Where to store electronic records instruction

Instruction statement

This instruction outlines in more detail the requirements for electronic records management described in the Records Storage Procedure.

NOTE: University records must be managed in accordance with all RMIT policies and procedures regarding security, record retention, management and disposal. See the definition of a ‘University Record’ for more detail.

This instruction relates to all university records created or managed by or on behalf of the University. This instruction applies to all University operations including those of RMIT University controlled entities, outsourced providers, offshore partners and any contractor or other body engaged by RMIT.

Compliance is required by all RMIT IT users (e.g. employees, officers, staff, contractors, students), systems/infrastructure, applications and networks.

Exclusions

Research Records (Refer to the Research Policy Suite)

For advice on storage of records on Portable Storage Devices (USBs, personal media, mobile removable media) refer to the Portable Storage Device (PSD) Use and Security Procedure.

Instruction steps and actions

1. Purpose

Creators of University records must ensure that steps are taken to create, capture, manage and dispose of electronic records in a compliant manner.

All University records in electronic form must be preserved for as long as required for legislative and business reasons.

Low value records or copies with no ongoing administrative, legal, evidential or historical value to the University are destroyed once reference ceases.

2. Shared drives (e.g. S:\Drive)

A shared network drive is not a substitute for a controlled recordkeeping system and should be used as an interim measure until saving into the University Electronic Document Management System (EDRMS) TRIM or other approved RMIT application.

If your records are currently managed on a shared drive, contact the Information Management for advice on a solution to resolve unstructured data held on shared drives. Migration into the University EDRMS (TRIM) should be strongly considered.

2.1. Responsibilities

During the transition to an EDRMS or controlled solution, the following responsibilities apply:

  • Information should only be removed or destroyed as prescribed in the Records retention and disposal procedure.
  • Use Folder and Records Naming Guidelines provided in the TRIM Desktop Client User Procedures Manual (PDF 5MB, 104 p).
  • Identify electronic records that require access restrictions (refer also to the Records Security Classification Procedure).
  • Contact the ITS Service Desk to ensure that access and security is managed by limiting access to view particular folders to authorised staff members.
  • Limit the number of people responsible for creating folders.
  • Schedule a review of items within the shared folders to avoid duplication and mismanagement.

3. Personal (H:\) Drives, Email accounts and Local (C:\ Drive and Desktop)

Personal drives are not a substitute for a controlled recordkeeping system and are used only as a short-term interim measure until saving into the University Electronic Document Management System (EDRMS) TRIM or other approved RMIT database.

Suitable records for this drive include: personal resumes and business records of a short-term facilitative nature.

Unsuitable records for this drive include: personal photographs, video or music files.

4. Email accounts

TRIM users should actively save University emails into TRIM where they constitute a University record in the definitions section.

ALL users must make a conscious decision to make or keep an email as a record. Do so if you need to show:

  • what happened, when it happened or who was involved
  • what was decided or recommended and by whom
  • what advice or instruction was given
  • the order of events or decisions.

If you are not sure, ask yourself:

  • did I write, send, use or keep this in the course of my work?
  • am I (or is someone else) required to act on this?
  • will this information be needed in the future?

If you answer ‘Yes’ to any of these questions, you should save your email to TRIM or approved system outside of Google mail or Outlook.

If TRIM is unavailable to you, contact your Power User for assistance or contact the Records Management Unit for advice.

Those who make important decisions or provide advice must use TRIM if their email records are likely to be required as evidence in 10 years or more. See the Retention and Disposal Procedure for more advice about appropriate retention of records.

For more guidance as email as a record, see TRIM Desktop Client User Procedures Manual (PDF 5MB, 104 p) - Section 6.05 Capturing an Email Message into TRIM.

4.1 Shared Mailboxes

A TRIM Power User is the recommended nominee in charge of an area’s shared mailbox. The following setup can apply:

  • Team members move high value email messages to your area’s shared mailbox. (To set up a shared mailbox contact IT Service Desk.)
  • File emails only after they have been sent
  • Save both message and attachments together, and
  • Save final message in thread into TRIM.

5. Electronic Document Management System (EDRMS) TRIM

TRIM is recognised as the University’s electronic document and records management system (EDRMS).

All University records, as detailed in the definitions section, must be captured in the University EDRMS (TRIM) and maintained in that system, with the exception of University records already captured in other approved electronic databases and applications.

6. Cloud Storage (Google Drive and Sites, and Third Party Providers)

Refer to the Managing Records in Google Instructions and the Managing Records in the Cloud Instructions.

7. Approved electronic databases and business systems

If unsure if your software is RMIT approved, refer to the RMIT Business Application Classification List, or contact the Information Management.

[Next: Supporting documents and information ]