Record Keeping Basics

Guidance
Records Management Advice
Last updated:

This guide provides records practitioners within Western Australian State organisations basic information for creating and managing records. Non-government organisations may also find this guide useful for developing records management programs.

In accordance with s.3(2) of the State Records Act 2000 (the Act), record keeping relates to:

  • creating, maintaining, indexing, organising, storing, preserving, securing, retaining and managing records and
  • maintaining, preserving, securing and retaining the means by which any information on a record can be recovered.   

Special note: Royal Commission into Institutional Responses to Child Sexual Abuse (2017)

Some recommendations from this Royal Commission relate to creating and keeping records of child sexual abuse cases or allegations, and records that may become relevant to future cases or allegations. Organisations should consider what records need to be retained, based on the level of their activities or services involving children. 

What is a record?

A record is information created or received by an organisation as part of its business. Records may be in any format that can be read and understood, such as paper files and documents, emails, spreadsheets, PDFs, databases, photographs, maps, tape recordings, messaging apps and social media posts. 

Why should my organisation keep records?

Organisations rely on well-managed information to provide evidence of business activities. Keeping full and accurate business records means an organisation can account for its actions, report on its activities and, if necessary, defend itself to external parties. In time, business records become the corporate memory, or history, of the organisation.

State organisations in WA must comply with record keeping requirements outlined in the Act, and the organisation’s approved record keeping plan.  

Who should create and keep records?

Executive staff including Chief Executive Officers (CEO) and Director Generals (DG) are ultimately responsible for the management of government records. Records practitioners also have specific record keeping responsibilities such as maintaining relevant record keeping systems, providing staff with support and training, and arranging for authorised retention and disposal of records. 

Why have record keeping policies and procedures?

Organisations need good records management based on clear record keeping policies and procedures. Policies should set out an organisation’s expectations for making full and accurate records of its business. Standard operating procedures provide clear instructions regarding record keeping tasks and staff responsibilities.  

What should be recorded?

An organisation should record actions, decisions, and commitments arising from communications or meetings, whether internal or external, formal or informal.  

Examples of business records might include:

  • meeting agenda and minutes
  • a file note of a meeting to discuss a specific issue
  • an email from a manager, authorising purchase of an item
  • a letter sent to a client in response to a query
  • an email raising a workplace safety issue
  • a social media post about changes to the organisation’s services
  • official communications via a messaging app or mobile
  • photographs of organisation events
  • raw and processed data  

Special note: Royal Commission into Institutional Responses to Child Sexual Abuse (2017)

Organisations must carefully consider what sorts of records may be relevant to an actual or alleged incident of child sexual abuse and retain them accordingly. 

How do I make a record?

Records can be kept in the format in which they are created (photograph, email, spreadsheet). In some cases, it may be necessary to create a record manually, particularly for important conversations and telephone calls. File notes should be made soon after an important conversation or meeting so all relevant information can be captured, including:

  • details of the meeting or conversation – date, time, type of communication, names of people involved, and organisations represented
  • content of the meeting or conversation – topics discussed, any decisions or commitments made, actions required  
  • other details – author, file number, date written

For capturing records in social media and messaging apps, organisations should develop procedures for extracting and storing information. For instance, capturing information from messaging apps may involve taking screenshots of conversations. Microsoft Teams has a print-to- PDF option that enables long conversations to be captured, which could then be uploaded to a records management system. Talk to your IT specialist about the software your organisation uses to learn the best ways to capture conversations within social media and messaging apps. See the Records Management Advice Social Communication Tools for more information.

Do I need to keep a hard copy or electronic record?

The Act does not require records to be kept in any particular form. Records can be kept digitally or on paper, or as a combination of the two. There is no need to print digital records unless the organisation has a specific business requirement to do so.

Organisations can digitise, or scan, paper records to improve access to them or save physical storage space. Digitisation can be an expensive and time-consuming process. Consider costs against potential benefits before starting a scanning project.  

For Western Australian State organisations: If you intend to destroy the original record after scanning, the SRO’s General Disposal Authority for Reproduced Source Records must be followed.

How do I manage records?

To establish a record keeping program in your organisation, the following activities should be considered:

  • Correspondence capture:  
    • Organisations should keep a record of any correspondence that they send or receive, whether hard copy or digital. This provides evidence of the correspondence and enables it to be retrieved as needed.  
  • Naming and Filing:  
    • When creating documents, it is important to name them consistently so your organisation can easily identify and retrieve them. When filing records, group similar matters or issues together.
  • Digital records:  
    • Most organisations create digital records. These may be created and kept in an Electronic Document and Records Management System, a Customer Relationship Management System, or other software. Whichever is used, it is important to have processes in place to ensure that digital records remain complete, secure, accessible and reliable.  Digital records need to be carefully managed and migrated over time to ensure they are still readable and useable. Be aware that there will be ongoing costs for backups and maintenance, and these may increase substantially as the volume of data increases.
  • Storage and Access:
    • Identify who needs access to specific records and where they can be securely stored. Access to some records, such as confidential or sensitive matters, may need to be restricted to certain people or positions. Any specific access provisions should be formally documented. Records should be kept in suitable storage, offering protection from potentially harmful environmental conditions. You might need to consider issues such as appropriate shelving or cabinets, fire protection, and security.  If needed, onsite or commercial providers may be used for physical and digital storage.
  • Disaster Management:
    • Records can be damaged or lost to fire, floods, mould, insects, computer viruses or vandalism. Organisations should have a disaster management plan to ensure records are protected.
  • Training:
    • Consider how to make staff and volunteers aware of record keeping responsibilities and processes. This may form part of the induction process when people join the organisation or as part of a regular training program. Training methods should suit your organisation’s size and resources and might include face-to-face sessions (group or individual), updates at staff meetings, email circulars, and/or external training courses.  
  • Disposal:
    • Disposal relates to the action affecting records once they have reached their designated retention period. Disposal actions include destruction and archiving. Records that are due for destruction have no ongoing value and should be destroyed in such a way that ensures no information is retrievable. State archives are records that have ongoing value and should be permanently retained. See below for more information about keeping records. 

For how long do I need to keep records?

The purpose of a record will determine how long you need to keep it. Most records do not have permanent value, but some records are State archives. Disposal of records can only be done using an approved retention and disposal authority. You can use a General Retention and Disposal Authority published by the SRO, or a Sector Disposal Authority, or an organisation specific retention and disposal authority. These authorities will help you to identify when records should be destroyed or retained as State archives.  

For non-government organisations: Disposal of records should be done in line with an agreed, documented policy or set of rules. The SRO’s General Retention and Disposal Authorities cover common administration disposal rules which can be used as a guide. 

How do I destroy records?

The organisation’s principal/chief officer, or delegate, must sign off on lists of records to be destroyed. Destruction must be done in accordance with agreed business rules. Records must be destroyed to the extent that no information can be recovered. This is particularly important if computers or other equipment are being sold or re-used. Hard copy records can be shredded or pulped. Digital records can be destroyed by deliberately altering the data or by physically destroying the storage medium.  

For more information about record keeping, see the SRO's Records Management Advice.

Have a question or want to report a problem?

Fill in the form to get assistance or tell us about a problem with this information or service.

Send feedback