Records Management

Records management is the systematic control of records throughout their lifecycle - from their creation or receipt to their disposal or transfer to the University Archives.

The university requires that its records be managed in a systematic and logical manner according to plans developed by the schools and divisions that maintain university records.  The university is committed to effective records management that includes meeting operational needs and legal requirements for record retention and privacy protection, optimizing the use of space, minimizing the cost of record retention, and properly disposing of outdated records. 

University Records are all official materials created in the course of the university’s operations.

University Records can come in various formats:

  • Handwritten notes, paper documents,
  • Digital files, emails
  • Photographic media,
  • Electronic files in systems and applications

Records created, received, or recorded outside the scope of employment with the University are not considered University Records.


Records vs Data

While data represents pieces of information (e.g. personal data - SSN, date of birth, address, health data, financial data, etc.), records are documented evidence of activities and transactions (records are snapshots of data, at a particular time, for a particular purpose).

In other words, records contain data.

Records Lifecycle

Records life-cycle refers to all stages of a record's "life span": from its creation to its preservation (in an archives) or disposal.

University records should be classified in accordance with the data contained therein (per the GW Data Management and Protection Standard).

Records Classification helps identifying the level of privacy and security protection to be applied to university records, and the scope and means in which the records can be shared.

PUBLIC

  • Low risk
  • Little or no controls are required to protect the confidentiality of Public records, yet, some level of control is required to prevent their unauthorized modification or destruction of it.
  • Open Access

 Examples:

- Announcements / press releases

- Public event information

- Public directories and maps;

RESTRICTED

  • Moderate risk
  • Must be protected from unauthorized access, use or disclosure due to university policies, contract, or designation, or due to proprietary or privacy considerations.

 Examples:

- Course information / schedules;

- Access codes, legal records and contracts; general ledger data;

- Facilities records

REGULATED

  • High risk
  • Must be protected from unauthorized access, use or disclosure due to university policies, contract, or designation, or due to proprietary or privacy considerations.

 Examples:

- Student academic records;

- Protected Health Information;

- Personal Identifiable Information 

   (e.g. SSN, DL, DoB)

Records Management Training is available to staff and faculty.

Records Management Training slides

Live or virtual training sessions and workshops are scheduled throughout the year.  Check out our Events page for a list of scheduled training sessions.