Records and Information Management (Policy)

Records and Information Management (Policy)

Legislative History:

Approved by Audit Committee: 2004/04/08; Approved by the Board 2004/04/26; Date Effective 2004/04/26; Amended 2006/06/19

Approval Authority: Board of Governors

Signature: Marshall Cohen

Description: Establishes policy for management of records and information at York University. Has associated guidelines and procedures.


I. Definition

  1. Record” means any record of information however recorded, whether in printed form, on film, by electronic means or otherwise, and includes:
    1. correspondence, a memorandum, a book, a plan, a map, a drawing, a diagram, a pictorial or graphic work, a photograph, a film, a microfilm, a sound recording, a videotape, a machine readable record, any other documentary material, regardless of physical form or characteristics, and any copy thereof, and
    2. any record that is capable of being produced from a machine readable record under the control of the University by means of computer hardware and software or any other information storage equipment and technical expertise normally used by the institution.
  2. Personal Information” means recorded information about an identifiable individual, including:
    1. information relating to the race, national or ethnic origin, colour, religion, age, sex, sexual orientation or marital or family status of the individual,
    2. information relating to the education or the medical, psychiatric, psychological, criminal or employment history of the individual or information relating to financial transactions in which the individual has been involved,
    3. any identifying number, symbol or other particular assigned to the individual,
    4. the address, telephone number, fingerprints or blood type of the individual,
    5. the personal opinions or views of the individual except where they relate to another individual,
    6. correspondence sent to the University by the individual that is implicitly or explicitly of a private or confidential nature, and replies to that correspondence that would reveal the contents of the original correspondence,
    7. the views or opinions of another individual about the individual, and
    8. the individual’s name where it appears with other personal information relating to the individual or where the disclosure of the name would reveal other personal information about the individual.

II. Scope

  1. This Policy and its Guidelines and Procedures apply to all records within the custody or under the control of the University, including those records relating to the operation and administration of the University and those records containing information relating to faculty, staff and students individually.
  2. This Policy and its Guidelines and Procedures do not apply to:
    1. research and study notes, teaching materials, reports, manuscripts, publications and personal communications of individual faculty, staff and students (unless specifically commissioned or prepared under contract for the University or prepared in the context of administrative work); or
    2. records placed in the University Archives by or on behalf of a person or organization other than the University.

III. Policy

This Policy is designed to provide for the efficient and effective management of the University's records.

  1. Basic Principles
    1. The University shall promote orderly and efficient creation, use, maintenance, retention and disposition of records, and provide for records to be retained and preserved or destroyed according to legal, fiscal and statutory requirements, archival value and administrative or operational needs.
    2. The University shall provide for the preservation of those records which will document its activities and history.
    3. The University shall develop practical guidelines for records and information management at the University, including a general framework for managing records that are common to university offices.
  2. Records Creation and Maintenance
    1. Each administrative unit of the University shall create, receive, use and maintain records that relate to the administration or operation of the University. These records are and remain the property of the University.
    2. The University shall take the necessary steps to maintain its records, including personal information, with sufficient security to protect privacy and confidentiality, and permit disclosure of records and information where appropriate (see York University Policy on Access to Information and Protection of Privacy and Freedom of Information and Protection of Privacy Act).
  3. Authority and Responsibility
    The Board of Governors delegates the authority and responsibility for establishing a records and information management program and approving records retention and disposition schedules to the University Secretary and General Counsel.