Records Management

1. Policy

Issued: August 15, 2008
Last Revised: June 5, 2023
Last Reviewed: June 5, 2023

2. Policy Purpose

This policy provides guidance on the preservation of records, which should be maintained for legal and operational purposes, and outlines proper record destruction procedures.

3. Scope and Application

All units of the university are responsible for ensuring appropriate use, retention, and destruction of university records by establishing and following record management practices consistent with this policy. Retention periods for various categories of records are set forth in the Record Management Appendix referenced in Section 6 of this policy. The university is committed to record management in accordance with applicable laws and regulations as well as established best practices, reasonable business judgment, and common sense. Management of records must meet legal standards, optimize the use of both electronic and physical space, preserve the university’s history, and ensure that records that no longer derive any business value, or are redundant, or outdated be destroyed.

Certain departments designated as official repositories are charged with setting record management standards to assure consistent record management throughout the university. Other departments must follow these standards. The media on which records are stored (for example: paper, various electronic media, or film) does not change the length of time they should be retained. The protection of security and privacy of information must be integral to both the maintenance and destruction of records. For more information, please refer to the Information Security Logging and Monitoring Policy for the types of information requiring enhanced protections.

4. Definitions

N/A

5. Policy Details

University records include all records created and received to support the educational, research and administrative activities of the university. They may be paper originals or copies or electronic files. Records generated as electronic mail (as e-mail or attachments) should be retained as either paper copies or stored on electronic media with appropriate storage and back-up protocols. E-mail is retained on university servers for no longer than sixteen months.

Official repositories have been established for the following types of records:

  • Employment and Payroll
  • Business and Financial
  • Student
  • Research
  • Donor
  • Archival

Departments or individuals (i.e., principal investigators) designated as official repositories of university records is responsible for the management of university records under their care and jurisdiction. This responsibility includes the destruction of university records that have no archival value when the applicable retention period has passed. Standards for the retention of various categories of records are established by the official repositories listed in the Records Management Appendix as referenced in Section 6. Departments designated as official repositories may, in consultation with the Office of the General Counsel and the Compliance Office, make changes to retention standards.

Record retention periods may be increased or decreased by government regulation, judicial or administrative order, private or governmental contract, pending litigation or audit requirements. Such modifications supersede the requirements established by the official repositories. Any record that is subject to a legal hold issued by the Office of the General Counsel must be preserved notwithstanding any other retention period or policy until that hold is lifted. Suspension of record destruction required for any of these reasons will be accomplished by notice from the Office of the General Counsel or the Office of Compliance.

6. Procedures

No records may be destroyed unless and until the applicable retention periods expires. Any records subject to a legal hold issued by the Office of the General Counsel must be preserved notwithstanding any other retention period or policy until that hold if lifted. When records are destroyed, they must be destroyed in accordance with the following:

  • Non-confidential paper records may be recycled,
  • Confidential or sensitive records must be shredded, and may only then be recycled; and
  • Electronic records must be fully erased or destroyed. USC’s Office of the CISO may provide further guidance on electronic record destruction.

7. Forms

8. Responsibilities

POSITION or OFFICERESPONSIBILITIES
1. Office of the General Counsel
2. USC Office of the CISO Data Protection Team
1. Questions concerning legal requirements for document retention.
2. Advise and provide guidance on digital document retention, destruction, and security

9. Related Information

The University Archives are a component of the USC Libraries Special Collections. The archive promotes knowledge and understanding of the university’s origins, aims, programs, and goals. The records permanently stored in the archive include records and reports of the university, its officers and component parts, including faculty and students; maps and architectural records; audiovisual materials including still photographs and negatives, motion picture film, oral history interviews, audio and video tapes; and artifacts and ephemera documenting the university’s history.

Archival records are inactive records no longer retained to meet legal standards or serve an educational or administrative purpose, but which have permanent or historic value. The university archives will not accept records which require the enhanced security and privacy standards detailed in the Information Security Policy. For information concerning the archiving of records, consult the university archivist at (213) 740-2587.

Please contact the official repository with questions you have about established retention standards for the types of records under their care.

10. Contacts

Please direct any questions regarding this policy to:

OFFICEPHONEEMAIL
1. USC Office of the General Counsel
2. USC Office of the CISO Data Protection Team

1. (213) 740-7922
2. (213) 740-7197
 
1.gcoffice@usc.edu
2. cio@usc.ed