Â鶹ÊÓƵ

Procedure for Managing Records 

Organize Your Records 

• University records must be categorized as official records or transitory records.
  The following links will provide information to assist you in your decisions:
  • Records Basics
  • Identification and Destruction of Transitory Records
• Transitory records should be destroyed
  • Transitory Records are deleted (email, Google Storage, network storage, C:\ drive, paper etc.).
  • Paper records must be securely shredded.
• Official records must be stored in the Unit's approved record keeping system.
  • Note: Official records should be stored in Network Drives, Google Shared Drives, Alfresco or applications (e.g. ClockWork, Advance). Email systems, local storage and My Drives are not considered appropriate systems for storing Official Records.

Use Only Approved Storage Locations for Official Records

Note: Talk to your Manager or Supervisor to determine which storage locations apply.

• Google Shared Drives, Google My Drive, Network Drives, and approved applications are designated records repositories for official University Records. 
• Your inbox should not be used as a storage space for University Records. 
  • For more information on University Record storage, see Organizing Information.
• Records repositories must have their access actively managed. 
  • Promptly remove departing staff 
  • Ensure University Records are not on abandoned drives following staff departure
  • Remove access for those who no longer require access to certain records or repository locations. 
• Records lifecycles must be managed in accordance with an approved Records Retention Schedule (RRS), including following disposition processes and timelines set out in the RRS.

Managing University Records When Working From Home 

Using Information

• You are creating University Records: No matter where you’re working from, you’re creating University Records. Your obligations to manage and protect records remain the same. 
• Keep to the Facts: Include only the information necessary to document the activity or decision. Limit including personal anecdotes, jokes, etc. in the same record that documents the decision. 
• Don’t Procrastinate: Don’t put off tomorrow what you can do today! Manage records as they are created and received.
• Consider alternatives to paper approval processes: Consider using electronic approvals and signatures when possible. Find additional guidance in the Electronic Approvals and Signatures Procedure. 

Organizing Information 

• Identify an Office of Responsibility: Know who is responsible for the Official copy of a record. Reference the Email Management Guideline for who should capture emails when sent and received.
• Use Google Drive to Share documents: Prevent duplication and manage access by sharing links on Google Drive, as opposed to attaching documents to multiple emails, creating multiple transitory copies. 
• Adopt Naming Conventions: Keep records organized with file naming conventions.

Deleting Information 

• Get rid of Transitory Records on a regular basis and as a part of your daily workflows.
• Consult the Retention Schedule before disposing of any Official Records.

Protecting Information 

• Keep what you need - Protect what you keep: Official University Records should be kept securely and access limited to those that have a need to know. 
• Ensure your home computer network is secure: Follow the University’s Guidelines for Working Remotely and Securely Working from Home to understand technology requirements when working from home
• Be cautious when printing University Records at home: Avoid printing when working from home. If you do print, you MUST carefully safeguard hard copy records against access by others and must manage them in accordance with the University’s Information Management and Information Technology Policies. This includes secure destruction techniques such as the use of electronic shredders, etc. 

Information Security Incidents and Privacy Breaches

If you encounter an information security incident or privacy breach, ensure that others in the home do not have access to confidential or personal information. Do not leave information unattended in your vehicle or at home. Only use a shared device or computer if you have a unique user profile that is password protected.

A University employee who is aware that an information security incident or privacy breach may have occurred must take immediate action to stop and contain it, and contact the appropriate people within the University.

If the potential incident/breach involves information technology resources, then the incident should be reported immediately.

Managing University Records When an Employee Leaves

Employees have a responsibility to manage and maintain all records that they create as part of their job and as an employee of the University. When an employee leaves a position, all records under the control of that employee should be reviewed by the employee. This includes records in shared spaces about which the employee has sole or substantial knowledge.

Employees will:

• Identify official electronic and paper records and move them to the appropriate departmental records system;
• Delete or destroy transitory records and other materials that do not have ongoing or enduring value to the University; and
• Ensure official records are stored in an appropriate system.

Guidance for Emojis and Recordkeeping

As communication evolves, so does the definition of records that document these communications.The use of emojis, once informal shorthand, are now being used to formally approve decisions, document acknowledgement and/or understanding and convey personal opinions. 

However, it is important to note that there is currently no official dictionary or standard for the meaning and use of emojis. Often used by individuals to convey basic ideas they are also used as a matter of expression of a personal sentiment. Emojis can convey different meanings to different people depending on factors such as demographic and context. Consequently, we recommend not using emojis when creating official University Records. Rather, we recommend that text be used to document agreements, approvals, decisions, etc. so as to avoid miscommunication and/or understanding.

 The IPRMO provides the following guidance for the use of emojis. 

• All approvals should be written in full text. Emojis should not be used to confirm receipt of a request for an official or formal approval. 
• Emojis should not be included in any official record (including email) that documents a business transaction or is necessary to fulfil legal, regulatory, or business requirements. 
• Emojis should be avoided in official records, especially in circumstances where the writer's personal emotions are not germane to the decision, etc. that are frequently accessed via access to information requests. 

Acceptable uses of emojis include, but are not limited to transitory records such as: 

• In Google Chats (provided the chat history is limited to 24 hours); and
• In personal communications that are not official University records. 

While the use of emojis continues to evolve in communications, there is increased complexity with their use in official records. A determined that a contract had been formed as a result of a party responding to a text message with a “thumbs up” emoji (South West Terminal Ltd. v Achter Land, 2023 SKKB 116). In this case, the court found that the emoji conveyed both the identity of the signer and the acceptance of the contract, and the sender was therefore liable for not fulfilling their duties in the contract. 

Questions? Contact the Information, Privacy and Records Management Office at privacy@ualberta.ca. 

Related Resources and Contacts

• Records Management Policy
• Records Basics
• Disposing of Records
• • Email: archives@ualberta.ca
• Chief Information Security Office 
  • Email: ciso@ualberta.ca
• Information Services and Technology Working Resources
  • Contact: Log in to the