. Monitoring and Reviewing
9.1 The Records Management Officer will undertake monitoring of compliance on an on-going basis.
9.2 The review of this policy will be undertaken by the Records Management Officer in consultation with the Information Assurance Group and relevant service
representatives.
9.3 This policy will be reviewed as it is deemed appropriate, but no less frequently than every 2 years or where there are changes to legislation.
9.4 Arrangement should be made within individual services for regular reviews of procedure and practice in relation to ensure records management compliance with this policy.
10. Useful contacts
10.1 Records Management Officer via RMO@bradford.gov.uk
10.2 Corporate Information Governance team via foi@bradford.gov.uk
10.3 Data Protection Officer via DPO@bradford.gov.uk
10.4 Information Commissioner’s Office via www.ico.org.uk