Records management policy and retention schedules

Records management is another name for ways of organising information, whether it is held on paper or electronically.

In technical terms, records and information management is the function by which the identification, classification, processing, and disposal of organisational records are managed. It is focused on the efficient and systematic control of the lifecycle of information and records, which form the University's organisational memory.

In simple terms, it aims to control the creation, version control, distribution, filing, retention, storage, and disposal of records. A record is any piece of information, digital or physical, that documents our activities, decisions, or obligations. This includes everything from student and staff data to research outputs and administrative files.

Effective records and information management ensures compliance with information-related laws, preserves the University’s past, enhances present efficiency, and supports future planning. Records are a vital corporate asset, providing administrative, evidential, and historical value while forming part of the University's corporate memory.

We manage records not just to meet legal requirements, but to support transparency, accountability, and good governance.

Identifying records

Information is considered a record if it captures details of a business decision or documents the decision-making process for administrative, legal, financial, or historical purposes.

It encompasses all formats, including paper files, emails, audio and video recordings, CCTV footage, raw data, electronic files, databases, photographs, microfiche, Teams chats, and even WhatsApp messages, provided they involve decisions related to the University or its individuals.

Records management policy

Our records management policy outlines the principles and responsibilities for managing records across the University. It sets the framework for how records should be created, stored, accessed, and disposed of, ensuring that they remain accurate, secure, and accessible for as long as needed. The policy supports staff in making informed decisions about handling information and helps the University meet its legal, regulatory, and operational obligations.

Effective records management helps us protect personal data, uphold public access rights, and maintain trust in how we handle information. It also ensures compliance with key aspects of information governance, including the UK General Data Protection Regulation (UK GDPR), the Freedom of Information Act (FOIA), and Subject Access Requests (SARs).

Retention schedules

Retention schedules specify how long different types of records should be kept before they are securely destroyed or archived. These schedules are based on legal requirements, business needs, and good practice.

They help ensure that:

• records are available for as long as they are needed for operational, legal, or historical purposes
• information is not kept longer than necessary, reducing risks and freeing up storage
• disposal is carried out in a planned and secure way, protecting sensitive data and supporting compliance