TRANSLINK RECORDS MANAGEMENT POLICY

Similar documents
Records Management Policy

NHS SOUTH DEVON AND TORBAY CLINICAL COMMISSIONING GROUP INFORMATION LIFECYCLE MANAGEMENT POLICY

Date: INFORMATION GOVERNANCE POLICY

Information Governance and Records Management Policy March 2014

INFORMATION AND RECORDS MANAGEMENT POLICY

In addition DHSSPS has recently issued guidance in respect of the legal admissibility and retention of records electronically

Records Management Plan

Stellenbosch University Records Management Policy

Records Disposal Schedule Charles Darwin University Procurement Services Charles Darwin University

Humber Information Sharing Charter

Derbyshire Constabulary INFORMATION SHARING POLICY POLICY REFERENCE 06/101. This policy is suitable for Public Disclosure

Freedom of Information (FOI) Policy

Marketing Best Practice Records Management. Kemal Hasandedic MBII GDDM MRMA National President RMAA

DePaul University Records Management Manual October 1, 2016

INFORMATION GOVERNANCE POLICY

Freedom of Information: Guide to information available from Brentford School for Girls under the Model Publication Scheme

Information Governance Management Framework

Thomson House School Freedom of Information Policy

Government of Rwanda records and archives management policy

Data protection (GDPR) policy

INFORMATION GOVERNANCE STRATEGY. Documentation control

Aligning Records Management with ICT/ e-government and Freedom of Information in East Africa

Freedom of Information Act Publication Scheme for Academies

Information Governance Policy

Data Quality Policy

Records management policy. Document author Assured by Review cycle. Audit and Risk Committee. 1. Introduction Purpose or aim Scope...

Bank of Botswana Internal Audit Charter March 18, 2013 INTERNAL AUDIT CHARTER BANK OF BOTSWANA

INFORMATION GOVERNANCE STRATEGY IMPLEMENTATION PLAN

ARCHIVES AND RECORDS MANAGEMENT SERVICES (ARMS) Quality Improvement Framework for Archives and Records Management Services in Scotland

Information Governance Policy and Management Framework

1. Each employee is responsible for managing college records in a responsible and professional manner.

Standards for Establishing

Data Protection Policy

Derbyshire Constabulary. Information Management Strategy, Standards and Working Practices

Data Protection Policy

Commissioning Services from Community and Voluntary Sector

Doncaster Council Data Quality Strategy

STANDARD DEVELOPING RECORDS RETENTION AND DISPOSAL SCHEDULES FOR OPERATIONAL RECORDS

Park Hall Academy FOI Policy & Publication Scheme

OFFICER USE ONLY. 2. Position No: Title of Immediate Supervisor: University Secretary 3. Level: 10

DATA QUALITY POLICY. Version: 1.2. Management and Caldicott Committee. Date approved: 02 February Governance Lead

IT Enterprise Services. SharePoint. for records management

BOARD CHARTER JUNE Energy Action Limited ABN

Security Operations. BS EN ISO 9001: 2008 Issue 1.2: 21/10/2016. Quality Manual. Managing Director. Controlled / Uncontrolled when printed

Job Description - Director of Human Resources

Director of Partnership Commissioning. Vulnerable Adults and Children s Commissioning Unit

Records have a Life-cycle.

The Committee of Ministers, under the terms of Article 15.b of the Statute of the Council of Europe,

Harbinger Escrow Services Backup and Archiving Policy. Document version: 2.8. Harbinger Group Pty Limited Delivered on: 18 March 2015

INFORMATION GOVERNANCE POLICY

Introduction GUIDELINES FOR THE SELECTION OF AN ELECTRONIC DOCUMENTS AND RECORDS MANAGEMENT SYSTEM

DPKO and DFS Policy Directive. Records Management

General Optical Council. Data Protection Policy

Burton Hospitals NHS Foundation Trust. On: 22 January Review Date: December Corporate / Directorate. Department Responsible for Review:

Quality Management System. Manual MASTER COPY

Humantech Environmental Management System Manual

DATA PROTECTION POLICY

Information Lifecycle Policy (Records Management)

Grievance and Disputes Policy. Target Audience. Who Should Read This Policy. All Trust Staff

INFORMATION GOVERNANCE MANAGEMENT FRAMEWORK POLICY

Defence Health Governance Structure

Electronic invoicing (e-invoicing)

Internal Control and the Computerised Information System (CIS) Environment. CA A. Rafeq, FCA

WHAT PAYROLL PROFESSIONALS NEED TO KNOW ABOUT THE GENERAL DATA PROTECTION

Code of Corporate Governance

INFORMATION GOVERNANCE MANAGEMENT FRAMEWORK

RECRUITMENT CODE. Ensuring appointment on merit & safeguarding ethics. (Revised January 2017) StaVersion: One July 2009

Internal Audit Annual Assertion on Internal Auditing. for Financial Year

INTERNAL AUDIT DIVISION REPORT 2017/022. Audit of knowledge and records management at the United Nations Framework Convention on Climate Change

Guideline GNWT INFORMATION TECHNOLOGY ORCS Development. 1. Statement

IoD Code of Practice for Directors

RISK MANAGEMENT POLICY

Quality Manual. Print Name Title Date Prepared by L Naughton QA Consultant 9 th April 09. Reviewed by Bernard Lennon Fire and Safety Officer

Scanning Documents Policy

SAFEGUARDING GOOD SCIENTIFIC PRACTICE

LABOUR RELATIONS AGENCY JOB DESCRIPTION. Job Reference (if applicable): DCS/06/16 Date: OCTOBER SALARY: NICS Grade 7, currently 46,141-51,816

Data Protection. Policy

WILTSHIRE POLICE FORCE POLICY

3410N Assurance engagements relating to sustainability reports

06.0 Data and Access Classification

Human Samples in Research

Ewyas Harold Group Parish Council. Freedom of Information Policy

Director of Patient Experience and Stakeholder Management

Achieve. Performance objectives

Loch Lomond & The Trossachs National Park Authority. Annual internal audit report Year ended 31 March 2015

Records Management Policy. EPA Classification No.: CIO CIO Approval Date: 02/10/2015. CIO Transmittal No.: Review Date: 02/10/2018

Computerised Systems. Alfred Hunt Inspector. Wholesale Distribution Information Day, 28 th September Date Insert on Master Slide.

NHSLA Risk Management Standards for NHS Trusts Providing Community Services 2011/12

STATE OWNED ENTERPRISES REMUNERATION GUIDELINES

Information Asset Management Procedure

Protocol for Developing Multi-Stakeholder Group Terms of Reference and Internal Governance Rules and Procedures

TRANSFERRING THE PAPERS OF MINISTERS AND MEMBERS OF PARLIAMENT

ABBEY THEATRE Amharclann na Mainistreach Job Description

MANAGING MINISTER S OFFICE RECORDS

Code of Governance. February 2015

CHURCH LAWTON PARISH COUNCIL FREEDOM OF INFORMATION PUBLICATION SCHEME

POLICY ON MANAGING POLICIES, PROCEDURES AND GUIDANCE DOCUMENTS

RISK AND AUDIT COMMITTEE TERMS OF REFERENCE

JOB DESCRIPTION. Head of Quality and Compliance. Director of Quality and Safety ORGANISATIONAL CONTEXT

GUIDELINES FOR IMPLEMENTING A PRIVACY MANAGEMENT PROGRAM For Privacy Accountability in Manitoba s Public Sector

Transcription:

TRANSLINK RECORDS MANAGEMENT POLICY Version Status Revision date Document History Number 0.1 Draft February 2007 Document Created 0.2 Draft 20 th April 2007 External quality assured by consultants (C9074) 0.3 Draft 24 th April 2007 Approved by Executive Group 1.0 Final 9 th May 2007 Approved and Endorsed by NITHCo Board Version Drafts 0.1 0.3 Final 1.0 Authors David Laird Executive - Projects & IT Seamus Kane Head of IT And by NITHCO Board on 9 th May 2007 Page 1 of 12

TRANSLINK RECORDS MANAGEMENT POLICY 1. Translink is dependent on its records in order to operate efficiently and account for its actions. This policy defines a structure for Translink to ensure adequate records are maintained, managed and controlled effectively and at best value, commensurate with legal, operational and information needs. Background 2. Our organisation's records are our corporate memory, providing evidence of actions and decisions and representing a vital asset to support our daily functions and operations. They support policy formation and managerial decision-making, protect the interests of Translink and the rights of staff and members of the public who have dealings with Translink. They support consistency, continuity and efficiency and productivity and help us deliver our services in consistent and equitable ways. 3. Records management, through the proper control of the content, storage and volume of records, reduces vulnerability to legal challenge or financial loss and promotes best value in terms of human and space resources through greater coordination of information and storage systems. 4. All Translink records are Public Records under the Public Records Acts and must be kept in accordance with following statutory and Translink guidelines ( also see appendix A) And by NITHCO Board on 9 th May 2007 Page 2 of 12

The Data Protection Act 1998 Freedom of Information Act 2000 & Environmental Information Reg. 2005 Human Rights Act 1998 Controls Assurance framework - See Appendix B Guidance issued by PRONI, including the Northern Ireland Records Management Standard (NIRMS) http://proni.nics.gov.uk/nirms/edrm.htm The Lord Chancellor s Code of Practice on the Management of Records by Public Authorities and the transfer and review of public records under the Freedom of Information Act 2000, issues under Section 46 of Freedom of Information Act 2000 www.dca.gov.uk/foi/codemanrec.htm Scope 5. This policy relates to all operational records. Operational records are defined as information, created or received in the course of business, and captured in a readable form in any medium, providing evidence of the functions, activities and transactions. They include: Administrative records (including personnel, accounting records, contract records, litigation and records associated with complaint-handling) Photographs, slides, and other images Audio and video tapes, cassettes Records in all electronic formats And by NITHCO Board on 9 th May 2007 Page 3 of 12

They do not include copies of documents created by other organisations such as the Department of Regional Development, which are kept for reference and information only. 6. All records created in the course of the business of Translink are corporate records and are public records under the terms of the Public Records Acts 1958 and 1967. This includes email messages and other electronic records. Objectives 7. The seven main objectives of this policy are: - Accountability that adequate records are maintained to account fully and transparently for all actions and decisions in particular; To protect legal and other rights of staff or those affected by those actions To facilitate audit or examination To provide credible and authoritative evidence - Quality that records are complete and accurate and the information they contain is reliable and its authenticity can be guaranteed; - Accessibility that records and the information within them can be efficiently retrieved by those with a legitimate right of access, for as long as the records are held by the organisation; - Security that records will be secure from unauthorised or inadvertent alteration or erasure, that access and disclosure will be properly controlled and audit trails will track all use And by NITHCO Board on 9 th May 2007 Page 4 of 12

and changes. Records will be held in a robust format which remains readable for as long as records are required; - Retention and disposal that there are consistent and documented retention and disposal procedures to include provision for permanent reservation of archival records; - Training that all staff are made aware of their recordkeeping responsibilities through generic and specific training programmes and guidance; - Performance measurement that the application of records management procedures are regularly monitored against agreed indicators and action taken to improve standards as necessary: And by NITHCO Board on 9 th May 2007 Page 5 of 12

Implementation 8. This policy will be implemented by a series of programmes to include: Records creation - Creation of adequate records to document essential activities; - Structured information (content management, version control) to facilitate shared systems based on functional requirements; - Referencing and classification for effective retrieval of accurate information; - Documented guidelines on creation and use of record systems Records maintenance - Assignment of responsibilities to protect records from loss or damage over time; - Access controls to prevent unauthorised access or alteration of records; - Defined security levels for access to electronic records and procedures to amend access authorisations as appropriate when staff move - Tracking systems to control movement/audit use of records; - Identification and safeguarding key or vital records; - Arrangements for business continuity; - Training and guidance Records disposal - Systematic retention schedules and procedures for consistent and timely disposal; - Central storage systems for records requiring long-term retention to include electronic archiving systems; - Mechanisms for regular transfer of records designated for permanent preservation to appropriate archives And by NITHCO Board on 9 th May 2007 Page 6 of 12

Training and guidance - Inclusion of records management functions in job processes where appropriate; - Generic and specific guidance on record-keeping standards and procedures; - Training programmes Performance measurement - Development of effective indicators and review systems to improve records management standards - Annual audit of record management implementation to - ensure policy is being implemented - ensure retention and disposal guidelines are being adhered to. Responsibilities 9. The Chief Executive has overall responsibility for ensuring that records are managed responsibly within Translink. 10. The Head of Projects is responsible for co-ordinating records management in the organisation and identifying key corporate records and providing guidance and advice on their management and retention. 11. Divisional Executives are responsible for ensuring that the policy is implemented in their individual departments. They will nominate departmental representatives, who will liaise with the Head of Projects on the management of records in that directorate. 12. Records management responsibilities will be written into all accountable individuals job descriptions and clear procedures for retention of key records issued. It is the responsibility of all staff to ensure that they keep appropriate records of their work in Translink and manage those records in And by NITHCO Board on 9 th May 2007 Page 7 of 12

keeping with this policy and with any guidance subsequently produced by the Head of Projects. And by NITHCO Board on 9 th May 2007 Page 8 of 12

Appendix A Legislation and National Guidelines Controls Assurance Records Management is one of the Controls Assurance Standards developed by the DHSS. The standard requires a systematic and planned approach to the management of records to be in place so that Translink can ensure, from the moment a record is created until its ultimate disposal, it can control both the quality and quantity of information it generates; maintain that information in a manner that effectively services its needs and those of its stakeholders; dispose of the information appropriately when it is no longer required. (A list of the criteria set up to endorse that the standard is in place is attached in Appendix B and is based upon control assurance standards developed by DHSS ref. http://www.dhsspsni.gov.uk/records_05.pdf). The Data Protection Act 1998 The 1998 Data Protection Act places a statutory responsibility on all organisations to protect the personal data, which they hold. In relation to records management this means that organisations must implement measures to: - Maintain the accuracy of data held Protect the security of personal data Control access to personal data Make arrangements for secure disposal once the record is no longer required The Freedom of Information Act 2000 gives the public the right to access to information held by public bodies. The Act recognises that members of the public have the right to know how public services such as Translink are organised and run, i.e. How much they cost? And by NITHCO Board on 9 th May 2007 Page 9 of 12

What services are being provided? How to make a complaint? The targets that are being set. The standards that are expected and the results achieved. Section 19 of the Freedom of Information Act 2000 requires that some documents be released for public scrutiny pro-actively. This has been implemented by Translink by the posting of a Publication Scheme, which has been approved by the Information Commissioner, on the Internet. Members of the public can access this information on Translink s website (paper copies will also be available if required). Any person who makes a request to Translink for information, must be informed within 20 days whether Translink holds that information and if so, it must be supplied. A public interest test may be carried out to determine if the benefit in disclosure outweighs the public interest in non-disclosure. Freedom of Information relies on good record keeping including the creation of reliable records, which can be located when requested, and which are correctly disposed of, or selected for permanent preservation, at the appropriate time. Freedom of Information requires that there should be an audit trail to track the legal disposal of documents that are no longer required. Human Rights Act 1998 Translink must observe the right of individuals to respect for their private lives. Information should only be disclosed when the disclosure is authorised by law. In selecting information for disclosure Translink should make the least intrusion possible into an individual s private life. Other relevant standards British Standards Institution BSi DISC PD0008: 1999 Code of Practice for Legal Admissibility and Evidential Weight of Information Stored Electronically British Standards Institution BSi DISC PD0018: 2001 Code of Practice: Information Management Systems: Building Systems fit for Audit International Standards Organisation ISO 15489 Information and Documentation : Records Management, 2 vols. 2001 And by NITHCO Board on 9 th May 2007 Page 10 of 12

International Standards Organisation ISO 9001 : 2000 Quality management systems : Requirements MoREQ: Model requirements for Recordkeeping Public Record Office Publications (http://pro.gov.uk/recordsmanagement) including: Requirements for Electronic Records Management Systems. Volume1: Functional Requirements, Volume 2: Metadata Standards & Volume 3 Reference Document. Kew. Public Record Office. Data Protection Act 1998: A guide for record managers and archivists, PRO 2000. Management, appraisal and preservation of electronic records 2 vols., PRO, 1999. Manual of guidance on access to public records, PRO 2001. The Northern Ireland Records Management standard (as published by the Public Records Office for Northern Ireland, PRONI) Office of the e-envoy publications (http://e-envoy.gov.uk). e-government data standards catalogue, version 1, UK Office of the e-envoy, 2002 e-government interoperability framework [e-gif] version 4.0, UK Office of the e-envoy, April 2002. e-government metadata framework [e-gmf], UK Office of the e-envoy, 2001. e-government metadata standard [e-gms] version 1.0, UK Office of the e- Envoy, April 2002. e-government category lists [GCL], version 1.1, UK Office of the e-envoy, May 2002. e-government: a Strategic Framework for public services in the information age: Guidelines: Security, UK Office of the e-envoy, 2001. ISO 17799-2005: Information technology - Security techniques - Code of practice for information security management And by NITHCO Board on 9 th May 2007 Page 11 of 12

Appendix B Controls Assurance Standard RECORDS MANAGEMENT CRITERION 1 Executive responsibility for records management is clearly defined and there are clear lines of accountability for records management throughout the organisation, leading to the Board. CRITERION 2 There is an organisation-wide records management strategy, which is endorsed by the Board. CRITERION 3 A senior Executive is responsible for co-ordinating, publicising, implementing and monitoring the records management strategy and reporting on a regular basis to the Board. CRITERION 4 The organisation has a comprehensive records management programme which includes the cost-effective management of non-current as well as active records, the storage, tracking, retrieval, environmental control and destruction of records when no longer required, and which also takes account of the organisation s risk management policy and strategy. CRITERION 5 All managers ensure that staff are aware of their personal responsibilities for record keeping. This includes the creation, use, storage, security and confidentiality of records. CRITERION 6 Records management services and controls are included in the organisation s plans and strategies. CRITERION 7 Employees, including managers are provided with appropriate information, instruction and training on records management matters. CRITERION 8 Key indicators capable of showing improvements in records management and/or providing early warning of risk are used at all levels of the organisation, including the Board, and the efficacy and usefulness of the indicators is reviewed regularly. CRITERION 9 The systems in place for records management are monitored, audited and reviewed by management and the Board at least annually in order to make improvements to the systems. CRITERION 10 The Board seeks independent assurances that an appropriate and effective system of managing records is in place and that the necessary level of controls and monitoring are being implemented. And by NITHCO Board on 9 th May 2007 Page 12 of 12

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback