Personnel Files are not confidential records and under the Ohio Public Records Laws are open to the public, with a few exceptions, most notably medical records, social security numbers, and peace officer, fire fighter or EMT's residential and familial information. In order to facilitate compliance with Public Records Laws, medical records should be maintained in a separate folder from the personnel file. When providing personnel information as a result of a public records request the social security number must be redacted from any documents before they are disclosed. Forms, correspondence, and reports generated during a disciplinary, grievance, harassment or discriminatory proceeding are public record. [See: Ohio 1347.01 take reasonable precaution to protect personal information from unauthorized modification, destruction, use or disclosure]. [See also: Federal Laws that effect records, Ferpa].
Confidential Records should be stored separately from personnel file and may include:
Physical examination reports
Disability establishment
Disabilities accommodation requests
Psychiatric records
Psychological records
Maternity Leave/FMLA/personal/medical leave documents
Medical Records (medical history, diagnosis, prognosis, or medical condition)
Workers compensation claim documents
Social security numbers (must be redacted from all public documents prior to disclosure)
Attorney-client communications to or from university attorneys concerning university legal matters
Trade secrets: scientific, technical business and other information that derives independent economic value from, which is maintained under, confidential circumstances. Faculty research, until such time as it is patented, copyrighted or otherwise voluntarily made public, may be classified as a confidential trade secret
Thursday, February 21, 2008
Federal Laws that effect records
FERPA (Family Educational Rights and Privacy Act): The Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99) is a Federal law that protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education. (Source: http://www.ed.gov/policy/gen/guid/fpco/ferpa/index.html)
SOX (Sarbanes-Oxley Act of 2002): The legislation establishes new or enhanced standards for all U.S. public company boards, management, and public accounting firms. It does not apply to privately held companies. The Act contains 11 titles, or sections, ranging from additional Corporate Board responsibilities to criminal penalties, and requires the Securities and Exchange Commission (SEC) to implement rulings on requirements to comply with the new law. (Source: http://en.wikipedia.org/wiki/Sarbanes-Oxley_Act) For further reading see: http://www.sec.gov/news/studies/principlesbasedstand.htm#executive
Fair Labor Standards Act: The Fair Labor Standards Act of 1938, as amended (referred to as "the Act" or "FLSA"), is published in law in sections 201-219 of title 29, United States Code. The Act provides for minimum standards for both wages and overtime entitlement, and spells out administrative procedures by which covered worktime must be compensated. Included in the Act are provisions related to child labor, equal pay, and portal-to-portal activities. In addition, the Act exempts specified employees or groups of employees from the application of certain of its provisions. (Source: http://www.opm.gov/flsa/overview.asp) Requires employers to retain for 3 years.
Family and Medical Leave Act (FMLA): Covered employers must grant an eligible employee up to a total of 12 workweeks of unpaid leave during any 12-month period for one or more of the following reasons:
for the birth and care of the newborn child of the employee;
for placement with the employee of a son or daughter for adoption or foster care;
to care for an immediate family member (spouse, child, or parent) with a serious health condition; or
to take medical leave when the employee is unable to work because of a serious health condition.
Source: (http://www.dol.gov/esa/whd/fmla/) Requires employers to retain for 3 years.
Federal Equal Employment Opportunity Laws (EEOC): The Federal laws prohibiting job discrimination are:
Title VII of the Civil Rights Act of 1964 (Title VII), which prohibits employment discrimination based on race, color, religion, sex, or national origin;
the Equal Pay Act of 1963 (EPA), which protects men and women who perform substantially equal work in the same establishment from sex-based wage discrimination;
the Age Discrimination in Employment Act of 1967 (ADEA), which protects individuals who are 40 years of age or older;
Title I and Title V of the Americans with Disabilities Act of 1990 (ADA), which prohibit employment discrimination against qualified individuals with disabilities in the private sector, and in state and local governments;
Sections 501 and 505 of the Rehabilitation Act of 1973, which prohibit discrimination against qualified individuals with disabilities who work in the federal government;
the Civil Rights Act of 1991, which, among other things, provides monetary damages in cases of intentional employment discrimination.
The U.S. Equal Employment Opportunity Commission (EEOC) enforces all of these laws. EEOC also provides oversight and coordination of all federal equal employment opportunity regulations, practices, and policies.
Other federal laws, not enforced by EEOC, also prohibit discrimination and reprisal against federal employees and applicants. The Civil Service Reform Act of 1978 (CSRA) contains a number of prohibitions, known as prohibited personnel practices, which are designed to promote overall fairness in federal personnel actions. 5 U.S.C. 2302. The CSRA prohibits any employee who has authority to take certain personnel actions from discriminating for or against employees or applicants for employment on the bases of race, color, national origin, religion, sex, age or disability. It also provides that certain personnel actions can not be based on attributes or conduct that do not adversely affect employee performance, such as marital status and political affiliation. The Office of Personnel Management (OPM) has interpreted the prohibition of discrimination based on conduct to include discrimination based on sexual orientation. The CSRA also prohibits reprisal against federal employees or applicants for whistle-blowing, or for exercising an appeal, complaint, or grievance right. The CSRA is enforced by both the Office of Special Counsel (OSC) and the Merit Systems Protection Board (MSPB). (Source: http://www.eeoc.gov/abouteeo/overview_laws.html) Requires employers to retain for 2 years.
Health Insurance Portability and Accountability Act of 1996 (HIPAA): The Standards for Privacy of Individually Identifiable Health Information (“Privacy Rule”) establishes, for the first time, a set of national standards for the protection of certain health information. The U.S. Department of Health and Human Services (“HHS”) issued the Privacy Rule to implement the requirement of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). 1 The Privacy Rule standards address the use and disclosure of individuals’ health information—called “protected health information” by organizations subject to the Privacy Rule — called “covered entities,” as well as standards for individuals' privacy rights to understand and control how their health information is used. Within HHS, the Office for Civil Rights (“OCR”) has responsibility for implementing and enforcing the Privacy Rule with respect to voluntary compliance activities and civil money penalties.
Protected Health Information. The Privacy Rule protects all "individually
identifiable health information" held or transmitted by a covered entity or its business associate, in any form or media, whether electronic, paper, or oral. The Privacy Rule calls this information "protected health information (PHI)."
(Source: http://www.hhs.gov/ocr/privacysummary.pdf) Requires employers to retain for 6 years.
SOX (Sarbanes-Oxley Act of 2002): The legislation establishes new or enhanced standards for all U.S. public company boards, management, and public accounting firms. It does not apply to privately held companies. The Act contains 11 titles, or sections, ranging from additional Corporate Board responsibilities to criminal penalties, and requires the Securities and Exchange Commission (SEC) to implement rulings on requirements to comply with the new law. (Source: http://en.wikipedia.org/wiki/Sarbanes-Oxley_Act) For further reading see: http://www.sec.gov/news/studies/principlesbasedstand.htm#executive
Fair Labor Standards Act: The Fair Labor Standards Act of 1938, as amended (referred to as "the Act" or "FLSA"), is published in law in sections 201-219 of title 29, United States Code. The Act provides for minimum standards for both wages and overtime entitlement, and spells out administrative procedures by which covered worktime must be compensated. Included in the Act are provisions related to child labor, equal pay, and portal-to-portal activities. In addition, the Act exempts specified employees or groups of employees from the application of certain of its provisions. (Source: http://www.opm.gov/flsa/overview.asp) Requires employers to retain for 3 years.
Family and Medical Leave Act (FMLA): Covered employers must grant an eligible employee up to a total of 12 workweeks of unpaid leave during any 12-month period for one or more of the following reasons:
for the birth and care of the newborn child of the employee;
for placement with the employee of a son or daughter for adoption or foster care;
to care for an immediate family member (spouse, child, or parent) with a serious health condition; or
to take medical leave when the employee is unable to work because of a serious health condition.
Source: (http://www.dol.gov/esa/whd/fmla/) Requires employers to retain for 3 years.
Federal Equal Employment Opportunity Laws (EEOC): The Federal laws prohibiting job discrimination are:
Title VII of the Civil Rights Act of 1964 (Title VII), which prohibits employment discrimination based on race, color, religion, sex, or national origin;
the Equal Pay Act of 1963 (EPA), which protects men and women who perform substantially equal work in the same establishment from sex-based wage discrimination;
the Age Discrimination in Employment Act of 1967 (ADEA), which protects individuals who are 40 years of age or older;
Title I and Title V of the Americans with Disabilities Act of 1990 (ADA), which prohibit employment discrimination against qualified individuals with disabilities in the private sector, and in state and local governments;
Sections 501 and 505 of the Rehabilitation Act of 1973, which prohibit discrimination against qualified individuals with disabilities who work in the federal government;
the Civil Rights Act of 1991, which, among other things, provides monetary damages in cases of intentional employment discrimination.
The U.S. Equal Employment Opportunity Commission (EEOC) enforces all of these laws. EEOC also provides oversight and coordination of all federal equal employment opportunity regulations, practices, and policies.
Other federal laws, not enforced by EEOC, also prohibit discrimination and reprisal against federal employees and applicants. The Civil Service Reform Act of 1978 (CSRA) contains a number of prohibitions, known as prohibited personnel practices, which are designed to promote overall fairness in federal personnel actions. 5 U.S.C. 2302. The CSRA prohibits any employee who has authority to take certain personnel actions from discriminating for or against employees or applicants for employment on the bases of race, color, national origin, religion, sex, age or disability. It also provides that certain personnel actions can not be based on attributes or conduct that do not adversely affect employee performance, such as marital status and political affiliation. The Office of Personnel Management (OPM) has interpreted the prohibition of discrimination based on conduct to include discrimination based on sexual orientation. The CSRA also prohibits reprisal against federal employees or applicants for whistle-blowing, or for exercising an appeal, complaint, or grievance right. The CSRA is enforced by both the Office of Special Counsel (OSC) and the Merit Systems Protection Board (MSPB). (Source: http://www.eeoc.gov/abouteeo/overview_laws.html) Requires employers to retain for 2 years.
Health Insurance Portability and Accountability Act of 1996 (HIPAA): The Standards for Privacy of Individually Identifiable Health Information (“Privacy Rule”) establishes, for the first time, a set of national standards for the protection of certain health information. The U.S. Department of Health and Human Services (“HHS”) issued the Privacy Rule to implement the requirement of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). 1 The Privacy Rule standards address the use and disclosure of individuals’ health information—called “protected health information” by organizations subject to the Privacy Rule — called “covered entities,” as well as standards for individuals' privacy rights to understand and control how their health information is used. Within HHS, the Office for Civil Rights (“OCR”) has responsibility for implementing and enforcing the Privacy Rule with respect to voluntary compliance activities and civil money penalties.
Protected Health Information. The Privacy Rule protects all "individually
identifiable health information" held or transmitted by a covered entity or its business associate, in any form or media, whether electronic, paper, or oral. The Privacy Rule calls this information "protected health information (PHI)."
(Source: http://www.hhs.gov/ocr/privacysummary.pdf) Requires employers to retain for 6 years.
Ohio Records Laws
9.01 Official records - preserving and maintaining
http://codes.ohio.gov/orc/gp9.01
149.011 Documents, reports, and records definitions
http://codes.ohio.gov/orc/149.011
149.33 State records program - office of state records administration.
http://codes.ohio.gov/orc/149.33
149.351 Prohibiting destruction or damage of records.
http://codes.ohio.gov/orc/149.351
149.40 Making only necessary records.
http://codes.ohio.gov/orc/149.40
149.43 Availability of public records for inspection and copying.
http://codes.ohio.gov/orc/149.43
149.432 Releasing library record or patron information.
http://codes.ohio.gov/orc/149.432
CHAPTER 1306: UNIFORM ELECTRONIC TRANSACTIONS ACT
http://codes.ohio.gov/orc/1306
CHAPTER 1347: PERSONAL INFORMATION SYSTEMS
http://codes.ohio.gov/orc/1347
http://codes.ohio.gov/orc/gp9.01
149.011 Documents, reports, and records definitions
http://codes.ohio.gov/orc/149.011
149.33 State records program - office of state records administration.
http://codes.ohio.gov/orc/149.33
149.351 Prohibiting destruction or damage of records.
http://codes.ohio.gov/orc/149.351
149.40 Making only necessary records.
http://codes.ohio.gov/orc/149.40
149.43 Availability of public records for inspection and copying.
http://codes.ohio.gov/orc/149.43
149.432 Releasing library record or patron information.
http://codes.ohio.gov/orc/149.432
CHAPTER 1306: UNIFORM ELECTRONIC TRANSACTIONS ACT
http://codes.ohio.gov/orc/1306
CHAPTER 1347: PERSONAL INFORMATION SYSTEMS
http://codes.ohio.gov/orc/1347
E-mail and Voice Mail Policies
All official records as defined by Section 149.011 of the Ohio Revised Code, (paper, microform, electronic, or any other media) will be retained for the minimum periods stated in the Records Retention for Public Colleges and Universities in Ohio: A Manual (Inter-University Council of Ohio, 2000).
The Ohio Revised Code does not provide a specific definition for electronic mail but it does state that: “any document, device, or item, regardless of physical form or characteristic, created or received by or coming under the jurisdiction of any public office of the state or its political subdivisions.”
The above statement clearly qualifies the case of e-mail being a record, just like paper or any other medium is as well. The question than is not if e-mail is a viable record (it is not medium but the content that needs to analyzed) that should be saved but whether it should be saved because of its content.
There are four categories to consider in appraising e-mail content:
Non-record messages – personal (non-business) communication, such as lunch plans and meeting reminders.
Transitory messages – communication with limited significance, such as discussions on scheduling meetings, draft documents, and discussion threads.
Intermediate Messages – communication related to business processes or procedures, but are only substantial within given time period of significance, such as contract agreements, invoices, and project plans.
Permanent messages – communication related to business processes or procedures that are meaningful beyond an established time period, such as policy announcements and mission statements.
Non-record and transitory messages can be immediately deleted. Intermediate Messages must be seen in the context that they were created in. Intermediate e-mail messages and their attachments must be retained for the minimum periods stated in Records Retention for Public Colleges and Universities in Ohio: A Manual (Inter-University Council of Ohio, 2000). If the records are permanent historical messages they must be printed and filed with correspondence or creating documents for eventual transfer to the YSU Archives (please see: transfer procedures).
It is recommended that voice mail not be used to conduct university business, especially for sending and receiving intermediate and permanent messages.
Transferring records to the archives
Some of the records listed in your office's Schedule will state that they should be transferred to the University Archives. These records are considered permanently valuable for historical reasons. Fill out the Records Transfer Form (online), obtain the appropriate signatures and forward to the archive. Contact the University Archives (330-941-3788) prior to transferring these records to the University Archives. The following is an example of a filled Transfer form. Please use the Records Retention for Public Colleges and Universities in Ohio: A Manual (Inter-University Council of Ohio, 2000).
Records Management: Getting Started
- Read the Youngstown State University Records Management Mission and Policies.
- Each department director is the liaison and responsible official for the records within their jurisdiction. They are to contact the University Archives at (330-941-3788) to set up a records training session.
- Once training is complete, commence a file folder analysis of the records in your office or under your care using the Records Retention Cheat Sheet. The schedule will be based upon the Records Retention for Public Colleges and Universities in Ohio: A Manual (Inter-University Council of Ohio, 2000).
- Once the schedule is complete it will be reviewed by the University Counsel and Archivist.
- The Schedule is to be used for the disposition of all records created by your office. A Records Destruction Form must be completed and approval from the University Counsel and Archivist attained prior to the destruction of records.
- Records that are designated as permanent historical will be transferred to the University Archives using the Records Transfer Form. Any questions concerning E-mail, please see E-mail and Voice mail policies.
- Creation of new Records Series in a office mandates an immediate review and revision of the Records Retention Schedule. Please contact the YSU Archives.
Youngstown State University Records Management Mission & Policy Statement
In compliance with Section 149.33 of the Ohio Revised Code, Youngstown State University, by the authority of its Board of Trustees, has established a records management program under the jurisdiction of the President’s Office and University Archives & Special Collections for the purpose of insuring proper scheduling, storage and disposal of university records. Records Retention for Public Colleges and Universities in Ohio: A Manual (Inter-University Council of Ohio, 2000) will be used as the basis for Youngstown State University’s records management program. This program is designed to reduce the number of non-current records occupying expensive office space, eliminate unnecessary duplication of records between offices, offer a systematic method of records destruction and create an awareness of documents with a permanent archival value.
Youngstown State University recognizes the need for orderly management and retrieval of all official records and a documented records retention and destruction schedule congruent with all state and federal laws and related regulations. All official records as defined by Section 149.011 of the Ohio Revised Code, (paper, microform, electronic, or any other media) will be retained for the minimum periods stated in the Records Retention for Public Colleges and Universities in Ohio: A Manual (Inter-University Council of Ohio, 2000). After a specified period of time, official records must be disposed of in a manner that is consistent with, and systematically carried out in accordance with, prescribed records and information management guidelines and procedures.
The Records Retention for Public Colleges and Universities in Ohio: A Manual provides a list of official records for each department on the campus and prescribes the periods of authorized retention. The schedule may be revised periodically to include a newly created record series, to change retention periods, or to delete a record series no longer useful. Appropriate approval procedures must be followed and completed before any revisions would become effective.
All records to be kept for a minimum periods listed in the Records Retention for Public Colleges and Universities in Ohio: A Manual. Notwithstanding such minimum retention periods, all records must be maintained until all required audits are completed and should be retained beyond the listed retention periods when there is a probability of litigation either involving records or requiring their use.
Records may not be destroyed without first insuring that all legal requirements and retention periods have been met as listed in the Records Retention for Public Colleges and Universities in Ohio: A Manual. Records not listed in the Manual must be reviewed by the University General Council and the University Archivist before destruction is approved. Before final destruction a certificate of records disposal form needs to be filed to report that the records retention schedule has been met and documents have been disposed of according to institutional policy.
Youngstown State University recognizes the need for orderly management and retrieval of all official records and a documented records retention and destruction schedule congruent with all state and federal laws and related regulations. All official records as defined by Section 149.011 of the Ohio Revised Code, (paper, microform, electronic, or any other media) will be retained for the minimum periods stated in the Records Retention for Public Colleges and Universities in Ohio: A Manual (Inter-University Council of Ohio, 2000). After a specified period of time, official records must be disposed of in a manner that is consistent with, and systematically carried out in accordance with, prescribed records and information management guidelines and procedures.
The Records Retention for Public Colleges and Universities in Ohio: A Manual provides a list of official records for each department on the campus and prescribes the periods of authorized retention. The schedule may be revised periodically to include a newly created record series, to change retention periods, or to delete a record series no longer useful. Appropriate approval procedures must be followed and completed before any revisions would become effective.
All records to be kept for a minimum periods listed in the Records Retention for Public Colleges and Universities in Ohio: A Manual. Notwithstanding such minimum retention periods, all records must be maintained until all required audits are completed and should be retained beyond the listed retention periods when there is a probability of litigation either involving records or requiring their use.
Records may not be destroyed without first insuring that all legal requirements and retention periods have been met as listed in the Records Retention for Public Colleges and Universities in Ohio: A Manual. Records not listed in the Manual must be reviewed by the University General Council and the University Archivist before destruction is approved. Before final destruction a certificate of records disposal form needs to be filed to report that the records retention schedule has been met and documents have been disposed of according to institutional policy.
Subscribe to:
Comments (Atom)