Wonder if back in 1965 the information being typed in this room was powering the massive computers sitting in the basement! Since the release of the draft General retention and disposal schedule (GRDS) for consultation, we’ve made changes to some of the record classes in Information Management, particularly the technology-related ones. So for all those eagle-eyed people out there, we wanted to flag things in the updated GRDS which may look a little different than what you saw in the draft consultation version.
Below are the major changes we made which have been designed, based on your information, to try to ensure the record classes meet requirements for today and beyond.
Master control records
There are now two master control record classes – one for permanent value records and one for temporary value records. For the permanent value records, this includes case file registers.
Both of these record classes now include events logged by business/software applications where these are the only source of recordkeeping metadata.
Where permanent value records have been disposed of through transfer to QSA, these records need to be retained permanently in your agency. While QSA keeps our transfer documentation information permanently, your agency also needs to retain these records so you know when the records were transferred and what your agency is still responsible for.
The retention of disposal documentation for records which have been destroyed has been changed from permanent in the agency to 50 years after the disposal of the related records. The retention period has changed to take into account that there is limited community value, after 50 years, in retaining these records for the purpose of holding a government accountable for past actions.
For the life of the record
There is a new retention period for the temporary value master control records and data quality and integrity validation records – ‘for the life of the record’. This disposal trigger basically means what it says, you retain the information for as long as the record that it is controlling or validating exists.
Control mechanisms (e.g. data dictionaries, encryption, versions, etc.)
Based on consultation feedback, the retention period for control mechanisms has changed to ‘2 years after application is closed, discontinued or superseded (through upgrade or major modification)’. By making the disposal trigger more specific, we have been able to reduce the actual retention period.
Previously named `data migration’, the retention for `system migration’ records is now ‘1 year after data is either migrated again or destroyed’. In the past we have received queries asking what the trigger ‘1 generation after migration’ meant. This new trigger should be clearer, and easier to understand and implement.
Privacy and right to information
In the draft consultation there were two separate activities for privacy and right to information. Based on feedback from the Office of the Information Commissioner, it was decided to merge these two activities to help reduce the administrative burden of these two processes.
Do you have any comments on these changes in the Information Management function? Are they going to be easy to implement in your business systems? Let us know!
Featured image: Computer area – Treasury Building, Brisbane, June 1965. Digital image ID 21838