Office of Ethics, Compliance, and Risk site logo

Office of Ethics, Compliance,
and Risk

 

Records Management

Records management is the systematic control of records throughout their lifecycle - from their creation or receipt to their disposal or transfer to the University Archives.

The university requires that its records be managed in a systematic and logical manner according to plans developed by the schools and divisions that maintain university records.  The university is committed to effective records management that includes meeting operational needs and legal requirements for record retention and privacy protection, optimizing the use of space, minimizing the cost of record retention, and properly disposing of outdated records.

University Records are all official materials, regardless of their format (paper or electronic, images, or video), that are created in the course of the university’s operations.

Note: Records that are created, received or recorded outside the scope of employment with the University, are not considered University Records.

Every record has a lifecycle, which outlines the phases (creation or receipt, classification, maintenance and disposition) that each record must go through, and the actions that should be taken during its lifespan.

Illustrated records lifecyle: Creation -> Maintenance and Use -> Disposition -> Permanent (archive or long-term storage) or Destruction

A records inventory is a descriptive list of the records created, received and maintained by a School or Division, along with with their date range, format, volume, classification, storage location, and applicable records retention requirements. The records inventory is not intended to outline each individual document maintained by your Office, but rather identify groups of similar or related records, with similar requirements for retention.

Having a records inventory will allow Schools and Departments to manage records systematically, and in compliance with the university’s Records Management Policy and the Records Management Procedures. The records inventory will be the foundation of the School or Department's Records Management Plan.

Your School or Division’s Records Manager should coordinate the records inventory process and document the records inventory for your office.

You may use this records inventory template to create your department's records inventory.

A records management plan is a document that outlines how records will be managed, stored, and disposed of. The records management plan is used to help Schools and Divisions (Records Custodians) successfully implement records management requirements outlined in the university's Records Management Policy.

You may use this records management plan template to create your department's Records Management Plan.

Roles and Responsibility for Records Management include:

  • Records Custodians: GW Schools and divisions that maintain University Records and are accountable for compliance with the Records Management Policy, Procedures and the Records Retention Schedule.
  • Records Managers: Staff members designated by the Records Custodians to ensure the School/Division/Department's compliance with the Records Management Policy, conduct periodic records inventories, to create and implement a Records Management Plan for their School/Division and to serve as records management SME in their department.
  • GW employees creating and maintaining university records, who are required to understand and apply university records and data management requirements in their daily activities at the university.
  • University Archivists: University Archives staff members responsible with evaluating and approving records for transfer to the University Archives and managing records collection development priorities.

Records Management Training is available to staff and faculty.

Records Management Training Slides

Live or virtual training sessions and workshops can be scheduled upon request. 

Records Lifecycle

Records life-cycle refers to all stages of a record's "life span": from its creation to its preservation (in an archives) or disposal.

 

Missing media item.

University records should be classified in accordance with the data contained therein (per the GW Data Management and Protection Standard).

Records Classification helps identifying the level of privacy and security protection to be applied to university records, and the scope and means in which the records can be shared.

PUBLIC
  • Low risk
  • Little or no controls are required to protect the confidentiality of Public records, yet, some level of control is required to prevent their unauthorized modification or destruction of it.
  • Open Access

 Examples:

- Announcements / press releases

- Public event information

- Public directories and maps;

RESTRICTED
  • Moderate risk
  • Must be protected from unauthorized access, use or disclosure due to university policies, contract, or designation, or due to proprietary or privacy considerations.

 Examples:

- Course information / schedules;

- Access codes, legal records and contracts; general ledger data;

- Facilities records

REGULATED
  • High risk
  • Must be protected from unauthorized access, use or disclosure due to university policies, contract, or designation, or due to proprietary or privacy considerations.

 Examples:

- Student academic records;

- Protected Health Information;

- Personal Identifiable Information 

   (e.g. SSN, DL, DoB)

Records Management Training is available to staff and faculty.

Records Management Training Slides

Live or virtual training sessions and workshops are scheduled throughout the year.  Check out our Events page for a list of scheduled training sessions.