Amazing Opportunities

for everyone

Apply Now

Information and Record Management Policy

PURPOSE
The purpose of this policy is to outline the principles and processes for information and record management at Global Leadership Institute (GLI).

PRINCIPLES

  • All GLI information and records are appropriately created, managed, maintained, and disposed of in accordance with legislative requirements, policy, and recognised standards of best practice.
  • Record and information keeping practices are set up to support all activities of the Institute and are consistent and at a suitable standard across the Institute.
  • Levels of responsibility are established regarding record and information keeping pertaining to all functions, processes, activities, and transactions of the Institute.
  • GLI provides appropriate security and access over records.
  • GLI ensures that historical documents are captured and preserved.
  • GLI acknowledges that records and information are to be created to document or facilitate the transactions of all business activities. Business rules and procedures are to be put in place to ensure that requirements to make records and information are documented and that systems are in place to facilitate the creation of records. All staff are to be made aware of their responsibilities to make records.
  • Records and information are to be created at the time or as soon as practicable after the event to which they relate. All records and information created by GLI are to provide a correct reflection of what was done, communicated, or decided.
  • Records and information created or received by GLI are to be routinely captured into an approved record and or information keeping system and appropriate metadata created and captured, or otherwise associated with records or information.
  • Record and information keeping systems and storage facilities are designed and implemented to protect records and information from unauthorised access, alteration, deletion, or loss. Unauthorised access, alteration or destruction of records or information is forbidden by GLI policies and procedures. Migration of records and information from one system to another is to be controlled, documented and compliant with best practice.
  • Records and information are to be linked to their business context, which includes records and information relating to the same business activity or transaction. The location and use of records and information is to be recorded and tracked. Records and information are to be accessible for as long as they are required and disposed of in accordance with the approved procedures.
  • Records and information must be disposed of in accordance with legislative requirements, policy, and recognised standards of best practice.

DEFINITIONS
Appraisal: evaluation of business activities to determine which records and information should be retained and the period of retention to meet legislative requirements, business needs and organisational accountability.

Archive: non-current records or information, for permanent retention.
Classification Scheme: grouping records and information according to their functionality.

Disposal: range of activities involved in retention, deletion, or destruction of records.

Disposal Schedule: list of various records or information and the period of time the record must be retained. It may also indicate the time at which records or information should be transferred to secondary storage.

Disposal trigger: event such as, action completed or superseded, from which the disposal date is calculated.

Destruction: destroying a record or information, either the physical destruction or permanent deletion of a record or information.

Document: information treated as a unit of information.

ICT: Information Communication Technology, including associated resources, which relate to the capture, storage, retrieval, transfer, communication, or dissemination of information through electronic media. This includes hardware, software, networks, recording equipment, web-based systems, databases, files, software licenses, computing-related contracts, network bandwidth, usernames, passwords, documentation, and electronic mail.

Other Entities – External organisations which may provide cloud solutions (e.g. Microsoft, Amazon Web Services) and host services such as Turnitin.

Record: information created or received by GLI which provides evidence of relevant activities, irrespective of the technology or medium used to generate, capture, manage, preserve, and access information.

Record Management System: information system used to capture and provide access to records.

Retention: period a record or information should be retained by the institution before final disposal. It may also indicate when records or information should be transferred to secondary storage or archived.

Sentence: identifying and classifying a record or information according to the Disposal Schedule.

User: all staff, students, contractors, visitors, alumni, and all other people who legitimately access and use computing resources, information technologies and networks owned or managed by GLI.

ROLES AND RESPONSIBILITIES
Registrar is responsible for ensuring that all record management legislative requirements are met.
Records Officer is responsible for records management at the operational level, ensuring the implementation of this policy.
Section Managers are delegated record management responsibility:

 
Record Area Section Manager Responsible
Student Records Registrar
Financial Records Finance Manager
Staff & Payroll Records HR Manager
Curriculum Records Program Director
Legal & Contracts President
Library Librarian

 

All staff are responsible for creating appropriate and accurate records of the business activities and affairs of GLI.

PRIVACY
GLI adheres to the principles and requirements in the Privacy Amendment (Private Sector) Act 2000, Privacy and Personal Information Protection Act 1998 (PPIPA), Health Records and Information Privacy Act 2002 (HRIPA), and Privacy Amendment (Notifiable Data Breaches) Act 2017.  Where relevant GLI will also meet its compliance obligations with the EU General Data Protection Regulation 2016/679 (GDPR).

Users are responsible for maintaining appropriate access restrictions for their files, as well as protecting their passwords. Users who knowingly allows another person to use their username or password may be found responsible for any inappropriate use on the part of that person. Distribution of name lists, e-mail addresses, home addresses, or other means of contact will not be provided without the express permission of the persons involved. Neither shall the security codes or passwords of GLI users be divulged to others.

Invasion of the privacy of any person using GLI’s ICT is prohibited. GLI reserves the right to supervise the entire network to preserve the security of GLI and all users. GLI respects the privacy of users and does not routinely inspect or monitor use of ICT resources. However, GLI does not guarantee the security and privacy of data created, stored, or transmitted upon its ICT systems, including any user’s electronic mail and/or electronic files. Information reports will be available to GLI which can subsequently be used for matters such as system performance and availability, capacity planning, cost re-distribution and the identification of areas for personal development.

Authorised GLI staff may access information in the following situations:

  • legal request for public disclosure of public records;
  • GLI record retention requirements;
  • routine system maintenance;
  • investigations of misconduct, consistent with all legal requirements and with the approval of the delegated supervisor. This provision applies to monitoring of employee accounts when the monitoring is done because of suspected illegal activity or policy violations;
  • monitoring of GLI accounts.

Security Information
GLI may record visits to GLI websites and log information for statistical and business purposes. This includes a user’s address, user’s domain name, IP address, date and time of visit, pages accessed, and previous site visited. Identification of the user may also be requested and logged. If the person is not a GLI student or staff member, the email address of sent messages will be recorded.

GLI websites have security measures in place against the loss, misuse, and alteration of information. Generally, a login and password are required to visit secure areas. This is to ensure that information is displayed only to the intended person. Individuals are responsible to always keep their password secure.

Some GLI courses and/or units require the use of forums, on-line teaching environments, message boards and/or news groups. Any information that is disclosed in these areas becomes public information and it is the responsibility of the user to exercise caution when deciding to disclose personal information.

STUDENT RECORDS
GLI maintains accurate and up-to-date student records of enrolments, progression, completions, and award of qualifications. Official academic records of the grades achieved by a student in a course are stored permanently by GLI in a secure central system. The Registrar is responsible for ensuring the safety, accuracy, privacy, and order of all student records. Electronic storage is password protected and hard copy information is filed securely in a locked facility. The Information Technology Manager is responsible for protecting against the loss of electronic student records by ensuring appropriate backup of data.

Student files are kept in a secure location and can only be accessed by authorised GLI personnel. Students can access their personal information by making this request to the Records Officer who reports to the Registrar. Students may request to have incorrect personal information corrected by contacting the Records Officer and providing documentation to support the change.

Students are provided with accurate information about the use and disclosure of their student records, which includes the disclosure of information to external parties, such as the Commonwealth, tuition assurance scheme operators and accreditation bodies.

RESEARCH RECORDS
In accordance with the Australian Code for the Responsible Conduct of Research, GLI implements risk-based protections for research data (progressive or final data/information gathered for research by GLI academic staff and students) to guard from accidental or malicious manipulation or loss. This includes regular testing of retrieval and retention for at least five years.

Training
All staff will receive record management training as part of their orientation.

Auditing
Regular auditing of record management activities takes place. This ensures that records are being created and maintained correctly and an accurate record of GLI’s business activities and affairs is being captured in the record management system.

Creation of Records

  • Records are added to the recordkeeping system at the time of creation or receipt of a document.
  • Wherever possible records are held in electronic format.
  • All records are classified according to the appropriate record keeping naming conventions. The record classification scheme is used to classify all GLI’s records.
  • Where possible, records are sentenced at the time of creation in accordance with the appropriate disposal schedule.

Record Maintenance

  • All records are stored for their period of retention.
  • All records are accessible.
  • All records (electronic and hard copy) are maintained in good condition.

Records will be retained in a useable and accessible form for at least the minimum retention period contained within the applicable Retention & Disposal Schedule as approved by the Queensland State Archivist (https://www.qld.gov.au/recreation/arts/heritage/archives). Electronic records will be sentenced in accordance with an approved Retention and Disposal Schedule and appraised prior to their transition to inactive storage, permanent retention, or their disposal. Only delegated record management officers are authorised for record removals.

Retention and Disposal of Records

  • All records should be disposed of according to the appropriate disposal schedule.
  • All records must to be sentenced according to the appropriate disposal schedule.
  • The disposal date must set according to the disposal trigger.
  • No records can be destroyed of without the permission of the Records Manager.
  • All records that are destroyed must be recorded in a register of “Destroyed Records”.
  • The destruction process must be secure to ensure confidentiality.

GLI will ensure that high-risk, high-value and permanent records will be kept in an approved record keeping system to ensure the record is discoverable, accessible, and managed throughout their lifecycle.

Records retention requirements vary to support accountability, and for legal, knowledge and historical reasons. Management of records within a business context and/or system, and the resources needed for their retention, needs to be prioritised based on risks to GLI if the record was unable to be located or authenticated as accurate.

Before any record is stored with an external storage provider, the Records Officer must be provided with a catalogue of the records to be stored with the provider. GLI is responsible for any costs associated with records storage with external storage providers.

Disposal authority adheres to the GLI Delegations Schedule.

Archiving Records
Inactive records should be archived with the approval of the Records Officer.
The archive will include records that must be held indefinitely and inactive records during their retention period.

Record Security

  • Records must not be altered and all care must be taken not to damage records.
  • Access to records will be limited by a password hierarchy.
  • All records will be kept in a secure environment.
  • GLI’s Critical Incident Policy is in place to minimise the potential loss of records.

Records handling

  • Section procedures may only be prepared and used with the approval of the Records Officer.
  • Current Section Procedures:
  • Student Records Management Procedure
  • Finance Management Procedure

NOTIFYING AND HANDLING OF BREACHES
Users are responsible for reporting possible breaches of this policy to the IT Manager. The IT Manager is responsible for handling potential breaches for users in accordance with the Code of Conduct Policy. Penalties for misuse of ICT resources may range from loss of access to accounts, to formal disciplinary action up to and including dismissal, or in some more serious instances criminal or civil proceedings.

RECORDS TO KEEP
Common records kept and managed by GLI include, but are not limited to:

  • Academic programs: development, approvals, management, and review
  • Assets: infrastructure and equipment controls, registers, maintenance, warranties, security
  • Audits: process, internal due diligence, or as required
  • Disaster management and business continuity – plans, manuals, debriefs
  • Facilities: buildings, infrastructure; library, maintenance
  • Financial: data, audits, fraud prevention
  • Governance records: agendas, attachments, minutes, delegations, polices
  • Grants and scholarships: case files and arrangements
  • Insurance: materials
  • Learning and Teaching: content, exams, assessment
  • Marketing: campaigns and materials
  • Research: ethical clearance, data/information, patents
  • Staff: CVs, scholarship, induction, training, misconduct issues
  • Student records: enrolments, orientation, progression, completions, award of qualifications, academic transcripts, academic integrity matters, student support, safety, and security
  • Vital Records: essential for the ongoing business of GLI. These include, but are not limited to, contracts, deeds, memoranda of understanding, licences, evidence of ownership of physical and intellectual property, and other records documenting legal authority.
  • Work health and safety: administration, training, incidents, reporting, wellbeing

DISASTER MANAGEMENT PLAN
Risk prevention, response, and recovery strategies for protecting and recovering GLI records in the event of a disaster are implemented through a Disaster Management Plan. The plan ensures that vital records receive the highest salvage priority.

Scope

Whole Institute

Key Stakeholder

All Staff

Fact Box

Owner : Registrar

Approval Body : Executive Management Team

Endorsement Body : Executive Management Team

Category : Management

Approval Date :

Review Date :

Version :

Related Policies :

Close

Associate Professor Jason Hartley

Jason Hartley is lecturer in criminology at Griffith University in Brisbane, Australia. He is a former police officer with 23 years of experience, and has trained personnel for deployment in Timor Leste, the Solomon Islands, Iraq and Afghanistan. Jason specializes in, and has published on engagement with Muslim communities, Indigenous Polynesian approaches to rehabilitation and reducing recidivism, and Asian Organised Crime. Jason also completed a community internship in Hebron on the West Bank.

Close

Simone Fulcher

Simone Fulcher is the Campus Manager at Global Leadership Institute responsible for managing the day-to-day operations for the campus. Simone has previously worked in the education sector for over 5 years where she has enjoyed helping young minds realise their potential. Simone also has a history of volunteer work assisting various communities in improving their quality of life in places such as New South Wales, Guam, and Palau. Simone still enjoys volunteering, currently organising events for young adults in Southeast Queensland and helping them form connections their fields of interest.

Close

Professor Grant Pitman

Professor Grant Pitman is the president of the Global Leadership Institute. He has held senior leadership roles in government such as Chief Superintendent of Police and Director of Strategic Planning ICT in the Queensland Police Service;

  • Varied list of contributions to law enforcement, including disaster management, auditing and finance, organizational reform, education and human resources, and policy development
  • National, state, and regional levels of professional service, including the Ipswich Economic Forum, the Brisbane Airport Emergency Planning Committee, the National Emergency Communications Working Group, the National Police Drug and Alcohol Task Force, and the Police Education Advisory Council.

He has a Ph.D. and Master of Administration from Griffith University. He is a well-versed researcher and has published numerous articles and journals.

Close

Professor Kevin Tickle

Professor Kevin Tickle has extensive experience in Executive Management roles in the tertiary education sector, both public and private, over the last two decades and has been a consultant to Higher Education providers in Australia and overseas. His primary areas of interest are Leadership, Management, Information Technology, Mathematics and Statistics with expertise in the areas of probability modelling; decision support, and data analytics. He is currently a Fellow of the Australian Institute of Management, a member of the Institution of Engineers, Australia, the Australian Computer Society and an Emeritus Professor at CQUniversity.

Close

Mr Des Lacy OAM

Des serves as Secretary/Treasurer of the Asia Pacific Chapter of FBI National Academy Associates, after completing 40 years in the Queensland Police Service. During his distinguished career, Des was District Officer (A/Chief Superintendent) in Charge of the Gold Coast Police District, Police Commander for the Gold Coast Indy, Super V8s, Gold Coast Marathon, and Schoolies, as well as National Rugby League and Australian Foot League events in Brisbane and the Gold Coast. Des oversaw development and implementation of the Integrated Justice Information Systems, Integrated Traffic Policing Program, and Integrated Tasking and Analysis System. He served as Director of the Strategic Services Branch and Information and Communications Technology Command, as well as Chair of the District Disaster Management Group and Security Operations Coordinator for the 2018 Commonwealth Games. 

Des has been a member of Rotary International for 30 years, representing Rotary International in the United States and the Middle East. For his work in the Gold Coast Community Des was awarded Citizen of the Year at the 2013 Gold Coast Australia Day celebrations. Des also was one of the founding Directors for the Oxenford and Coomera Community Youth Centre that provides much needed social services to the Northern Gold Coast Community. For the past 15 years, he has also been the Chair of this not-for-profit establishment. It. For his work promoting International Law Enforcement Des was awarded the Order of Australia Medal in 2017.

Qualifications

Graduate Diploma of Management

Graduate Certificate Business Management 

Bachelor of Business

Close

Katherine Weissel

Katherine is a security and risk specialist with 25 years’ experience in an Australian Police Force, leading teams and responding to emergency events, complex investigations, and counterterrorism.  She has led and managed several major crime, counterterrorism and public safety operations and investigations, and coordinated teams within police operations centres and major incident rooms.  She has delivered training across multiple Australian jurisdictions in emergency response, counterterrorism, and investigations; and specialised in cyber operations in the counterterrorism environment for a number of years.  She has also been deployed to international jurisdictions supporting complex war crimes investigations and prosecutions.  Since moving into the private sector, Katherine has provided consulting and training services in the areas of security and risk, organisational governance & investigations, and cybersecurity.  Katherine is a sessional tutor in tertiary education in criminal justice studies specialising in counterterrorism, global law, crime and justice, and cybercrime.  She has presented to state and national security, cybersecurity and governmental conferences on contemporary physical & cyber threats and risk management.  Katherine has also been involved in research teams examining government responses to terrorism and extremism, and cybersecurity policy.

Close

Dr Shantanu Banerjee

Dr Shantanu Banerjee is senior lecturer at Leaders Institute. With extensive experience in management, leadership, and administration across a range of contexts in India and Australia, Dr Banerjee is also currently an Industry Fellow at the University of Queensland Business School. His research focuses on socio-cultural-political contexts, particularly in the field of agribusiness and international business. His research has highlighted variations in the theme of international competitiveness by emphasising non-economic and non-market variables and on how multinational enterprises subsidiaries can pursue legitimacy pursuing non-market strategies. 

Dr Banerjee has presented his research work at esteemed international conferences such as ANZIBA and EIA and has published in scholarly journals including International Business Review and Management International Review. He graduated from the Institute of Foreign Trade, New Delhi (India) and the University of Queensland Business School. He has been an academic staff member at the University of Queensland and Queensland University of Technology, lecturing in undergraduate and postgraduate programs. Dr Banerjee has over 15 years of extensive and varied experience as an International Business Manager dealing and negotiating with overseas clients based in the United States of America, China, Japan, Canada, Switzerland, and Germany. He is currently employed with a Federal agency of the Australian Treasury. 

Qualifications

Doctor of Philosophy, University of Queensland, 2012

Master of Research, Queensland University of Technology, 2005

Master of Business, Queensland University of Technology, 2003

Postgraduate Diploma in International Trade, Indian Institute of Foreign Trade, 1986

Bachelor of Mechanical Engineering

Indian Institute of Foreign Trade, 1985

 

Communities of Practice

  • Editorial Board, Academy of International Business
  • Editorial Board, European Academy of Management
  • Editorial Board, Leadership & Management Studies in Sub-Sahara Africa Conference
  • Editorial Board, International Journal of Entrepreneurship and Small Business
Close

Associate Professor Ben Arachi

BIOGRAPHY

Associate Professor Ben Arachi has four decades (1977-2023) of experience in higher education leadership and teaching. During his 15 years as Unit Coordinator at Central Queensland University, he received two Excellence in Teaching Awards and was nominated for the Vice-Chancellor’s Award for Outstanding Contributions to Learning and Teaching and the Australian Awards for University Teaching. His online learning study was published in Economics for Today (Cengage 2022).

Previously, Associate Professor Arachi  served as Vice Principal, Head of the Department of Extension and Research, and Editor-in-Chief of the academic journal at Arul Anandar College, India (1992-1997). He was then Research Coordinator and Course Coordinator (1999-2008), as well as Chair of the Division of Economics (2000-2005) at HELP University, Malaysia. This included senior involvement in the application to become a University College and then a full University.

Associate Professor Arachi also has over 20 years of experience as a higher degree research supervisor, moderator, and examiner for doctoral degrees. In his five years as a Coordinator of All India Christian Higher Education, he organised numerous state-level seminars and workshops for academics in higher education in India. He has published four monographs, many research papers and articles while editing the Research AAC Journal of Economics. He has reviewed many higher education textbooks.

QUALIFICATIONS

  • Doctor of Philosophy, Madursi Kamaraj University, India, 1989

  • Master of Arts, University of Madras, 1975 (Gold Medalist)

  • Bachelor of Arts, Madursi Kamaraj University, India, 1973 (University Rank and Merit Scholarship)

  • Diploma in Applied Economics, Madursi Kamaraj University, India, 1980

ACADEMIC LEADERSHIP

  • Member, Academic Board, 2023-current

  • Chair, Examiners Committe, 2023-current

  • Member, Course Advisory Committee, 2022-current

AWARDS

  • Central Queensland University Student Voice Commendation. The 2021 program includes unit evaluation data from term 3, 2020 and terms 1 and 2, 2021.

  • Central Queensland University  Student Voice Commendation. The 2020 program includes unit evaluation data from term 3, 2019 and terms 1 and 2, 2020.

  • Central Queensland University Central Queensland University Platinum certificate Top rated Unit in Term 2, 2019

  • Central Queensland University Gold certificate Highly rated Unit in Term 2,2019 (ACCT20070)

  • Gold certificate Highly rated Unit in Term 2,2019 from CQU(ECON11026)

  • Charles Sturt University Excellence in Teaching Award (ECO511)

Close

Dr Bandula Nambukara-Gamage

Dr Bandula Nambukara-Gamage is a Senior Lecturer of Accounting and Finance at James Cook University, Brisbane campus. He currently teaches Bachelor of Commerce, Bachelor of Accounting, Master of Professional Accounting, and Master of Business Administration students based on the Brisbane campus. Dr Nambukara-Gamage has previously lectured at Central Queensland University, Federation University, and Charles Darwin University.

QUALIFICATIONS

Doctor of Philosophy, University of New England, 2013

Master of Commerce

Licentiate Certificate (recognised by the Institute of Chartered Accountants of Australia)

Bachelor of Business Administration (Honours)

Close

Professor Rod St Hill

Professor Rodney St Hill is the former President of Leaders Institute (2018-2020) and serves as Senior Pastor (2016-current) at IgniteLife Church Gold Coast, where he heads IgniteLife Business, an outreach to Christians in business. He is a leader in the global Business As Mission movement. He also consults on governance and executive management in higher education and business, with a particular special interest in Christian education institutions and businesses.

Previously, Professor St Hill was a long-term senior leader and Vice President Academic of Christian Heritage College, Brisbane. With the input of his colleagues and many others in his network, he developed business curriculum that embeds the ‘5 P missional business’ model – a model of production, people, planet, and profit. He was also Dean of Students, among other roles, at University of Southern Queensland (1993-2009).

QUALIFICATIONS

Doctor of Philosophy, University of Cantebury, 1989

Bachelor of Commerce (Hons 1), University of Newcastle, 1979

EXTERNAL EXPERT REVIEWER

External Member, various course assessment panels in business, management and leadership at Alphacrucis College, Australian College of Divinity, and Avondale University College, 2014 to 2020

Member: Australian Institute of Company Directors

COMMUNITIES OF PRACTICE

Member: Economic Society of Australia

External Expert, Tertiary Education Quality and Standards Agency (TEQSA), 2019-current

Close

Information and Record Management Policy

PURPOSE
The purpose of this policy is to outline the principles and processes for information and record management at Global Leadership Institute (GLI).

PRINCIPLES

  • All GLI information and records are appropriately created, managed, maintained, and disposed of in accordance with legislative requirements, policy, and recognised standards of best practice.
  • Record and information keeping practices are set up to support all activities of the Institute and are consistent and at a suitable standard across the Institute.
  • Levels of responsibility are established regarding record and information keeping pertaining to all functions, processes, activities, and transactions of the Institute.
  • GLI provides appropriate security and access over records.
  • GLI ensures that historical documents are captured and preserved.
  • GLI acknowledges that records and information are to be created to document or facilitate the transactions of all business activities. Business rules and procedures are to be put in place to ensure that requirements to make records and information are documented and that systems are in place to facilitate the creation of records. All staff are to be made aware of their responsibilities to make records.
  • Records and information are to be created at the time or as soon as practicable after the event to which they relate. All records and information created by GLI are to provide a correct reflection of what was done, communicated, or decided.
  • Records and information created or received by GLI are to be routinely captured into an approved record and or information keeping system and appropriate metadata created and captured, or otherwise associated with records or information.
  • Record and information keeping systems and storage facilities are designed and implemented to protect records and information from unauthorised access, alteration, deletion, or loss. Unauthorised access, alteration or destruction of records or information is forbidden by GLI policies and procedures. Migration of records and information from one system to another is to be controlled, documented and compliant with best practice.
  • Records and information are to be linked to their business context, which includes records and information relating to the same business activity or transaction. The location and use of records and information is to be recorded and tracked. Records and information are to be accessible for as long as they are required and disposed of in accordance with the approved procedures.
  • Records and information must be disposed of in accordance with legislative requirements, policy, and recognised standards of best practice.

DEFINITIONS
Appraisal: evaluation of business activities to determine which records and information should be retained and the period of retention to meet legislative requirements, business needs and organisational accountability.

Archive: non-current records or information, for permanent retention.
Classification Scheme: grouping records and information according to their functionality.

Disposal: range of activities involved in retention, deletion, or destruction of records.

Disposal Schedule: list of various records or information and the period of time the record must be retained. It may also indicate the time at which records or information should be transferred to secondary storage.

Disposal trigger: event such as, action completed or superseded, from which the disposal date is calculated.

Destruction: destroying a record or information, either the physical destruction or permanent deletion of a record or information.

Document: information treated as a unit of information.

ICT: Information Communication Technology, including associated resources, which relate to the capture, storage, retrieval, transfer, communication, or dissemination of information through electronic media. This includes hardware, software, networks, recording equipment, web-based systems, databases, files, software licenses, computing-related contracts, network bandwidth, usernames, passwords, documentation, and electronic mail.

Other Entities – External organisations which may provide cloud solutions (e.g. Microsoft, Amazon Web Services) and host services such as Turnitin.

Record: information created or received by GLI which provides evidence of relevant activities, irrespective of the technology or medium used to generate, capture, manage, preserve, and access information.

Record Management System: information system used to capture and provide access to records.

Retention: period a record or information should be retained by the institution before final disposal. It may also indicate when records or information should be transferred to secondary storage or archived.

Sentence: identifying and classifying a record or information according to the Disposal Schedule.

User: all staff, students, contractors, visitors, alumni, and all other people who legitimately access and use computing resources, information technologies and networks owned or managed by GLI.

ROLES AND RESPONSIBILITIES
Registrar is responsible for ensuring that all record management legislative requirements are met.
Records Officer is responsible for records management at the operational level, ensuring the implementation of this policy.
Section Managers are delegated record management responsibility:

 
Record Area Section Manager Responsible
Student Records Registrar
Financial Records Finance Manager
Staff & Payroll Records HR Manager
Curriculum Records Program Director
Legal & Contracts President
Library Librarian

 

All staff are responsible for creating appropriate and accurate records of the business activities and affairs of GLI.

PRIVACY
GLI adheres to the principles and requirements in the Privacy Amendment (Private Sector) Act 2000, Privacy and Personal Information Protection Act 1998 (PPIPA), Health Records and Information Privacy Act 2002 (HRIPA), and Privacy Amendment (Notifiable Data Breaches) Act 2017.  Where relevant GLI will also meet its compliance obligations with the EU General Data Protection Regulation 2016/679 (GDPR).

Users are responsible for maintaining appropriate access restrictions for their files, as well as protecting their passwords. Users who knowingly allows another person to use their username or password may be found responsible for any inappropriate use on the part of that person. Distribution of name lists, e-mail addresses, home addresses, or other means of contact will not be provided without the express permission of the persons involved. Neither shall the security codes or passwords of GLI users be divulged to others.

Invasion of the privacy of any person using GLI’s ICT is prohibited. GLI reserves the right to supervise the entire network to preserve the security of GLI and all users. GLI respects the privacy of users and does not routinely inspect or monitor use of ICT resources. However, GLI does not guarantee the security and privacy of data created, stored, or transmitted upon its ICT systems, including any user’s electronic mail and/or electronic files. Information reports will be available to GLI which can subsequently be used for matters such as system performance and availability, capacity planning, cost re-distribution and the identification of areas for personal development.

Authorised GLI staff may access information in the following situations:

  • legal request for public disclosure of public records;
  • GLI record retention requirements;
  • routine system maintenance;
  • investigations of misconduct, consistent with all legal requirements and with the approval of the delegated supervisor. This provision applies to monitoring of employee accounts when the monitoring is done because of suspected illegal activity or policy violations;
  • monitoring of GLI accounts.

Security Information
GLI may record visits to GLI websites and log information for statistical and business purposes. This includes a user’s address, user’s domain name, IP address, date and time of visit, pages accessed, and previous site visited. Identification of the user may also be requested and logged. If the person is not a GLI student or staff member, the email address of sent messages will be recorded.

GLI websites have security measures in place against the loss, misuse, and alteration of information. Generally, a login and password are required to visit secure areas. This is to ensure that information is displayed only to the intended person. Individuals are responsible to always keep their password secure.

Some GLI courses and/or units require the use of forums, on-line teaching environments, message boards and/or news groups. Any information that is disclosed in these areas becomes public information and it is the responsibility of the user to exercise caution when deciding to disclose personal information.

STUDENT RECORDS
GLI maintains accurate and up-to-date student records of enrolments, progression, completions, and award of qualifications. Official academic records of the grades achieved by a student in a course are stored permanently by GLI in a secure central system. The Registrar is responsible for ensuring the safety, accuracy, privacy, and order of all student records. Electronic storage is password protected and hard copy information is filed securely in a locked facility. The Information Technology Manager is responsible for protecting against the loss of electronic student records by ensuring appropriate backup of data.

Student files are kept in a secure location and can only be accessed by authorised GLI personnel. Students can access their personal information by making this request to the Records Officer who reports to the Registrar. Students may request to have incorrect personal information corrected by contacting the Records Officer and providing documentation to support the change.

Students are provided with accurate information about the use and disclosure of their student records, which includes the disclosure of information to external parties, such as the Commonwealth, tuition assurance scheme operators and accreditation bodies.

RESEARCH RECORDS
In accordance with the Australian Code for the Responsible Conduct of Research, GLI implements risk-based protections for research data (progressive or final data/information gathered for research by GLI academic staff and students) to guard from accidental or malicious manipulation or loss. This includes regular testing of retrieval and retention for at least five years.

Training
All staff will receive record management training as part of their orientation.

Auditing
Regular auditing of record management activities takes place. This ensures that records are being created and maintained correctly and an accurate record of GLI’s business activities and affairs is being captured in the record management system.

Creation of Records

  • Records are added to the recordkeeping system at the time of creation or receipt of a document.
  • Wherever possible records are held in electronic format.
  • All records are classified according to the appropriate record keeping naming conventions. The record classification scheme is used to classify all GLI’s records.
  • Where possible, records are sentenced at the time of creation in accordance with the appropriate disposal schedule.

Record Maintenance

  • All records are stored for their period of retention.
  • All records are accessible.
  • All records (electronic and hard copy) are maintained in good condition.

Records will be retained in a useable and accessible form for at least the minimum retention period contained within the applicable Retention & Disposal Schedule as approved by the Queensland State Archivist (https://www.qld.gov.au/recreation/arts/heritage/archives). Electronic records will be sentenced in accordance with an approved Retention and Disposal Schedule and appraised prior to their transition to inactive storage, permanent retention, or their disposal. Only delegated record management officers are authorised for record removals.

Retention and Disposal of Records

  • All records should be disposed of according to the appropriate disposal schedule.
  • All records must to be sentenced according to the appropriate disposal schedule.
  • The disposal date must set according to the disposal trigger.
  • No records can be destroyed of without the permission of the Records Manager.
  • All records that are destroyed must be recorded in a register of “Destroyed Records”.
  • The destruction process must be secure to ensure confidentiality.

GLI will ensure that high-risk, high-value and permanent records will be kept in an approved record keeping system to ensure the record is discoverable, accessible, and managed throughout their lifecycle.

Records retention requirements vary to support accountability, and for legal, knowledge and historical reasons. Management of records within a business context and/or system, and the resources needed for their retention, needs to be prioritised based on risks to GLI if the record was unable to be located or authenticated as accurate.

Before any record is stored with an external storage provider, the Records Officer must be provided with a catalogue of the records to be stored with the provider. GLI is responsible for any costs associated with records storage with external storage providers.

Disposal authority adheres to the GLI Delegations Schedule.

Archiving Records
Inactive records should be archived with the approval of the Records Officer.
The archive will include records that must be held indefinitely and inactive records during their retention period.

Record Security

  • Records must not be altered and all care must be taken not to damage records.
  • Access to records will be limited by a password hierarchy.
  • All records will be kept in a secure environment.
  • GLI’s Critical Incident Policy is in place to minimise the potential loss of records.

Records handling

  • Section procedures may only be prepared and used with the approval of the Records Officer.
  • Current Section Procedures:
  • Student Records Management Procedure
  • Finance Management Procedure

NOTIFYING AND HANDLING OF BREACHES
Users are responsible for reporting possible breaches of this policy to the IT Manager. The IT Manager is responsible for handling potential breaches for users in accordance with the Code of Conduct Policy. Penalties for misuse of ICT resources may range from loss of access to accounts, to formal disciplinary action up to and including dismissal, or in some more serious instances criminal or civil proceedings.

RECORDS TO KEEP
Common records kept and managed by GLI include, but are not limited to:

  • Academic programs: development, approvals, management, and review
  • Assets: infrastructure and equipment controls, registers, maintenance, warranties, security
  • Audits: process, internal due diligence, or as required
  • Disaster management and business continuity – plans, manuals, debriefs
  • Facilities: buildings, infrastructure; library, maintenance
  • Financial: data, audits, fraud prevention
  • Governance records: agendas, attachments, minutes, delegations, polices
  • Grants and scholarships: case files and arrangements
  • Insurance: materials
  • Learning and Teaching: content, exams, assessment
  • Marketing: campaigns and materials
  • Research: ethical clearance, data/information, patents
  • Staff: CVs, scholarship, induction, training, misconduct issues
  • Student records: enrolments, orientation, progression, completions, award of qualifications, academic transcripts, academic integrity matters, student support, safety, and security
  • Vital Records: essential for the ongoing business of GLI. These include, but are not limited to, contracts, deeds, memoranda of understanding, licences, evidence of ownership of physical and intellectual property, and other records documenting legal authority.
  • Work health and safety: administration, training, incidents, reporting, wellbeing

DISASTER MANAGEMENT PLAN
Risk prevention, response, and recovery strategies for protecting and recovering GLI records in the event of a disaster are implemented through a Disaster Management Plan. The plan ensures that vital records receive the highest salvage priority.

Scope

Whole Institute

Key Stakeholder

All Staff

Close

Amazing Opportunities

for everyone

Apply Now