University Secretary
Managing Electronic Records
For guidance on managing electronic records, either download the factsheet or select one of the options below.
1. Classification
Electronic records must be arranged in a consistent, logical way to ensure they can be easily located and retrieved. A classification scheme or folder structure should be developed, based on an analysis of the department?s functions and activities: the main areas of work carried out by the department should be identified, and a series of folders/sub-folders created into which all the documents can be logically placed. Grouping together documents according to their business functions will make it easier to manage them, particularly because documents that serve the same purpose tend to be required for the same length of time.
2. Naming
It is important to name electronic documents and folders consistently, so that they can be retrieved easily and quickly. Each department should compile a list of standard terms (including abbreviations and acronyms) to ensure uniform terminology is used for the names of committees, organisations and projects etc. Conventions should also be developed for naming documents, so that it is clear when to use capitals, spaces, hyphens, underscores, dates or numbers:
| Capitals | No spaces | Underscores |
|---|---|---|
|
Faculty Board Minutes |
FacultyBoardMinutes |
Faculty_Board_Minutes |
| Hyphens | Dates | Numbers |
|
Faculty-Board-Minutes |
Faculty Board Minutes 2008-03-12 |
Faculty_Board_Minutes_01 |
Unless documents are named consistently, they will not be listed in a logical order, and it will be difficult to locate and manage them. For more guidance, see the Factsheet: Naming Electronic Documents and Folders.
3. Metadata
Electronic records require metadata (i.e. data describing the context, content and structure of information) to ensure they can be understood and used efficiently for as long they are held. The metadata that is to be captured for each type of document should be defined and recorded: for example, relevant details can be entered within the properties field of a MS Word document (e.g. title, author, subject, access restrictions, retention period). It is particularly important to document instructions for operating record-keeping systems: for example, an Access database must include sufficient information to allow future members of staff to understand how it was set up and how it functions.
4. Version control
Version control procedures should be applied to documents that are regularly updated. Including a number and date on the title page (and within footers) will reduce confusion over which document is the current version. In addition, a control page could be included in order to record key details, such as the author, department, date of approval and date of review.
| Major changes can be indicated by increasing the whole number | ||
|---|---|---|
|
Document Ver 01 Document Ver 02 Document Ver 03 |
1st version 2nd version 3rd version |
|
| Minor changes can be indicated by increasing the decimal figure | ||
|
Document Ver 01.01 Document Ver 02.03 |
one minor change has been made to the 1st version a third minor change has been made to the 2nd version |
|
Version controls should also make it easier to identify past versions that are no longer required and can therefore be deleted.
5. Access and security
The access requirements of staff should be clarified to establish who needs to retrieve particular documents, who should be able to edit those documents, and who is authorised to delete them. Information that is only accessible to a single person should be kept to a minimum: as far as possible records that other staff may require should be stored (within an appropriate folder) on a shared network, so that departments can operate efficiently if individual members of staff are away.
Access to confidential information (e.g. personal or financial data) should be controlled through the use of ID log-ins, passwords, read-only settings, encryption; and computers must not be left unattended when logged-on. It is also essential that data held on portable media (e.g. CDs, DVDs, USB memory sticks), as well as laptops, is kept securely and protected from theft.
6. Preservation
Departments must have adequate procedures in place to prevent documents from being inadvertently overwritten. For example, staff should use templates when creating new versions of documents (rather than simply adapting existing documents) in order to reduce the risk of accidentally erasing previous editions.
The longer data is retained, the greater the risk that it could become unreadable. Procedures should be in place to ensure that records are reviewed periodically and, if necessary, migrated (together with metadata) to the latest file formats. In particular, it is important to ensure files are not allowed to fall more than two versions behind current software, as backwards compatibility may not be available for older versions.
There is always a risk of portable media (e.g. DVDs, CDs, USB memory sticks) degrading, particularly because of its susceptibility to environmental factors. All critical business data must therefore be held on a networked drive, so that it will be adequately backed up and safeguarded from hardware and software failure.
7. Destruction
Electronic data cannot be kept indefinitely otherwise it will multiply out of control, increase storage costs unnecessarily, hinder access and risk breaching the Data Protection Act (which requires data to be retained for no longer than necessary). Staff should review their records regularly and delete unwanted working copies, out-of-date reference material and unnecessary duplicates.
In addition, retention schedules should be developed to control the disposal of each department's major categories or series of electronic documents (see retention schedules). Using a logical structure of folders and sub-folders, and arranging information by date will make it easier to locate items when they are due to be destroyed.
Electronic records that do not contain confidential or sensitive information can be discarded simply be deleting them. If the data is sensitive, measures must be taken to ensure that it is completely erased and cannot be recovered. In the case of portable media, the most effective way to eradicate data is to destroy the items themselves by breaking them, scoring lines over them or using a disk shredder.