This Records Management Policy (the “Policy”) is designed to aid the College in effectively and efficiently designating, maintaining, and disposing of institutional records. It applies to all College departments, offices, and employees (including student employees) responsible for creation/receipt, maintenance, storage, use, destruction, or preservation of College records in any format. The College requires that records be managed in accordance with the procedures set forth below.
Emerson College has adopted the international standard ISO 15489: ISO 15489, Information and Documentation – Records management, as the guiding framework for this policy.
Information is a valuable asset, and its accurate and appropriate use and management are essential to fulfilling the College’s mission. Included in that mission are the needs to preserve a record of the College’s history, to comply with legal requirements concerning document use, preservation and destruction, and to enhance operational efficiency. Records containing important information that cannot be retrieved efficiently or are retained for unnecessarily lengthy periods of time lose their value and may unnecessarily burden the College’s resources.
Accordingly, this Policy establishes retention requirements to be followed by all departments and offices that will ensure the College is able to meet its operational needs and legal obligations.
Active Record: Active Records are original College records (i.e. records created by or received by an employee in the course of doing work on behalf of their department or office), which are referenced and used on a regular basis. The number of years a record will remain in active use depends on how long the law requires that the record be retained and the purpose for the creation and use of the record. Active Records must either be retained for their full authorized retention period by the office that originally created or received the document (referred to below as the “Owner”) or a College-approved storage vendor.
Archival Records: Archival Records are original College records, which have been deemed to have enduring value to the College. Archival Records are usually transferred from the originating department or office to the College Archive for permanent preservation.
College Archive: The Emerson College Archive(s) is a specialized repository that has specific protocols in place to protect the integrity, authenticity, and security of physical and digital artifacts and records that have been saved as evidence of transactions and to ensure their usability as far into the future as necessary.
College Records: College Records are original and official evidence of business transactions, decisions and actions. All information regardless of media, including, but not limited to, paper and electronic documents, and any and all other recordings such as audio cassette tapes, digital still images, digital or cassette videos, microfilm, fiche, emails, etc. that meet this definition are considered records. College Records are the exclusive property of Emerson College, except as otherwise noted in the College’s Intellectual Property Ownership Policy.
Departmental Records Officer: The Departmental Records Officer (“DRO”) is a person within a department who has supervisory responsibility and is primarily responsible for ensuring that this Policy and any departmental or office procedures concerning management of College Records are observed.
Digital Image Copy: A Digital Image Copy (scanned image) of a physical document prepared by a process that accurately reproduces the original is generally accepted by states and courts to be legally admissible into evidence to the same extent as the original document. It is critical that appropriate techniques and quality control processes are used and that the duplication is a regular practice of the business function/activity.
Disposition: Disposition is the range of processes associated with implementing records retention, destruction or transfer decisions.
Drafts and Working Files: Drafts and working files are preliminary versions of records and other working documents that do not state a final College position on the subject matter discussed. An example of a “draft” is a proposed contract before a final contract is signed; the final contract is the official record; the preliminary revisions are drafts. An example of a “working file” is the communication between parties discussing the various terms that may be included in a proposed contract. In some specific cases, such as audit working papers or calculations that support project reports, working (active) files may be considered an integral part of the official College Records.
Duplicate Record (also known as convenience or reference copy): A Duplicate Record is a copy of an official College Record held by another department or office as necessary to fulfill that department’s or office’s mission. Duplicate Records should not be retained longer than the official record copy unless an employee needs them for a valid business purpose.
Electronic Record: A College Record created, received, or maintained in a non-tangible, electronic format that requires hardware and software to read. Electronic Records include, but are not limited to, documents, spreadsheets, databases, HTML documents, scanned or imaged documents, and any other type of file warehoused online, on a mainframe, on a computer hard drive, or on any external storage medium, including disks and thumb drives, handheld computers or tablets, and cell phones.
Head of Archives: The College’s Head of Archives & Special Collections is the chief steward of College Archival Records. The Head of Archives is the College’s designee for determining what constitutes an Archival Record and what the disposition of these records should be under this Policy.
Inactive Record: A College Record that is no longer actively used or referenced by the department or office that created it (i.e. the record is no longer in current departmental or office use), but which must be retained pursuant to an approved retention period.
Official Record: Records are considered ‘official’ when they are in a final form and have been authenticated by an authorized person or business application in the department or office that originates and finalizes them. Most records that individuals and departments maintain are not Official Records pursuant to this policy. Those documents and materials should be destroyed routinely unless they are subject to a litigation hold or required for a business need.
Offsite Storage: Inactive Records may be stored with a College-approved off-site storage vendor. Offsite storage vendors provide fee-based service for picking up, dropping off, and storing inactive records.
Personal Information: Massachusetts law defines “personal information” as an individual’s name together with that person’s Social Security Number, driver’s license number or Massachusetts state identification card number, financial account number, or credit or debit card number, with or without any required security code, access code, personal identification number or password that would permit access to an individual’s financial account, or biometric indicator.
Records that contain personal information must, by requirement of law (General Laws c. 93H and 93I; 201 CMR 17.00), be maintained or destroyed in accordance with the College’s Written Information Security Plan (“WISP”). The College’s WISP should be consulted when managing any documents containing personal information.
The College will also abide by any laws governing personal information at the federal level, or for employees in California and abroad.
Records Committee: The Head of Archives may convene a Records Committee to develop procedures for implementation of this Policy. In the event a Records Committee is convened, the Committee will typically include the Head of Archives, representatives from the offices of the President, Vice President for Administration and Finance, Vice President and General Counsel, Vice President for Information and Technology, and a representative from any department whose interests will be affected by the Committee’s determinations. Authority to alter or amend this policy rests with the Vice President for Administration and Finance. At his or her discretion, the Vice President may, from time to time, consult with the Head of Archives and/or convene a Records Committee to develop amendments and/or modifications to this policy.
Records Life Cycle: The distinct phases of a record’s existence, from creation to final disposition.
Records Owner: The Records Owner is the office or department designated as having responsibility for management, retention, and timely disposal of particular types of College Records. (For example, the Office of the Registrar is the Owner of student transcripts.)
Records Preservation/Hold Order: An internal procedure to ensure that certain information is preserved which may be needed for reasonably anticipated or actual government investigation, audit, or litigation. A Records Preservation/Hold Order temporarily sets aside the retention period stated in the Records Retention and Disposition Schedule, and suspends destruction for the affected records until the Records Preservation/Hold Order is released.
Records Retention and Disposition Schedule: The authoritative source of records created and used by Emerson College and their associated recordkeeping requirements. Recordkeeping requirements identified in the Schedule are based on U.S. federal or state statutory, regulatory or other legal requirements as well as College operational requirements. The Records Retention and Disposition Schedule defines what records are being managed, how long and under what lifecycle controls records need to be retained based on the College’s operational, legal/compliance, financial and historical requirements.
I. Records Management Program Accountabilities
The Head of Archives oversees College-wide implementation of this policy. The Head of Archives is available to advise faculty, staff, and administrators on the proper management and disposition of College records as well as development of departmental procedures concerning records management. The Head of Archives is also responsible for managing access to the College Records entrusted to the Archive and consulting with appropriate staff or faculty regarding any special conditions of access to certain records.
Departments/offices are responsible for creating, implementing and monitoring department/office-specific records policies and procedures that incorporate, at minimum, the elements set forth in this Policy. Departments and offices are further responsible for consulting with the Head of Archives prior to sending records to the College Archives in order to obtain the Head of Archives’ determination of the appropriate disposition of such documents. General Counsel is responsible for providing legal advice on recordkeeping requirements and for issuing and monitoring a Records Preservation/Hold Order where there is reasonable anticipation of litigation, government investigation, or audit.
Information Technology is responsible for providing appropriate storage and media, protective procedures and systems to protect records on electronic media in conjunction with the Records Retention and Disposition Schedule and Records Preservation/Hold Order. This includes purchasing, designing, modifying or redesigning information systems, business applications and communication systems so that adequate records can be created and captured as a routine part of College operations.
Third Parties who manage College Records are responsible for compliance with College recordkeeping requirements and for making College Records available upon request by authorized personnel. College Record Owners are accountable for ensuring that third parties working on their behalf comply with all applicable recordkeeping requirements and standards.
II. Recordkeeping Responsibilities for Offices & Departments
In addition to the accountabilities described above, it shall be the responsibility of each department or office to ensure that the following are done:
- Review the types of College Records in its possession and determine appropriate formats to ensure usability, integrity and accessibility for as long as the records are needed.
- If necessary as a supplement to the Records Retention and Disposition Schedule, adopt and implement written procedures specific to all records managed by the department or office which are in compliance with said Records Retention and Disposition Schedule.
- Assign a Departmental Records Officer (“DRO”).
- Train and educate staff concerning this Policy and any departmental or office procedures for handling records.
- Consult with the Head of Archives regarding the appropriate disposition of records that may be of permanent, historic, or legal value to the College. If it is determined that some of the department/office records should be transferred to the Archive, it is each department’s or office’s responsibility to arrange for the complete and timely transfer.
- Ensure that access to records and systems containing Personal Information is restricted in accordance with the College’s WISP. Long term restrictions on access to selected Archival Records must be noted at the time of their transfer to the College Archive.
- Destroy Inactive Records that have met their authorized retention period in accordance with the College WISP and Records Retention and Disposition Schedule.
- Destroy Duplicate Records (including duplicate electronic records) immediately upon determining that such records are no longer necessary to fulfill the department’s or office’s mission.
III. Good Records Management Practices
Employees must manage College Records in a trustworthy manner that ensures their authenticity and usefulness. In order to do this, departments and offices have the responsibility to ensure that their employees:
- Create records that fully and accurately document their core activities.
- Manage and store their records in a manner that facilitates timely and accurate retrieval.
- Ensure that records are stored in authorized, secure locations and in safe, stable environments.
- Allow only those with the proper authority to access records and information systems.
- Know and carry out the proper disposition of their records (i.e., know how long to retain records and what to do with their records when they no longer actively use them).
- Know and comply with Emerson College policies, including the College Ethics and Conflict of Interest Policy.
- Know and comply with external laws, regulations, standards, and professional ethics that affect the management of their records.
IV. Life Cycle Management of College Records
An integrated lifecycle approach denotes a consistent and coherent set of seamless management processes from the moment of creation or receipt of records (and before creation, in the design of records systems), through classification, retention scheduling, storage, use, and destruction of temporary records or the long-term preservation of selected records. The integrated records management lifecycle model requires enterprise governance, shared accountability, and a commitment to information stewardship in order to ensure sustainability of these critical management activities.
1. Records Creation/Receipt
All departments and offices are responsible for creating College Records that accurately document their core activities. They are also responsible for properly handling records received from other College departments or from outside parties. To do this managers and employees should:
- Determine what records they need to create/receive and use to conduct their business.
- Determine which employees have the responsibility and authority to create and use departmental records.
- Incorporate departmental records creation activities and responsibilities into departmental policies and procedures and provide periodic training on good recordkeeping practices.
- Periodically review departmental records creation/receipt and filing procedures.
- To the extent possible, limit creation of records with Personal Information.
- Protect College Records at all times from inadvertent loss or damage and from access by unauthorized persons.
2. Records Use and Storage
All departments and offices must maintain their records in a safe, stable, and secure manner that supports their timely and accurate retrieval with appropriate controls on their accessibility. To do this managers and employees should:
- Develop filing, classification, and/or indexing systems for College Records that all employees understand and follow. These systems need not be complex—they only need to enable people to find the appropriate records quickly and to ensure disposal of duplicate records that are no longer in use.
- Know the storage locations of all departmental records (stored internally or by a third party).
- Store College Records in stable environments.
- Storage of physical records means keeping them in dry, clean areas that are protected from the elements and have appropriate temperature and humidity controls.
- Storage of digital records means ensuring that electronic records are stored on stable media, encrypted, and preserved in readable software formats.
- Periodically check the stability of departmental physical and electronic storage environments.
- Ensure that departmental physical and electronic records storage areas are secure. Know who has access to their physical storage areas. Periodically review records storage security measures.
- Determine the confidentiality and privacy status of all departmental records. A variety of internal policies, contractual commitments (such as confidentiality clauses), and external laws and regulations such as FERPA (Family Educational Rights and Privacy Act), HIPAA (Health Insurance Portability and Accountability Act), and relevant data privacy statutes and regulations, may determine the confidentiality and privacy status of their records.
- Know who has the proper authority to view College Records.
- Ensure that records storage security measures meet confidentiality and privacy requirements.
- Document records classification and filing systems, storage locations, and security/access procedures.
3. Records Disposition (Includes Retention, Destruction and/or Transfer)
All departments and offices must comply with the records retention and disposition provisions of their departmental policy, the Records Retention and Disposition Schedule, and this Policy. Departments and offices must either confidentially destroy their duplicate records, store inactive records (whether in the department or office or with an off-site vendor), or transfer them to the Archives for permanent retention. In no case should duplicate records be retained beyond the periods set forth for official records in the Records Retention and Disposition Schedule.
This Policy gives the Head of Archives the responsibility to determine the appropriate disposition for College records in consultation with faculty, staff, and administrators. The Records Retention and Disposition Schedule sets forth retention periods that are either mandated by law or otherwise required by the College, in accordance with business practice or need. Unless the law or a court order requires deletion or destruction of materials at a certain date, retention periods may be adjusted to reflect administrative needs or transferred to the Archive as an archival record. In order to determine the appropriate disposition for College Records, departments should:
- Consult the College’s Records Retention and Disposition Schedule.
- If necessary, contact the Head of Archives for assistance in interpreting the records schedules or creating new schedules.
- Ensure that College records are not destroyed if they are currently part of, or are likely to be part of, any legal action or proceeding, litigation, audit, investigation, or review, even if the records retention schedules or other policies or procedures indicate that the records are eligible for destruction. If made aware of the possibility of any legal action or proceeding, litigation, audit, investigation, or review, the Office of the General Counsel will issue a Litigation Hold directing departments and offices to preserve any potentially relevant records.
All departments and offices must destroy, in a confidential manner, College Records that have met their authorized retention period and are not subject to any legal holds. Departments and offices may only use the general trash or recycling to destroy records and documents that have a wide and open distribution at the time of their creation, such as publications. All other records should be destroyed in a confidential manner.
For records containing Personal Information:
- Paper records must be redacted, burned, pulverized or shredded such that Personal Information cannot be practicably read or reconstructed.
- Electronic records must be destroyed or deleted such that Personal Information cannot practicably be read or reconstructed.
It is imperative that employees actively monitor their possession and use of non-official College records (i.e. duplicates or copies). In the event a question arises concerning which office should maintain the Official College Record, DROs should be in contact with one another and if necessary, consult with the Head of Archives. When an office that is not the Record Owner is finished using a duplicate record, the DRO should ensure that all duplicate/reference copies of the record are destroyed in accordance with the destruction procedures set forth in this Policy.
All departments and offices must ensure that their recordkeeping practices are in compliance with applicable Emerson College policies and external laws, regulations, standards, and professional ethics. To be compliant in their recordkeeping activities, employees should:
- Identify and track changes to the applicable Emerson College policies and external laws, regulations, standards, and professional ethics. Updates to this Policy will be circulated throughout the College.
- Ensure that the staff understands the applicable Emerson College policies and external laws, regulations, standards, and professional ethics.
- Refrain from any recordkeeping activity that does not comply with applicable Emerson College policies and external laws, regulations, standards, and professional ethics, including retention of paper or electronic documents on desktops, laptops, handhelds, cell phones, etc. when those documents are no longer necessary to fulfill a department’s or office’s requirements.
VIII. Additional Considerations for Electronic Records
Use of electronic media is quickly surpassing reliance on paper documents. As a result, departments and offices must be vigilant in their safeguarding and destruction of electronic information. Departments are required to incorporate the electronic destruction and storage requirements of the College’s WISP into their departmental and office procedures. In addition, departments and offices should consult with the Department of Information Technology concerning storage space, confidentiality, and retrieval of inactive electronic records.
Cross References to Related Policies
The responsible officer for this policy is the Vice President of Administration and Finance.
Key Office to Contact Regarding the Policy and Its Implementation
The Archives & Special Collections of Emerson College is responsible for the oversight and implementation of this policy.