The paragraphs below outline the meaning of wording often used when referring to Records Management.
The right, opportunity and means of finding, using or retrieving records. In the case of electronic data, security measures such as pass words, locking down drives or sites, encryption etc. should be used to ensure that only colleagues that need to see those documents can access them. In the case of paper/hard copy files, they should be subjected to physical controls e.g. locked cabinets, drawers or rooms.
The principle that individuals, organisations and the community are responsible for their actions and may be required to explain them to others (see also pages on "Freedom of Information" and "Information Governance").
How the value of the record is measured in order to determine at what stage it could be destroyed or kept during its life cycle (see also retention schedules). Criteria for appraisal are based on the primary (administrative, fiscal and legal) and secondary (evidential and informational records).
Records which have been created or received by the University in the course of its activities and functions and selected for permanent preservation for their historical or evidential value by HIG in consultation with the record creators. See also our pages regarding the Heriot-Watt Archive.
An official examination and verification of accounts, records and systems.
This is often defined by the so-called 3 Vs: volume, variety and velocity. It uses massive datasets, brings together data from different sources and can be used to analyse data in real time. It is difficult to produce a watertight definition. Big data has been described by as a phenomenon rather than technology and that's a useful distinction (UK Information Commissioner's Office (ICO)).
Systematic identification and arrangement of business activities and/or records into categories according to logically structured conventions, methods or procedural rules.
Any personal information that would cause damage or distress to individuals if disclosed without their consent; any other information that would prejudice the University's or another party's interests if it were disclosed without authorisation.
Records regularly used for (and which contain immediate relevance to) the conduct of current business that are contained in their place of origin.
"A person (either alone or jointly in common with other persons) who determines the purposes for which and the manner in which any personal data are, or are to be, processed." (ICO). Heriot-Watt University is registered with the ICO as a Data Controller. University employees who are processing personal data on behalf of the University as an legitimate part of their employment do so under this registration notice.
The living individual to whom the data relates who is therefore the subject of personal data.
Recorded information or object which can be treated as a unit.
A unit or piece of recorded information that can be deciphered. A document may be any format - hard copy or electronic. A document may not necessarily be a "record", however records always originate from documents. A document is recorded information which is not, or not yet, a record of business activity e.g. a blank form is a "document" but once it has been completed, it is likely to become a "record" or part of a record". Some documents such as promotional material will be records to the business that produced them but not to those that received them.
Document management system
A propriety electronic system that scans, stored and retrieves documents received or created by an organisation. There is a distinction between this this and an Electronic Records Management System.
The destruction of records when they have ceased to have any operational or historical value to the organisation. There is a range of processes associated with implementing appraisal decision, for example: to retain, delete or destroy records - but these may also include the transmission or migration of records between systems and the transfer of custody/ownership of records.
The retention or disposal of records (see above).
Records held in digital form, for example: databases, e-mails, scanned images, MS Word/Excel etc., and web pages.
Electronic Records Management System
An electronic system for the control of document management systems. The latter may lack the features to provide essential information about records required for sound records management (for example, the ability to appraise records at file level , and to indicate when records have been assessed or altered and by whom; or the ability to support retention scheduling.
Records which are only of use in the short term and of value for contributing to the creation of more significant records which are subject to formal, longer-term retention periods. Ephemeral records are those records which will no longer be required once the record/ business to which they contributed is finalised - they are usually received or created in the course of normal/routine business. This term also applies to records which are insignificant for business purposes and those kept for personal reference. Examples include duplicates, calculations, reference materials, rough notes which have been used to contribute to the compilation of other records and in the case of minor records, the drafts and versions which have not been circulated/sent out (this no longer applies once they have been circulated) or used for business purposes. Examples also include informal e-mail and "thank you" messages, or those which do not evidence business activities and personal messages/documents
Please note: drafts and versions of important records such as policies, strategies, formal meetings and proceedings etc. are NOT ephemeral records. Those records which evidence important decisions document the development process to the final decision or record/s, show significant changes etc. should be kept as part of the final record.
Folder structure that classifies and groups documents and records with the same characteristics together (physical or electronic). Documents and records should be grouped together according to the functions, activities and tasks that they support.
Information includes, but is not confined to, paper and electronic documents and records; email; voicemail; still and moving images and sound recordings; the spoken word; data stored on computers or tapes; transmitted on networks; printed out or written on paper; carried on portable devices; sent by post, courier or fax; posted on our intranet, internet or sharepoint sites; or communicated/posted using social media.
The framework of accountability, processes and controls to support effective management of information throughout its lifecycle to meet the organisation's business needs and legal and stakeholder obligations. It incorporates the creation, management and destruction of information, security, privacy, access rights and legal discovery.
Information security management system
The part of the overall management system based on a business risk approach to establish, implement, operate, monitor, review, maintain and improve information security. The management include organisational structure, policies, planning activities, management responsibilities, practices, procedures, processes and resources.
The life of a record, consisting of 3 distinct phases:
- its creation, distribution and use of a current record;
- its maintenance as a semi-current record; and
- its disposal or archiving as a non-current record
A description or profile of a document i.e. data about the data. The description may contain data relating to the context, form or content of the document and its management through time. With electronic records metadata are attached to, or form part of, each record. Examples of metadata include: information about the author, title and subject of a document.
Non-current records (inactive records)
Records no longer needed for reference by their creators, which are seldom used but which need to be retained by the organisation for legal reasons, for example, financial statements; recruitment records or for potential archiving as historical records, for example Annual Accounts, Court and Senate Committee minutes.
Any information that relates to an identified or identifiable person (the Data Subject), or which in combination with other information in the possession of, or likely to come into the possession of, the Data Controller would permit their identification. This includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual.
The process and operations involved in ensuring the technical and intellectual survival of authentic records over time.
A record is any piece of information created or received and maintained by an organisation or person in the course of their business or conduct of affairs and kept as evidence of such activity. Records can be held in the form of letters, memos, faxes, databases, e-mails, plans, videos, photographs, slides, audio recordings, CDs, CD-ROMs, microfilm and any other medium.
Records have three main purposes:
- evidence of a transaction and its terms in the event of a dispute
- as reference material for the organisation of facts, background, prior actions and ideas to be used in the decision-making process
- to comply with legislative or professional requirements for the retention of records
The discipline and professional function of managing records to meet the organisational needs, business efficiency and legal and financial accountability.
Specific time periods for which records are kept (see below).
A list of records series of an organisation with directions for how the records are to be disposed of after their creation and initial use. A schedule is a written statement of how long each series, or group of series, is to be kept (e.g. a period of years, until an action has been completed, or indefinitely) and may include instructions on when records are to be transferred to archives or destroyed.
Retention schedules are policy documents which ensure compliance with legislative and regulatory requirements.
Records not needed on a regular basis, but still required sometimes for consultation by their creating body. The lifecycle phase between current and non-current could be a previous year's record kept for reference while the current work is done.
A group of identical or related records that are normally used and filed as a unit, and which permit identification/evaluation as a unit. A series may consist of one or many records.
Those records which can be disposed of immediately or within a short period of time. These records may contribute to a certain record with a longer retention period eg hand written notes for the purpose of compiling meeting minutes can be destroyed once the minutes have been approved.
Records that are onlyuseful for a short period of time and will not be required again once they are superceded by the records to which they contribute.
Capturing and maintaining information about the movement of records.
Those records crucial to the conduct of an organisation’s business, without which an organisation could not continue to operate for example in the event that flood, fire, bombing or another disaster destroyed all other records.
Examples of Heriot-Watt University vital records include:
- Student records database
- Insurance documents and records
- Building plans
- Research records and data.