Copy
– Applicant
FOI/14983
Copy
– Applicant
FOI/14983
STIRLING COUNCIL RECORDS POLICY
Key Messages
Council records are valuable and must be managed as important corporate & cultural
assets of Stirling Council, for staff & the wider community
Council records can be on paper or be electronic, or both, and can be kept within
personal, shared or corporate storage environments – none the less they must all be
managed in the same way, irrespective of format or location
Council records need to be accurate, consistent and maintained to be of any value.
The Public Records (Scotland) Act, 2011, requires us to document & publish our records
management responsibilities, policies & procedures for public and governmental scrutiny
We all have responsibilities in managing Council records, as we rely on them to do our
work (not just for legal or audit purposes) – these are now outlined in this policy
Copy
How we create & manage records needs to be documented in Service or team
procedures throughout the Council, to allow for internal & external review of our practices
Very few Council records need to be kept indefinitely, with routine records destruction
supporting a more efficient organisation, however we have to be consistent & transparent
on what we destroy & when by following a standards based retention process
Some Council records are central to the basic running of Council services – these are
vital records and must be identified as part of the Council’s business continuity planning
A Council Records Centre is run by the Records & Information Compliance Team to help
you store & manage Council records appropriately
Stirling Council Archive Service is the designated place of deposit for the historical
records of Stirling Council & its predecessors within the Stirling area
1. Purpose
– Applicant
This policy sets out the Council’s responsibilities and activities in regard to the
management of its records. It governs the management of all records created or
acquired on the Council’s behalf in the course of Council business.
This policy and related guidance aims to:
provide a framework for good records management practices within Stirling
Council that ensure records are managed and retrieved effectively and
efficiently
support the Council in complying with its statutory and regulatory obligations
ensure Council records are reliable and authentic
define records management responsibilities throughout the Council
foster a working culture which acknowledges the value and benefits of
FOI/14983
accurate record creation and effective management
encourage a leaner Council that retains records for only as long as required
for business purposes
support public rights of access to information held by Stirling Council, and
ensure Council records of evidential and historical interest remain accessible
to the wider community
Note – underlined words are links to further guidance
1.1 Definitions
Council Records are defined as;
recorded information in any format (including paper, microform, electronic and
audio-visual formats),
which are created, collected, processed, and/or used by Stirling Council
employees, Elected Members when undertaking Council business, or
predecessor bodies (e.g. Central Region Council, Stirling District Council, County
of Stirling)
and which is then kept as evidence of that business.
Records management is defined as an ongoing process that helps make the creation,
use, management and disposal of records more consistent, efficient and accountable.
Copy
2. Scope
This Council wide policy and related guidance applies to all staff, Elected Members when
performing Council business, and third parties (i.e. contractors, consultants, voluntary
and not for profit organisations) performing a public function for Stirling Council.
3. Legislation
Stirling Council has to comply with numerous statutes, regulations and instruments at
Scottish, UK and European levels that cover the creation and management of records.
These collectively span across all functions of a Scottish Local Authority. The common
theme is the implicit expectation or explicit requirement that these records are to be
managed appropriately and transparently.
Key pieces of statute in relation to the management of records are:
Public Records (Scotland) Act 2011 requires public authorities to detail their records
– Applicant
management policies, procedures and responsibilities in a Records Management Plan,
which is subject to review by the Keeper of the Records of Scotland.
Freedom of Information (Scotland) Act 2002 provides a public right of access to
information held by Stirling Council. Under Section 61 of the Act, Scottish Ministers have
issued a Code of Practice on Records Management which outlines the approach public
authorities must follow in relation to the creation, keeping, managing and disposal of their
records.
Data Protection Act 1998 governs the processing, retention and protection of personal
information within the Council. The Act requires personal information to be recorded
accurately, maintained, kept only as long as is necessary and be accessible by the Data
Subject.
4. Policy
FOI/14983
4.1 Summary
Council records are sources of administrative, evidential and historical information
necessary for the effective functioning and accountability of the Council. Over time they
will provide valuable evidence and understanding of the community it serves.
The management of Council records is the responsibility of all staff – Heads of Service,
Service managers, team leaders, administration support, front line and specialist staff.
Note – underlined words are links to further guidance
In implementing this policy, Council Services will have to create and document;
Procedures on how to adequately capture information and evidence of business
activity within records as well as how to manage these records subsequently
Retention rules for the records of every business activity they perform
Record keeping systems and structures for both paper and electronic records that
provide the appropriate levels of access, security and management
4.2 Roles and Responsibilities in regards to Council records
The
Chief Executive is ultimately responsible to the Elected Council for the records and
records management practices undertaken within Stirling Council. They are also
responsible for the management of Stirling Council’s records under section 1(2a) of the
Public Records (Scotland) Act, 2011.
Copy
All Heads of Service have a general responsibility within the Scheme of Sub-Delegation
(G53) to ensure that records within their Service are managed according to statutory
responsibilities and Council policies. They must do this by
issuing and reviewing of records management procedures within their teams
nominating a
Service Information Officer, who will act as a monitor of those
procedures and relevant retention schedules and as a liaison with the Records &
Information Compliance Team on records related projects and issues
ensuring contracts with third parties performing a public function contain
appropriate clauses on expected records management behaviour
The
Chief Governance Officer has the responsibility to authorise, in conjunction with
each Head of Service, retention schedules that define how long records should be
retained and what should happen to them subsequently. The officer is also responsible
for reporting to the Elected Council any significant or ongoing information risks or records
management failings within Stirling Council.
– Applicant
Service Managers have a responsibility to ensure that staff are aware and confident of
Council records management policies, procedures and guidance.
Employees have a responsibility to ensure they create, manage and dispose of records
in accordance with relevant policies and procedures.
Elected Members have the same responsibility to manage and dispose of records
created in their role as representatives of the Council according to relevant policies and
procedures.
Third parties (i.e. contractors, consultants, voluntary and not for profit
organisations) performing a public function for Stirling Council must also adhere to
this records policy and relevant records management procedures of the Council when
creating and managing records relating to that public function. They must retain these
FOI/14983
records according to relevant Council retention periods and allow access to them and
their records management systems to relevant Council staff.
The
Records & Information Compliance Team is responsible for providing advice and
support to Council Services on the management of their records. They are also
responsible for the Council’s central Records Centre.
The
Council Archives Service is the designated place of deposit for council records
required for permanent preservation, whether for business or cultural purposes. It is
Note – underlined words are links to further guidance
responsible for preserving, promoting and making accessible these records, and other
historical records that may be acquired by the Council.
4.3 Arrangements for Council Records
Creation
Stirling Council employees must create accurate records to accompany their work in
order to provide authentic and reliable evidence of Council business, as well as to
document cultural and community activity within the Stirling Council area. Employees
should be aware of any procedures on records creation and authorisation that have been
developed by their team.
Records in use
Council records must be managed in effective record keeping systems that allow the
efficient retrieval of information to support business requirements and public rights of
access. This requires procedures to be developed for each business activity within a
team, detailing how records are to be filed and maintained. These procedures need to be
Copy
documented, approved, disseminated and regularly reviewed by teams for their own use,
with support and guidance from the Council’s Information Management Group.
Storage
Storage of Council records must be secure to prevent unauthorised access, must meet
fire and health and safety regulations, and ensure continued access to records over time.
Electronic records should be stored on the Council’s IT network in structured shared
drives that conform to the Council’s File Plan, or in valid electronic record keeping
systems.
All business units must identify vital records as part of their Business Unit Recovery
Plans.
Records no longer needed for immediate or routine use should be sent to the Council’s
central Records Centre for storage and management.
– Applicant
Retention and Disposal
The Council is required to develop retention schedules, according to which Council
records must be routinely disposed.
These schedules will take account of statutory, regulatory, business and historical
requirements, and will be drafted by the Records & Information Compliance Team in
conjunction with each Service.
The Chief Governance Officer and the relevant Head of Service must sign off a schedule
for it to be authorised and applied.
Changes to retention schedules (e.g. the delaying or bringing forward of the destruction
of records) will need documented approval from both the relevant Head of Service and
the Chief Governance Officer.
FOI/14983
Records containing personal or confidential information must be destroyed securely, and
a log must be kept of all record disposals in compliance with the Council’s Personal Data
Policy.
No Council record may be destroyed – even routinely – if a request for access to the
information contained within that record under the Freedom of Information (Scotland) Act
2002 is still active.
Note – underlined words are links to further guidance
Selection and Transfer to Archive
Council records identified as having evidential or historical value are to be transferred to
the professional care of Stirling Council’s Archive Service for permanent preservation
after they have ceased to be of business use.
Records from Stirling Council’s predecessors (e.g. Stirling District Council, Stirling County
Council, civil parishes etc.) must also be transferred to the Archive Service.
The Archive Service is responsible for maintaining the selection criteria for permanent
preservation of council records, to be developed in conjunction with its overall Acquisition
Policy.
Preservation and Access
Council records in the care of the Archive Service will be stored, arranged, described,
indexed and made accessible in accordance with professional archival standards and
recommendations.
Copy
The Archive Service is responsible for ensuring that the records in its care are best
exploited for use by the community and by the Council.
Electronic Record Keeping Systems
Council business systems that hold electronic records must be configured to ensure they
create, maintain and dispose of those records in compliance with statutory requirements
and professional standards. The Council’s Information Management Group is responsible
for issuing and maintaining guidance on electronic record keeping systems to support
managers in acquiring and using appropriate systems.
5. Implementation
This policy is supported by additional policies, procedures and guidance produced by the
Council’s Information Management Group.
Records management procedures will be developed for business activities within teams
by Team Leaders to embed good practice and requirements into record creation and
– Applicant
management practices. These should be routinely reviewed and approved by the
relevant Head of Service.
The Records & Information Compliance Team will draft retention schedules for each
Service in consultation with the Head of Service. Once finalised, the Head of Service and
the Chief Governance Officer will sign off on the schedule.
The team will also provide training and toolkits to support managers in developing
appropriate procedures as well as general training for all staff to ensure awareness of
obligations and responsibilities towards Council records.
6. Monitoring
The Records & Information Compliance Team will conduct rolling and periodic reviews of
records management procedures and compliance with this Policy within teams.
FOI/14983
Separately, Council business systems that create and manage electronic records will be
subject to assessment to identify and help manage any information risks. Results of
these assessments will be reported to system owners, as well as to the Information
Management Group.
7. Enforcement
Failure to comply with this policy and related procedures will be reported to the
Information Management Group to resolve in conjunction with the relevant Head of
Note – underlined words are links to further guidance
Service. The Chief Governance Officer will report significant or ongoing failings to the
Governance & Audit Committee of the Elected Council.
The Council may also be subject to external review by the Keeper of the Records of
Scotland on its records management policies and practices, as per Section 6 of the
Public Records (Scotland) Act 2011.
Copy
– Applicant
FOI/14983
Note – underlined words are links to further guidance
Element 10: Business Continuity and Vital Records
Introduction
Stirling Council and Stirling Licensing Board are expected to have arrangements in place to
support records vital to business continuity, and to ensure that records are accessible in the
event of an emergency.
Statement of Compliance
Copy
Stirling Council has an overarching Business Continuity Management Corporate Strategy &
Framework which governs its business continuity arrangements (
Evidence 50).
Each Council business unit has its own Business Unit Recovery Plan which covers the identified
critical processes of each individual area, and contains information for dealing with absence
or shortage of any of the following resources required by the processes: Building, Employees,
IT including data, Telephony, Equipment, Materials (
Evidence 51).
The Records & Information Compliance Team has produced guidance on Vital Records which
can be used by business units to identify records to be detailed in their Recovery Plan
(
Evidence 52).
In addition, the Records Register is intended to capture relevant rules and information about
al the types of records held by the Council, including whether or not they are regarded as
– Applicant
“vital”. The Register of Records is work in progress, and will be used to monitor
implementation of the Records Management Plan. An extract is attached (
Evidence 9).
Most Council records are held in electronic format. The Council has arrangements for regular
backup of information held on council networks (
Evidence 53) and an Information Technology
Disaster Recovery plan to ensure that, if lost, information can be recovered (
Evidence 54).
Council services which require access to vital electronic records in the period before the IT
Disaster Recovery Plan can recover information should document local arrangements in their
Business Unit Recovery Plan. For example, the Records Centre makes a regular back-up of its
Inventory to ensure continued access to information in the event that there is no access to
information on the council network (
Evidence 55).
FOI/14983
In relation to paper record, the Records Centre and Stirling Council Archives have an Incident
Control Plan which deals with the prevention of damage, and reaction to any incident
involving paper records. This plan can also be used as the basis for incidents involving paper
records in offices (
Evidence 56).
18
Stirling Council has a subscription to the Harwell Priority User service (Priority User no. 317)
which can be used to provide immediate assistance in the event of an incident, or to recover
and restore records (
Evidence 57).
Assessment and Review
Further work is needed to ensure that all services identify vital records in their Business Unit
Recovery Plan, and to ensure that information risks are considered regularly by the Council’s
Information Management Group.
Copy
– Applicant
FOI/14983
19