10.3 Records Management

Added: 04/06/2021
Revised: 04/06/2021
Last Reviewed: 04/06/2021
Effective: 05/07/2021








MGA POLICY NAME: Records and Information Management Policy


POLICY: Middle Georgia State University (MGA) shall abide by all applicable federal and state laws and Board of Regents (BOR) of the University System of Georgia (USG) policies pertaining to Records and Information Management.


This policy establishes a comprehensive records management framework to ensure that the University's operations are conducted in accordance with relevant legal obligations, and to encourage proactive, accountable management.


The University is committed to the systematic management and retrieval of official University records and recognizes the importance of data, information, and records for the success of its institutional activities. The University shall establish and administer a records and information management program for the life cycle of a record, regardless of media.


CONTEXT: This policy applies to all University employees, and records (regardless of location or format) made or received in the transaction of University business.


The University hereby establishes a Records and Information Management (RIM) program to provide structure, responsibilities, and procedures in accordance with applicable federal and state laws and regulations. The University hereby adopts the USG Records Retention Schedules as developed by the BOR as it may be amended from time to time, or superseded by law, as the model for the retention of official University's records.


The Chief Data Officer, the University Counsel, the Chief Information Officer, and University Librarian in consultation with MGA’s Data Governance Structure of Data Stewards and Data Trustees is authorized to draft procedures and guidelines for compliance with this Policy.



  • Short Title: “Records Management”
  • Original Draft Date: 1/11/20
  • Previous Version: 7/31/2018 - Records Management Policy
  • Policy Manager: University Counsel


Additional Resources:


  • Georgia Records Act O.C.G.A. § 50-18-90 et seq. (
  • Georgia Attorney General - Official Site
  • Georgia Privacy Act O.C.G.A. § 16-11-62 et seq.
  • Georgia Open Records Act O.C.G.A. § 50-18-70 et seq.
  • BOR Policy on Records Retention (BOR Policy Manual 1.0.4)
  • BOR Human Resources Administrative Practice Manual
  • BOR Business Procedures Manual (Data Governance and Management Section 12.3.5
  • University System of Georgia's Records Management and Archives
  • Georgia Archives, Records Services
  • USG Records Retention Schedules (link)
  • Federal Records Act - US Department of Education - Official Site
  • Privacy Act of 1974 - US Department of Justice- Official Site
  • Family Educational Rights and Privacy Act (FERPA) - US Department of Education
  • HIPAA Privacy Rule - United States Department of Health and Human Services
  • National Archives and Records Administration
  • Gramm-Leach-Bliley Act (GLBA)
  • General Data Protection Regulation (GDPR)


Associated MGA Policies, Standards, Procedures, and Documents:

  • MGA Open Records Policy 10.3.1
  • MGA Records Disposal 10.3.2
  • MGA Records Retention 10.3.3
  • MGA Records Retrieval 103.4
  • MGA Records Disaster Recovery 10.3.5
  • MGA Cyber Security Policy 11.4
  • MGA Data Governance Policy 10.4
  • MGA FERPA Policy 10.2
  • MGA GLBA Standard
  • MGA GDPR Procedures
  • MGA HIPAA Procedures
  • MGA Privacy Policy 10.6
  • MGA Privacy Standard
  • MGA Research Compliance 12.1
  • MGA Data Stewardship and Access Standard

MGA Open Records Policy