Records Management Policy

1. Purpose

The National Army Museum (NAM) is committed to ensuring that the information it creates is managed to the highest standards and in accordance with legislative and regulatory requirements. 

We recognise that records created by the Museum are an essential business resource, and an important source of administrative, evidential and historical information. The effective management of these records should ensure authenticity, reliability, integrity and usability.

2. Scope

The Records Management Policy aims to provide a framework for managing the Museum’s records, setting out roles and responsibilities, and embedding good record keeping practice at the centre of all the Museum’s activities.

This policy covers all records in all formats created by the Museum, and is relevant to the work of all employees, contractors and volunteers at the NAM.

3. Definitions and regulatory references

The following regulations are used as a basis for the NAM Records Management Policy:

• ISO 15489 Records Management
• The Lord Chancellor’s Code of Practice on the Management of Records (2000)
• The Freedom of Information Act (2000)
• The Data Protection Act (2018)
• The Charities Act (2011)
• The Limitations Act (1980)
• The Public Records Act (1958, 1967)

4. Responsibilities

All members of Museum staff have responsibility for the security and disposal of the records they create, and for attending related training. They must follow guidance on using the Museum’s shared drive and policies on Freedom of Information and Data Protection.

The following staff have defined responsibilities:

• The Senior Information Risk Officer (SIRO) is responsible for management of information risk and security within the Museum.
• The Head of Archives, Library and Information is responsible for records management functions, including the provision of guidance, oversight of compliance, and secure records access and storage.
• The Information Officer is responsible for promoting good record keeping and compliance with privacy regulations, as well as supporting staff with records retention.
• The Information Asset Owners are responsible for managing their information assets, and reporting to the SIRO on information risk and security.
• The Leadership team is responsible for promoting and ensuring compliance with records management policies and procedures.

5. Policy statement

The National Army Museum recognises the importance of records management, which should:

• Improve operational efficiency through access to, and sharing of, information, and allowing for rapid response to enquiries.
• Improve information security and support government directives on transparency and data reuse.
• Support and provide evidence of Museum activity and develop corporate memory.
• Control the growth of paper and electronic files and maximise storage space.
• Protect the interests of the Museum with the provision of complete and accurate information.
• Meet legislative and statutory requirements.

The following principles will guide all aspects of the records management framework:

• Accountability
• Transparency
• Integrity
• Protection
• Compliance
• Accessibility
• Retention
• Disposition

6. Implementation

Records management procedures support this policy, covering the transfer of records to semi-current storage, retention and disposal, and the management of historical records within the NAM’s Institutional Archive.

The policy will be implemented through activities led by the records management principles:

• Accountability: records will be retained for business, regulatory, legal and accountability purposes, through identification and review of records created, and regular update of the retention schedule.
   
• Transparency: relevant policies will be published, and requested information supplied in response to Freedom of Information and Data Protection legislation, where appropriate.
   
• Integrity: types and formats of records created and held will be identified, and methods of checking the  integrity of born-digital investigated and implemented.
   
• Protection: physical and born-digital records will be stored securely, and with appropriate access permissions applied.
   
• Compliance: procedures will be benchmarked against guidance issued by the ICO, TNA and other accredited organisations.
   
• Accessibility: appropriate mechanisms and permissions for internal access to records will be developed and used, and procedures for sharing of information with third parties will be promoted across the Museum.
   
• Retention: a regular review of the retention schedule, and related advocacy work, will be carried out to ensure the standardised retention of records.
   
• Disposition: the disposal of records held in semi-current storage will be monitored and audited, and support offered to staff regarding the disposal of born-digital records.

Records management is included in new starter inductions, and information management issues are discussed by the Information Asset Owner’s Group.

7. Associated documents

• Records Management Procedures
• Freedom of Information Policy
• Privacy Policy