Records Management Policy
This policy was posted for public comment from September 12 - September 27, 2023.
Comments
Definitions: A- I read the definition of classification but didn’t see “classification” appear anywhere outside the definitions. Is it only supposed to be listed in the role of the records officer (M)? L – Records Custodian – does this position need to be specifically designated by a VP, or can it be the Records Officer (M) M- Records Officer – should this title be Records Steward to mimic the data governance framework that has been written? b- Can we add a definition or titles of who is an Executive Officer?
|
Responses
Section 4.K, Records Management Guidance Document, has been added to the policy procedures. It will hyperlink to the Records Management Guidance Document, which addresses many concerns raised in the 15-day comment period regarding email, records format conversion, and records destruction. The content of the guidance document will be reviewed more frequently than the policy. The section reads as follows:
“Maintained by the records officer, the Records Management Guidance Document provides additional support and guidance for records custodians."
Definitions (sections 3, 4.F.2.b, and 4.G.2.d)
The Executive Cabinet was consulted regarding concerns over the definition of "College Executive." In response to their conversations, F.2.b has been revised to reference "college administrators" instead of "executive officer," and definition 3.C now reads,
"College Administrator: the president, all vice presidents and everyone who reports directly to a vice president (excluding administrator assistants), associate and assistant vice presidents, the provost, associate and assistant provosts, deans and assistant deans. College Administrators’ correspondence is subject to the records retention schedule for state agency executive correspondence (GRS-1758)."
Information about metadata is available in the records management guidance document, which will be hyperlinked in the policy (4.K).
The term “classification” is implied in 4.F.1.c. However, that point has been rewritten for clarification. It now reads:
“Departments that store records classified as private, controlled, or protected on a portable or external storage device must store such records so only authorized persons can access them.”
No changes have been made to the policy in response to these comments.
Records Custodians (3.L) are the individuals within the division's departments responsible for implementing the records management program for their areas. The VP or their designee is best suited to determine this for their divisions and/or departments.
The title of Records Officer (3.M) is a specified role in the Utah Public Records Management Act (PRMA). PRMA is one of two laws that the policy is built from. The Records Officer and a Data Steward are not synonymous and have differing responsibilities. For example, a Data Steward may determine who can access data. However, if the Records Officer receives a GRAMA request for records containing data, a Data Steward cannot deny the request. The Records Officer (in collaboration with Legal) determines if a GRAMA request is fillable and the appropriate classification of the records.
Records Retention Schedules (section 4.F.2.a)
No changes have been made to the policy in response to this comment.
The State Archives set the records retention schedules per the Public Records Management Act (PRMA). The records management guidance document has more information about how to classify and retain emails.
Records Management Activities Regarding Records Format Conversion and Proper Disposal of Paper Records (sections 4.G and 4.I.2.c.(1))
No changes have been made to the policy in response to these comments.
“Maintain the integrity of the original records” in the context of converting records means that the electronic record must be the same or a higher quality copy of the original record (legible text, formatting retained, no redactions, color scan if needed, etc.). This is also explained in the “changing formats” section of the records management guidance document that will be hyperlinked in the policy (4.K).
How physical records are destroyed is left to the discretion of the records custodian. Physical records need to be destroyed in a way that the information in them is unrecoverable. The records custodian may do this themselves, use the contracted service, or have someone else in their area do it. They just need to ensure that the destruction gets done appropriately and maintain a destruction log.