A Good Practice Guide To Records Management
Having a good records management procedure in place ensures that your organisation or business can operate in a more effective manner, with staff being easily able to create, locate and retrieve information as and when necessary.
Effective records management involves having an organised approach, appropriately sharing information and adhering to legal guidelines, and being able to provide evidence of activities, decisions and actions for future reference. It also means being able to discard unnecessary information so that extra time and resources are not wasted on managing and storing obsolete data.
What is a record and who is responsible for them?
The term ‘record’ is applied to any document (paper or electronic) that; records a business transaction, provides evidence of an activity within the business, is required as evidence of compliance with legal or statutory guidelines, or is a historical record necessary to the understanding of a business and its activities.
All members of staff within an organisation who create, receive or utilise records are responsible for them, but a records management officer should also be appointed to ensure that they are being correctly managed.
Due to the increased use of digital programs and files, many records are automatically created and stored such as invoices and receipts. However, if not automatically created you should consider whether you need to create a record based on whether it supports business activities or shows evidence of activities, transactions or decisions taken. Some records will need to be created due to legal obligations and for compliance reasons.
When creating records there are a number of points that you should bear in mind;
- Although records can be created both digitally and using paper, the medium should be accessible and retain its integrity for as long as the record is needed. In some instances, if a record must be kept for a large amount of time, it may be better to create an electronic record as paper can become damaged over time.
- All records must be accurate and complete, the best way to achieve this is by creating the record as soon as possible after the transaction, and event or decision has been made / taken place.
- Keep duplicate copies of records to a minimum. If it is necessary to create a copy of a record this copy should be destroyed as soon as it is no longer needed.
- Records should be appropriately named using a format relevant to your organisation and the team who will be accessing the records. The records name should contain enough information so that the contents of the record can be easily identified without having to open it.
To ensure the safety and longevity of records they should be correctly stored and easily accessible. If named correctly it will mean that records can then be stored using a comprehensive system.
When storing records for your business or organisation there are some points you should be aware of.
- You should designate spaces for both digital and paper records to be stored, ensuring that all staff responsible for creating or handling records are aware of these locations.
- Where possible these locations should be shared, allowing access to all those that need them.
- However, where sensitive or protected data is being stored there should be appropriate safeguards in place so that only those cleared for access can obtain the record. This could include adding passwords to digital files or storing paper records in a locked container.
- For records that are being kept for historic reasons or records that are infrequently accessed you may consider offsite storage. This will free up space for your organisation and will also save time when looking through stored records as only those that are relevant are kept on site.
- If digital records are being kept on USB sticks or portable hard drives you should be aware that these devices are not intended for long term storage. Records being kept on portable devices should be transferred to a more secure storage system such as a server, in-house or cloud-based.
Email is a commonly used method of communication and emails can often contain important information or records that need to be retained. However, email is not a secure way of storing records and they should be transferred to the appropriate storage location.
When using emails to communicate you should consider;
- The recipient of the email – if it contains sensitive data is the recipient qualified to access this information?
- Emails can quickly pile up in your inbox; you should regularly delete ones that are no longer needed so that important emails can be found with ease.
- Regularly clearing emails from your sent and deleted folders is also helpful and can minimise the time needed to track down email chains and important information.
Managing the ‘lifecycle’ of records
There are four stages in the lifecycle of a record;
- Creation – when the record is first created.
- Active records – these are frequently accessed and should be stored on-site in a location that is easy to get to.
- Semi-active/ inactive records – These records are no longer needed for day-to-day business activities but still need to be retained for legal or financial reasons. As these documents are rarely accessed many organisations choose to store these in an off-site storage facility or away from their prime office space.
- Final disposition – this refers to the end of a records lifecycle and is the process of the record being securely destroyed once it is no longer of use to the business or organisation.
Effectively managing the lifecycle of your records will cut down on prime office space being taken up by trying to store records that are no longer relevant. It will also save the time and resources of members of staff who need to look through the records to locate specific files.
The lifecycle of your records can be managed through a retention schedule or tracking system which will alert you once a record has come to the end of each phase. You can then review the record and see if it is still needed or if it can be moved onto the next stage of its lifecycle.
How do you manage the records of your business or organisation? Tweet us @BoxItCentral and tell us!